23891 matches found
CVE-2026-29519
creationtimestamp| type| source ---|---|--- 2026-07-11 10:26:40+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116900862378837802 2026-07-12 11:00:47+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mqgzlgbsyo2r...
CVE-2026-6801
creationtimestamp| type| source ---|---|--- 2026-07-11 07:35:28+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqe5nejffn2e 2026-07-11 08:02:55+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqe76hgzi22x...
EUVD-2026-43151
The WP Easy Pay – Payment and Donation form Builder for Square plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.5.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...
RevPi Webstatus <= v2.4.5 - Authentication Bypass
An unauthorized remote attacker can bypass the authentication of the affected software package by misusing an incorrect type conversion. This leads to full compromise of the device id: CVE-2025-41646 info: name: RevPi Webstatus = v2.4.5 - Authentication Bypass author: DhiyaneshDK severity: critic...
CVE-2026-53038
creationtimestamp| type| source ---|---|--- 2026-07-11 01:33:28+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdjg2r4yi2y...
CVE-2026-15053
creationtimestamp| type| source ---|---|--- 2026-07-11 00:40:14+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdggv6z7c2c...
GHSA-5XFX-XJ4H-5P7R
creationtimestamp| type| source ---|---|--- 2026-07-11 00:12:22+00:00| seen| https://gist.github.com/alon710/c12d56fc3c8087be09be97f40fd8c89a...
GHSA-G936-7JQJ-MWV8
creationtimestamp| type| source ---|---|--- 2026-07-10 22:12:05+00:00| seen| https://gist.github.com/alon710/3aab1c4181e03ef1803e74b755304657...
CVE-2026-56335
creationtimestamp| type| source ---|---|--- 2026-07-10 21:23:03+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqd3gbkepx2y...
CVE-2026-57213
RabbitMQ’s rabbitmq_federation_management plugin is vulnerable to stored XSS on the Federation Status page because consumer_tag is rendered without HTML escaping. Prior to the fixed releases (3.13.14, 4.0.19, 4.1.10, 4.2.5), a user who can configure a federation upstream or policy could inject co...
CVE-2026-55843
creationtimestamp| type| source ---|---|--- 2026-07-10 20:07:12+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqcx6o6zfz2g 2026-07-11 01:01:34+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdhmz3k6w2f...
GHSA-W7CG-WHH7-XP28
creationtimestamp| type| source ---|---|--- 2026-07-10 19:42:40+00:00| seen| https://gist.github.com/alon710/b90f7da9d543dd51155aefe8a87d6f66...
CVE-2026-54469
creationtimestamp| type| source ---|---|--- 2026-07-10 15:30:16+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116896393517811948 2026-07-10 17:27:21+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqcoasxcp327 2026-07-10 21:24:23+00:00| seen|...
GHSA-4VJ7-5MJ6-JM8M
creationtimestamp| type| source ---|---|--- 2026-07-10 15:11:59+00:00| seen| https://gist.github.com/alon710/6a1f370c6283107f299350100ca84db2...
CVE-2026-57229
creationtimestamp| type| source ---|---|--- 2026-07-10 14:00:19+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mqccon2eyw25...
CVE-2025-45422
creationtimestamp| type| source ---|---|--- 2026-07-10 13:32:41+00:00| seen| https://infosec.exchange/users/obivan/statuses/116895931383000599 2026-07-10 13:35:59+00:00| seen| https://bsky.app/profile/obivan.infosec.exchange.ap.brid.gy/post/3mqcb5c7v52t2...
CVE-2026-41877
R-SOFT DMS is vulnerable to Stored XSS in file upload functionality. Authenticated attacker can inject arbitrary HTML and JS into the name of the file being uploaded, which will be executed when visiting file list or upload status by other users. This issue was fixed in version v3.19-2832 and...
CVE-2026-15330
creationtimestamp| type| source ---|---|--- 2026-07-10 09:57:40+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqbv4pxta22y...
CVE-2026-11990 KiviCare <= 4.4.0 - Missing Authorization to Unauthenticated Payment Bypass and Appointment Status Manipulation via /payment-success REST Endpoint
The KiviCare – Clinic & Patient Management System EHR plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.4.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated...
CVE-2026-41877
R-SOFT DMS is vulnerable to Stored XSS in file upload functionality. Authenticated attacker can inject arbitrary HTML and JS into the name of the file being uploaded, which will be executed when visiting file list or upload status by other users. This issue was fixed in version v3.19-2832 and...