Schneider Electric EcoStruxure Foxboro DCS Code Issue Vulnerability

The Schneider Electric EcoStruxure Foxboro DCS is an innovative fault-tolerant, highly available control component from Schneider Electric, France. A code issue vulnerability exists in the Schneider Electric EcoStruxure Foxboro DCS, which can be exploited by an attacker to cause compromise of...

Schneider Electric EcoStruxure Automation Expert Code Injection Vulnerability

Schneider Electric EcoStruxure Automation Expert is a software platform for industrial automation systems from the French company Schneider Electric Schneider Electric. A code injection vulnerability exists in Schneider Electric EcoStruxure Automation Expert, which can be exploited by an attacker...

Unspecified Vulnerability in StudioCMS (CNVD-2026-18154)

StudioCMS is StudioCMS open source a content management system . A denial of service vulnerability exists in StudioCMS. The vulnerability stems from insufficient DELETE /studiocmsapi/dashboard/api-tokens endpoint validation, which can be exploited by an attacker to cause a denial of service...

Unspecified Vulnerability in StudioCMS (CNVD-2026-18151)

StudioCMS is StudioCMS open source a content management system . StudioCMS has a security vulnerability that can be exploited by an attacker to cause an administrator to create additional administrator accounts via the REST API...

Google Chrome TextEncoding Resource Management Error Vulnerability

Google Chrome is a free web browser developed by Google Inc. A security vulnerability exists in Google Chrome TextEncoding, which originates from re-referencing or using freed memory, and can be exploited by remote attackers to execute arbitrary code...

Adobe Commerce Cross-Site Scripting Vulnerability (CNVD-2026-16584)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. Adobe Commerce suffers from a cross-site scripting vulnerability that is caused by improper validation of user-supplied input. An attacker could exploit...

Fortinet FortiSandbox Cloud OS Command Injection Vulnerability

Fortinet FortiSandbox Cloud is a malware sandbox analysis platform from US-based Fiat Fortinet. Fortinet FortiSandbox Cloud version 5.0.4 suffers from an OS command injection vulnerability. The vulnerability stems from improper neutralization of special elements in os commands and can be exploite...

WordPress Plugin My Tickets Information Disclosure Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin My Tickets, which can be...

Huawei EMUI and Huawei HarmonyOS IMS Module Out-of-Bounds Write Vulnerability

Huawei EMUI is a mobile operating system developed based on Android.Huawei HarmonyOS is an operating system. Provides a full-scene distributed operating system based on a microkernel. An out-of-bounds write vulnerability exists in the Huawei EMUI and Huawei HarmonyOS IMS modules, which can be...

Unspecified Vulnerability in StudioCMS

StudioCMS is StudioCMS open source a content management system . A security vulnerability exists in StudioCMS that can be exploited by an attacker to cause any authenticated user to modify the notification preferences of other users...

Siemens SICAM SIAPP SDK Buffer Overflow Vulnerability

Siemens SICAM SIAPP SDK is a software development kit from Siemens, Germany. A buffer overflow vulnerability exists in Siemens SICAM SIAPP SDK versions prior to V2.1.7. The vulnerability stems from a client-side component that does not perform a maximum length check on certain variables before us...

IBM WebSphere Application Server Security Feature Issue Vulnerability (CNVD-2026-19182)

IBM WebSphere Application Server WAS is an application server product from International Business Machines IBM. The product is a platform for JavaEE and Web services applications and is the foundation of the IBM WebSphere software platform. IBM WebSphere Application Server WAS suffers from a...

Adobe Commerce License Issues Vulnerability (CNVD-2026-15169)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. Adobe Commerce has an authorization issue vulnerability that can be exploited by an attacker to bypass security measures and gain unauthorized viewing...

Adobe Commerce Input Validation Error Vulnerability (CNVD-2026-16595)

Adobe Commerce is the United States of America Odobie Adobe company's a kind of merchants and brands for the world's leading digital commerce solutions. An input validation error vulnerability exists in Adobe Commerce, which can be exploited by an attacker to bypass security features...

Adobe Commerce Security Bypass Vulnerability (CNVD-2026-16581)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. Adobe Commerce has a security vulnerability that can be exploited by an attacker to cause a security feature bypass...

Adobe Illustrator Heap Buffer Overflow Vulnerability (CNVD-2026-14502)

Adobe Illustrator is a set of vector-based image creation software from the American company Audobee Adobe. A heap buffer overflow vulnerability exists in Adobe Illustrator, which can be exploited by an attacker to execute arbitrary code on the system or cause the application to crash...

Adobe Commerce Cross-Site Scripting Vulnerability (CNVD-2026-16585)

Adobe Commerce is the United States of America Odobie Adobe company's a kind of merchants and brands for the world's leading digital commerce solutions. Adobe Commerce suffers from a cross-site scripting vulnerability that is caused by improper validation of user-supplied input. An attacker could...

WordPress Plugin Eagle Booking SQL Injection Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A SQL injection vulnerability exists in the WordPress plugin Eagle Booking. The vulnerability...

Adobe Commerce Security Bypass Vulnerability (CNVD-2026-16578)

Adobe Commerce is the United States of America Odobie Adobe company's a kind of merchants and brands for the world's leading digital commerce solutions. A security bypass vulnerability exists in Adobe Commerce, which can be exploited by an attacker to cause a security feature bypass...

