CVE-2026-7046 NEX-Forms – Ultimate Forms Plugin for WordPress <= 9.1.12 - Authenticated (Administrator+) SQL Injection via 'table' Parameter

The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'table' parameter in all versions up to, and including, 9.1.12 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

SUSE CVE-2026-33380

A vulnerability in SQL Expressions allows an authenticated attacker to read arbitrary files from the Grafana server's filesystem. Only instances with the sqlExpressions feature toggle enabled are vulnerable...

Ivanti Endpoint Manager < 2024 SU6 Multiple Vulnerabilities

The version of Ivanti Endpoint Manager running on the remote host is prior to 2024 SU6. It is, therefore, affected by multiple vulnerabilities: - An exposed dangerous method on the Core Server of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to leak access...

phpMyFAQ SQL注入漏洞

phpMyFAQ is a multilingual, fully database-driven FAQ system developed by Thorsten Rinne. Versions of phpMyFAQ prior to 4.1.2 contained an SQL injection vulnerability. This vulnerability stemmed from the BuiltinCaptcha::garbageCollector and BuiltinCaptcha::saveCaptcha methods, which inserted...

SAP NetWeaver AS ABAP SQL Injection (3724838)

The version of SAP NetWeaver AS ABAP detected on the remote host is affected by a SQL injection vulnerability as referenced in SAP Security Note 3724838: - A SQL injection vulnerability exists in SAP S/4HANA SAP Enterprise Search for ABAP. An authenticated attacker with low privileges could explo...

PT-2026-41366

Name of the Vulnerable Software and Affected Versions phpMyFAQ versions prior to 4.1.2 Description An unauthenticated SQL injection exists in the BuiltinCaptcha::garbageCollector and BuiltinCaptcha::saveCaptcha methods. The issue occurs when unsanitized User-Agent headers are interpolated into...

PT-2026-41340

WordPress Plugin WPGraphQL 1.3.5 contains a denial of service vulnerability that allows unauthenticated attackers to exhaust server resources by sending batched GraphQL queries with duplicated fields. Attackers can send POST requests to the GraphQL endpoint with amplified field duplication payloa...

PT-2026-41360

Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.3, there is an authenticated SQL injection issue in the frontend user order history page in Vvveb CMS. A normal frontend user can log in and access /user/orders. The order by and...

FreeBSD : PostgreSQL -- Multiple vulnerabilities (7185ecc9-4fb7-11f1-bc50-6cc21735f730)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 7185ecc9-4fb7-11f1-bc50-6cc21735f730 advisory. The PostgreSQL project reports: Missing authorization in PostgreSQL CREATE TYPE allows an obje...

Apache Flink 代码注入漏洞

Apache Flink is an open-source distributed stream processing engine developed by the Apache Foundation in the United States. The product is primarily written in Java and Scala languages. Versions of Apache Flink from 1.15.0 to 1.20.x, as well as from 2.0.0 to 2.x, contain a code injection...

Marten has an injection vulnerability in its full-text search regConfig parameter

Summary Marten's full-text search APIs interpolated the user-supplied regConfig parameter directly into the generated SQL without parameterization or validation, making every code path that exposes regConfig to untrusted input a SQL injection sink. Affected APIs - IQuerySession.SearchAsyncstring...

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via the regConfig parameter in full-text search APIs. An attacker can execute arbitrary SQL commands by supplying crafted input to the regConfig parameter, which is interpolated directly into SQL statements without...

GHSA-VMW2-QWM8-X84C Marten has an injection vulnerability in its full-text search regConfig parameter

Summary Marten's full-text search APIs interpolated the user-supplied regConfig parameter directly into the generated SQL without parameterization or validation, making every code path that exposes regConfig to untrusted input a SQL injection sink. Affected APIs - IQuerySession.SearchAsyncstring...

CVE-2026-42847

ClipBucket v5 is an open source video sharing platform. Prior to 5.5.3 - 122, there is a critical SQL Injection SQLi vulnerability in ClipBucket, exploitable through the type parameter on the authenticated admin endpoint adminarea/actionlogs.php. The endpoint adminarea/actionlogs.php reads...

CVE-2026-42847 ClipBucket: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

ClipBucket v5 is an open source video sharing platform. Prior to 5.5.3 - 122, there is a critical SQL Injection SQLi vulnerability in ClipBucket, exploitable through the type parameter on the authenticated admin endpoint adminarea/actionlogs.php. The endpoint adminarea/actionlogs.php reads...

CVE-2026-42847

CVE-2026-42847 affects ClipBucket v5 prior to 5.5.3 - #122. The vulnerability is a SQL injection in the authenticated admin endpoint admin_area/action_logs.php, where the GET parameter $_GET['type'] is read, stored, and concatenated into a SQL WHERE condition on action_type in fetch_action_logs()...

CVE-2026-42032

CKAN is an open-source DMS data management system for powering data hubs and data portals. Prior to 2.10.10 and 2.11.5, a vulnerability in datastoresearchsql allowed attackers to bypass authorization in order to gain access to private resources and PostgreSQL system information This vulnerability...

CLSA-2026-1778788198 Fix of 6 CVEs

SECURITY UPDATE: fix out-of-bounds read in urldecode via signed-char to ctype.h GHSA-m8rr-4c36-8gq4 - debian/patches/CVE-2026-7258.patch: fix out-of-bounds read in urldecode via signed-char to ctype.h GHSA-m8rr-4c36-8gq4 - CVE-2026-7258 SECURITY UPDATE: fix stale SOAPGLOBAL refmap pointer with...

CVE-2026-44903 vulnerabilities

Vulnerabilities for packages: amazon-cloudwatch-agent-operator, fluent-bit-plugin-loki, istio, prometheus-pushgateway, trillian, opentelemetry-collector-contrib, loki, mcp-grafana, node-problem-detector, metrics-server, mc, opentelemetry-collector, datadog-agent, certificate-transparency,...

CVE-2026-44903 vulnerabilities

Vulnerabilities for packages: opentelemetry-collector, minio-fips, amazon-cloudwatch-agent-operator, beats-fips, cloudzero-agent, cloud-sql-proxy-fips, loki, mcp-grafana, metrics-server, mc-fips, opentelemetry-collector-fips, node-problem-detector-fips, trillian-fips, jaeger-fips,...