7613 matches found
CVE-2026-5721
The wpDataTables WordPress plugin is affected by a stored cross-site scripting (XSS) vulnerability in all versions up to 6.5.0.4. The root cause is insufficient input sanitization and output escaping in prepareCellOutput() for the LinkWDTColumn, ImageWDTColumn, and EmailWDTColumn classes. The vul...
CVE-2026-5721 wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin <= 6.5.0.4 - Unauthenticated Stored Cross-Site Scripting via CSV/Excel Data Import
The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 6.5.0.4. This is due to insufficient input sanitization and output escaping in the prepareCellOutput method of the...
Security Updates for Microsoft Office Products (April 2026) (macOS)
The version of Microsoft Office for Mac installed on the remote host is affected by multiple vulnerabilities as referenced in the april-14-2026 advisory. - Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. CVE-2026-33095, CVE-2026-33115 - Out-of-boun...
CVE-2026-39424
MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, the chat export feature is vulnerable to Improper Neutralization of Formula Elements in a CSV File. When an administrator exports the application chat history to an Excel file .xlsx via the...
ThreatsDay Bulletin: Defender 0-Day, SonicWall Brute-Force, 17-Year-Old Excel RCE and 15 More Stories
You know that feeling when you open your feed on a Thursday morning and it's just... a lot? Yeah. This week delivered. We've got hackers getting creative in ways that are almost impressive if you ignore the whole "crime" part, ancient vulnerabilities somehow still ruining people's days, and enoug...
CVE-2026-41034
ONLYOFFICE DocumentServer before 9.3.0 has an untrusted pointer dereference in XLS processing/conversion via pictFmla.cbBufInCtlStm and other vectors, leading to an information leak and ASLR bypass...
CVE-2026-41034
ONLYOFFICE DocumentServer before 9.3.0 has an untrusted pointer dereference in XLS processing/conversion via pictFmla.cbBufInCtlStm and other vectors, leading to an information leak and ASLR bypass...
PT-2026-33272
ONLYOFFICE DocumentServer before 9.3.0 has an untrusted pointer dereference in XLS processing/conversion via pictFmla.cbBufInCtlStm and other vectors, leading to an information leak and ASLR bypass...
DocumentServer 安全漏洞
DocumentServer is an open-source online collaboration suite developed by ONLYOFFICE. It supports real-time collaborative editing of documents, spreadsheets, presentations, and other formats. Versions of DocumentServer prior to 9.3.0 contained security vulnerabilities. These vulnerabilities stemme...
CVE-2026-32198
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
CVE-2026-32199
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
CVE-2026-32189
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
CVE-2026-32197
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
CVE-2026-32188
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally...
EUVD-2026-22569
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
EUVD-2026-22581
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
EUVD-2026-22583
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
EUVD-2026-22567
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally...
EUVD-2026-22579
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
CVE-2026-32198
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally...