EUVD-2026-4403

In the Linux kernel, the following vulnerability has been resolved: net: usb: rtl8150: fix memory leak on usbsubmiturb failure In asyncsetregisters, when usbsubmiturb fails, the allocated asyncreq structure and URB are not freed, causing a memory leak. The completion callback asyncsetregcb is...

EUVD-2026-4431

Not used...

EUVD-2026-4443

The KiviCare – Clinic & Patient Management System EHR plugin for WordPress is vulnerable to arbitrary file uploads due to missing authorization checks in the uploadMedicalReport function in all versions up to, and including, 3.6.15. This makes it possible for unauthenticated attackers to upload...

EUVD-2026-4441

ALGO 8180 IP Audio Alerter SIP INVITE Replaces Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is not required to exploit this...

EUVD-2026-4497

EUVD-2026-4497...

EUVD-2026-4505

EUVD-2026-4505...

EUVD-2026-4499

EUVD-2026-4499...

EUVD-2026-3853

Missing Authorization vulnerability in Rasedul Haque Rumi BD Courier Order Ratio Checker bd-courier-order-ratio-checker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BD Courier Order Ratio Checker: from n/a through = 2.0.1...

EUVD-2026-3860

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Micro.company Form to Chat App form-to-chat allows Stored XSS.This issue affects Form to Chat App: from n/a through = 1.2.5...

EUVD-2026-3842

Missing Authorization vulnerability in Select-Themes Prowess prowess allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Prowess: from n/a through = 1.8.1...

EUVD-2026-3880

Missing Authorization vulnerability in e-plugins Listihub listihub allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Listihub: from n/a through = 1.0.6...

EUVD-2026-3927

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpWave Hide My WP hidemywp allows Reflected XSS.This issue affects Hide My WP: from n/a through = 6.2.12...

EUVD-2026-3936

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in goalthemes Rashy rashy allows PHP Local File Inclusion.This issue affects Rashy: from n/a through = 1.1.3...

EUVD-2026-3950

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in goalthemes Bfres bfres allows PHP Local File Inclusion.This issue affects Bfres: from n/a through = 1.2.1...

EUVD-2026-4006

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Remi Corson Easy Theme Options easy-theme-options allows Reflected XSS.This issue affects Easy Theme Options: from n/a through = 1.0...

EUVD-2026-4009

Insertion of Sensitive Information Into Sent Data vulnerability in tabbyai Tabby Checkout tabby-checkout allows Retrieve Embedded Sensitive Data.This issue affects Tabby Checkout: from n/a through = 5.8.4...

EUVD-2026-3988

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in codisto Omnichannel for WooCommerce codistoconnect allows Stored XSS.This issue affects Omnichannel for WooCommerce: from n/a through = 1.3.65...

EUVD-2026-4005

Incorrect Privilege Assignment vulnerability in Themefic Hydra Booking hydra-booking allows Privilege Escalation.This issue affects Hydra Booking: from n/a through = 1.1.32...

EUVD-2026-4020

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kapil Chugh My Post Order my-posts-order allows Reflected XSS.This issue affects My Post Order: from n/a through = 1.2.1.1...

EUVD-2026-4083

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CleverSoft Anon anon2x allows Reflected XSS.This issue affects Anon: from n/a through = 2.2.10...