CVE-2026-7823

A security flaw has been discovered in Totolink A8000RU 7.1cu.643b20200521. Affected is the function setAppFilterCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument enable results in os command injection. The attack may be launched remotely. The exploit has been released to the...

CVE-2026-7822

A vulnerability was identified in itsourcecode Courier Management System 1.0. This impacts an unknown function of the file /printpdets.php. The manipulation of the argument ids leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used...

CVE-2026-4362

The ElementsKit Elementor Addons plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the LiveAction::reset function in all versions up to, and including, 3.8.2 The function is hooked to the WordPress init action and triggers when both post...

CVE-2026-7812

A vulnerability was found in 54yyyu code-mcp up to 4cfc4643541a110c906d93635b391bf7e357f4a8. The impacted element is the function gitoperation of the file src/codemcp/server.py of the component MCP Tool. Performing a manipulation of the argument operation results in command injection. The attack...

CVE-2026-7811

A vulnerability has been found in 54yyyu code-mcp up to 4cfc4643541a110c906d93635b391bf7e357f4a8. The affected element is the function issafepath of the file src/codemcp/server.py of the component MCP File Handler. Such manipulation leads to path traversal. It is possible to launch the attack...

CVE-2026-7810

A flaw has been found in UsamaK98 python-notebook-mcp up to a05a232815809a7e425b5fa7be26e0d4369894c2. Impacted is the function createnotebook/readnotebook/editcell/addcell of the file server.py. This manipulation causes path traversal. It is possible to initiate the attack remotely. The exploit h...

CVE-2026-4665

The WP Carousel Free plugin for WordPress is vulnerable to Stored Cross-Site Scripting via crafted fancybox data-caption attributes in all versions up to, and including, 2.7.10. This is due to the fancybox-config.js script reading the carousel container's id attribute directly from the DOM to...

CVE-2026-5159

The Royal Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Instagram Feed widget's 'instagramfollowtext' setting in all versions up to, and including, 1.7.1056 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2026-5957

The EmailKit plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to and including 1.6.5. This is due to a flawed path traversal validation in the createtemplate method of the CheckForm class, where realpath is called on the allowed base directory...

CVE-2026-4803

The Royal Elementor Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'status' parameter in the wprupdateformactionmeta AJAX action in all versions up to, and including, 1.7.1056. This is due to insufficient input sanitization and output escaping, combined with a...

CVE-2026-5294

The Geeky Bot plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.2.2. This is due to a nopriv AJAX route allowing attacker-controlled model/function dispatch and reaching a plugin installer helper that downloads and unzips attacker-supplied ZIP files...

CVE-2026-2948

The Gutenverse – Ultimate WordPress FSE Blocks Addons & Ecosystem plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 3.5.3 via the importimages function. This makes it possible for authenticated attackers, with contributor-level access and above, t...

CVE-2026-3456

The GeekyBot — Generate AI Content Without Prompt, Chatbot and Lead Generation plugin for WordPress is vulnerable to SQL Injection via the 'attributekey' parameter in versions up to, and including, 1.2.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparatio...

CVE-2026-35228

Vulnerability in the Oracle MCP Server Helper Tool product of Oracle Open Source Projects component: helper tool. The supported versions that is affected is 1.0.1-1.0.156. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle MCP Server...

CVE-2026-1921

The Loco Translate plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 2.8.2 via the fsReference AJAX route. This is due to the findSourceFile method normalizing user-supplied ref paths containing ../ directory traversal sequences without validating that the...

CVE-2026-6704

The Blog Settings plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 1.0. This is due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary w...

CVE-2026-6255

The Simple Owl Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'num' attribute of the 'owlswrapper' shortcode in all versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

CVE-2026-5505

The WP-Clippy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's clippy shortcode in all versions up to, and including, 1.0.0. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2026-6702

The Publish 2 Ping.fm plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1. This is due to missing or incorrect nonce validation on the '/wp-admin/options-general.php?page=admin.php' page. This makes it possible for unauthenticated attackers t...

CVE-2026-2868

The Gutenverse – Ultimate WordPress FSE Blocks Addons & Ecosystem plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'separatorIconSVG' parameter in versions up to, and including, 3.5.3 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2026-5247

The Schedule Post Changes With PublishPress Future plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wrapper' attribute of the futureaction shortcode in all versions up to, and including, 4.10.0. This is due to insufficient input sanitization on the wrapper attribute. The...

CVE-2026-6700

The DX Sources plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.1. This is due to missing or incorrect nonce validation on the settingspagebuild function. This makes it possible for unauthenticated attackers to trick a logged-in...

CVE-2026-5100

The AWP Classifieds plugin for WordPress is vulnerable to SQL Injection via the 'regions' parameter array keys in versions up to, and including, 4.4.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible f...

CVE-2025-13618

The Mentoring plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.2.8. This is due to the plugin not properly restricting the roles that users can register with in the mentoringprocessregistration function. This makes it possible for unauthenticated...

CVE-2026-4409

The Subscribe To Comments Reloaded plugin for WordPress is vulnerable to unauthorized modification of data due to a leaked secret key and usage of a weak hash generation algorithm in all versions up to, and including, 240119. This makes it possible for unauthenticated attackers to extract the...

CVE-2026-6696

The Zingaya Click-to-Call plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'email', 'firstname', 'lastname', and 'phone' parameters on the plugin's sign-up admin page in all versions up to, and including, 1.0. This is due to insufficient input sanitization and output...

CVE-2026-4730

The Charts Ninja: Create Beautiful Graphs & Charts and Easily Add Them to Your Website plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'chartid' shortcode attribute in all versions up to, and including, 2.1.0 due to insufficient input sanitization and output escaping. Th...

CVE-2026-6701

The addfreespace plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.1.3. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to update settings and inject malicious web scrip...

CVE-2026-5722

The MoreConvert Pro plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.9.14. This is due to the guest waitlist verification flow not invalidating or regenerating verification tokens when the customer email address is changed. This makes it possible...

CVE-2026-44029

An issue was discovered in Nix before 2.34.7. Writing to arbitrary files can occur via "nix-prefetch-url --unpack" or "nix store prefetch-file --unpack" directory traversal. The fixed versions are 2.34.7, 2.33.6, 2.32.8, 2.31.5, 2.30.5, 2.29.4, and 2.28.7 introduced in 2.24.7;...

CVE-2026-44028

An issue was discovered in Nix before 2.34.7 and Lix before 2.95.2. Unbounded recursion in the NAR Nix Archive parser could lead to a stack-to-heap overflow when the parser is run on a coroutine stack. The stack is allocated without a guard page, which means that a stack overflow could overwrite...

CVE-2026-7788

A security flaw has been discovered in Axle-Bucamp MCP-Docusaurus up to 404bc028e15ec304c9a045528560f4b5f27a17e0. The affected element is the function updatedocument/continuedocument/deletedocument/getcontent of the file app/routes/document.py. Performing a manipulation of the argument DOCSDIR/pa...

CVE-2026-36355

The rtl8192cd Wi-Fi kernel driver in the Realtek rtl819x Jungle SDK all known versions through v3.4.14B does not perform any access control checks on the writemem ioctl 0x89F5 and readmem ioctl 0x89F6 debug handlers, which are compiled into production builds via the unconditionally defined...

CVE-2026-38428

Kestra v1.3.3 and before is vulnerable to SQL Injection. The vulnerability occurs because user-controlled input from a GET parameter is directly concatenated into an SQL query without proper sanitization or parameterization. As a result, attackers can inject arbitrary SQL expressions into the...

CVE-2026-38431

ERPNext v15.103.1 and before is vulnerable to Server-Side Template Injection SSTI. An attacker with permission to create or edit email templates can inject template expressions that are executed on the server when the template is rendered...

CVE-2025-52206

ISPConfig 3.3.0 is vulnerable to Cross Site Scripting XSS via the system status webpage...

CVE-2026-31195

The ping diagnostic handler in /bin/httpdclientside for ALTICE LABS / SFR France GR140DG and GR140IG fibre CPE/Router/Gateway, inserts unsanitized user input into a system call, allowing authenticated remote attackers to execute arbitrary commands as root via crafted destAddr parameters using she...

CVE-2024-52911

Bitcoin Core through 28.x has a security issue, the details of which are not disclosed. The earliest affected version is 0.14...

CVE-2026-31196

The traceroute diagnostic handler in /bin/httpdclientside for ALTICE LABS / SFR France GR140DG and GR140IG fibre CPE/Router/Gateway, inserts unsanitized user input into a system call, allowing authenticated remote attackers to execute arbitrary commands as root via crafted destAddr parameters usi...

CVE-2026-38429

OpenCMS v20 and before is vulnerable to XML External Entity XXE in the Admin Import DB feature due to insecure XML parsing of user supplied .zip files containing a manifest.xml...

CVE-2026-36356

The GoAhead web server on MeiG Smart FORGESLT711 devices firmware MDM9607.LE.1.0-00110-STD.PROD-1 allows unauthenticated OS command injection via the /action/SetRemoteAccessCfg endpoint...

CVE-2026-38432

ERPNext v15.103.1 and before is vulnerable to Cross Site Scripting XSS in the Email Template engine. An attacker with permission to create or edit email templates can inject malicious JavaScript code that are executed on the victim's browser when the template is applied...

CVE-2026-42997

An issue was discovered in idrac in OpenStack Ironic before 35.0.1. During import, a user invoking molds can request authorization to be sent to a remote endpoint. The credential forwarded is a time-limited Keystone token which provides access to all OpenStack services Ironic is authorized for; o...

CVE-2026-34408

An issue was discovered in Gambio 4.9.2.0 patched in 2024-02 v1.0.0 for GX4 v4.0.0.0 to v4.9.2.0. The password reset function can be bypassed to set arbitrary passwords for arbitrary accounts if the ID is known...

CVE-2026-38947

FluentCMS 1.2.3 is vulnerable to Cross Site Scripting XSS in TextHTML plugin...

CVE-2026-39103

Buffer Overflow vulnerability in GPAC before commit v391dc7f4d234988ea0bc3cc294eb725eddf8f702 allows an attacker to cause a denial of service via the src/scenegraph/svgattributes.c, svgparsestrings, gfsvgparseattribute...

CVE-2026-43002

An issue was discovered in OpenStack Horizon 25.6 and 25.7 before 25.7.3. There is a write operation to the session storage backend before authentication and thus storage can be exhausted by unauthenticated requests. This is a regression of the CVE-2014-8124 fix...

CVE-2025-66369

An issue was discovered in MM in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, W920, W930, W1000, Modem 5123, and Modem 5300. Incorrect handling of 5G NR NAS registration accept messages leads to a Denial of Service...

CVE-2026-7785

A security flaw has been discovered in A-G-U-P-T-A wireshark-mcp edaf604416fbc94a201b4043092d4a1b09a12275/400c3da70074f22f3cce7ccb65304cafc7089c89. This affects the function quickcapture of the file pysharkmcp.py. The manipulation results in os command injection. The attack may be launched...

CVE-2026-7784

A vulnerability has been found in RTGS2017 NagaAgent up to 5.1.0. This issue affects some unknown processing of the file apiserver/routes/extensions.py of the component Skills Endpoint. Such manipulation of the argument Name leads to path traversal. It is possible to launch the attack remotely. T...