Unspecified Vulnerability in StudioCMS (CNVD-2026-18150)

StudioCMS is StudioCMS open source a content management system . A security vulnerability exists in StudioCMS that can be exploited by an attacker to cause an authenticated user to perform arbitrary file operations on S3 storage buckets...

Adobe Commerce Cross-Site Scripting Vulnerability (CNVD-2026-16587)

Adobe Commerce is the United States of America Odobie Adobe company's a kind of merchants and brands for the world's leading digital commerce solutions. Adobe Commerce suffers from a cross-site scripting vulnerability that is caused by improper validation of user-supplied input. An attacker could...

Adobe Commerce Path Traversal Vulnerability (CNVD-2026-16594)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. A path traversal vulnerability exists in Adobe Commerce that could be exploited by an attacker to access unauthorized files or directories outside of th...

Fortinet FortiSandbox Cross-Site Scripting Vulnerability (CNVD-2026-14601)

Fortinet FortiSandbox is an APT Advanced Persistent Threat protection appliance from Fortinet. The appliance offers dual sandboxing technology, dynamic threat intelligence system, real-time control panel and reporting. A cross-site scripting vulnerability exists in Fortinet FortiSandbox. The...

Adobe Commerce Security Bypass Vulnerability (CNVD-2026-16580)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. A security bypass vulnerability exists in Adobe Commerce, which can be exploited by an attacker to cause a security feature bypass...

Adobe Premiere Pro Out-of-Bounds Read Vulnerability (CNVD-2026-14503)

Adobe Premiere Pro is a set of non-linear editing video editing software from the American company Audobee Adobe. Adobe Premiere Pro suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to execute arbitrary code on the system...

WordPress Plugin Easy Post Submission Has Unspecified Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A security vulnerability exists in the WordPress plugin Easy Post Submission, which stems from ...

Adobe Commerce Cross-Site Scripting Vulnerability (CNVD-2026-16583)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. Adobe Commerce suffers from a cross-site scripting vulnerability that is caused by improper validation of user-supplied input. An attacker could exploit...

Microsoft Excel Code Execution Vulnerability (CNVD-2026-16152)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...

Siemens SICAM SIAPP SDK Denial of Service Vulnerability

Siemens SICAM SIAPP SDK is a software development kit from Siemens, Germany. A denial of service vulnerability exists in the Siemens SICAM SIAPP SDK, which can be exploited by an attacker to cause a stack overflow that can crash the process and lead to a denial of service...

WordPress Plugin Chaty Information Disclosure Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. WordPress plugin Chaty suffers from an information disclosure vulnerability that can be exploit...

Adobe Commerce Security Bypass Vulnerability (CNVD-2026-16579)

Adobe Commerce is the United States of America Odobie Adobe company's a kind of merchants and brands for the world's leading digital commerce solutions. A security bypass vulnerability exists in Adobe Commerce, which can be exploited by an attacker to cause a security feature bypass...

OpenClaw Directory Traversal Vulnerability (CNVD-2026-14392)

OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from a directory traversal vulnerability that can be exploited by an attacker to write files outside of the expected temporary directory via path traversal...

Unspecified Vulnerability in StudioCMS (CNVD-2026-18153)

StudioCMS is StudioCMS open source a content management system . StudioCMS has an authorization issue vulnerability that originates from improper authorization of the /studiocmsapi/dashboard/api-tokens endpoint, which can be exploited by an attacker to cause elevation of privilege...

OpenClaw code injection vulnerability (CNVD-2026-14391)

OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from a code injection vulnerability that can be exploited by an attacker to execute arbitrary code on the system...

Adobe Commerce Cross-Site Scripting Vulnerability (CNVD-2026-16586)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. Adobe Commerce suffers from a cross-site scripting vulnerability that is caused by improper validation of user-supplied input. An attacker could exploit...

Adobe Commerce Open Redirect Vulnerability

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. An open redirection vulnerability exists in Adobe Commerce, which can be exploited by attackers to cause users to be redirected to malicious websites...

Huawei EMUI and Huawei HarmonyOS System Service Framework Privilege Bypass Vulnerability

Huawei EMUI is a mobile operating system developed based on Android.Huawei HarmonyOS is an operating system. Provides a full-scene distributed operating system based on a microkernel. A privilege bypass vulnerability exists in the Huawei EMUI and Huawei HarmonyOS system service framework, which c...

Fortinet FortiWeb Code Issue Vulnerability

Fortinet FortiWeb is a Web application layer firewall from the U.S. company Fita Fortinet, which can block threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning and other attacks to ensure the security of Web applications and protect sensitive database content. A...

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2026-13945)

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

Delta Electronics COMMGR2 Stack Buffer Overflow Vulnerability

Delta Electronics COMMGR2 is an automation equipment communication management software from Delta Electronics China. Delta Electronics COMMGR2 suffers from a stack buffer overflow vulnerability that is caused by incorrect boundary checking. An attacker could exploit this vulnerability to execute...

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2026-13966)

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2026-13961)

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2026-13970)

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2026-13973)

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2026-13975)

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2026-13976)

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2026-13967)

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2026-13965)

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2026-13968)

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2026-13960)

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...