CVE-2026-49738

CVE-2026-49738 concerns TYPO3 CMS where a flawed check in GeneralUtility::isAllowedAbsPath() uses a plain string prefix instead of a directory boundary, allowing path strings like /var/www/html-other/secret.yaml to pass when project root is /var/www/html. This enables administrator users with acc...

CVE-2026-47352

Technical details are not publicly available in the provided documents. Monitor for updates on CVE-2026-47352 for affected TYPO3 versions and remediation.

CVE-2026-47351

CVE-2026-47351 (TYPO3 CMS) describes a broken access control in the backend clipboard. Users with backend access could insert arbitrary records and files into the clipboard without proper read-permission checks, enabling them to gather information about records and files they were not authorized ...

CVE-2026-47350

Technical details about CVE-2026-47350 are not publicly available in the provided documents. Monitor for updates.

CVE-2026-47349

CVE-2026-47349 affects TYPO3 CMS where backend users with access to the Recycler module could restore soft-deleted records on pages or tables they are not authorized to modify. Affected versions: 10.4.57 and earlier in 10.x; 11.0.0–11.5.51; 12.0.0–12.4.46; 13.0.0–13.4.31; 14.0.0–14.3.3. Root caus...

CVE-2026-47348

CVE-2026-47348 describes a Cross-Site Scripting vulnerability in TYPO3 CMS where editors could insert HTML into page titles stored in the search index; when rendered in frontend search results via the Indexed Search plugin, the titles were not properly output-encoded. Affected: TYPO3 CMS versions...

CVE-2026-47347

CVE-2026-47347 affects TYPO3 CMS where GeneralUtility::sanitizeLocalUrl can be bypassed, enabling an open redirect if a URL is used after sanitization. Affected versions are older: 10.4.57, 11.0.0–11.5.50, 12.0.0–12.4.45, 13.0.0–13.4.30, and 14.0.0–14.3.2. The CVE entry notes the impact as open r...

CVE-2026-47346

Summary: CVE-2026-47346 affects TYPO3 CMS prior to certain patch versions, where backend users with file write perms can upload form definition files with mixed-case extensions (e.g., .FORM.YAML) to bypass upload restrictions. This can be exploited to execute arbitrary SQL statements and escalate...

CVE-2026-47343

Technical details are not publicly available in the provided documents. Monitor TYPO3 security advisories for updates. The CVE describes unauthorized write actions on file mount folders across several TYPO3 CMS versions, with no publicly disclosed exploitation specifics.

CVE-2026-11607

TYPO3 CMS vulnerability CVE-2026-11607 affects the Form Framework in multiple TYPO3 releases (before 10.4.57, 11.x before 11.5.51, 12.x before 12.4.46, 13.x before 13.4.31, and 14.x before 14.3.3). A back-end user with access to the Form Framework can upload or reference form definitions from fil...

CVE-2026-41031

CVE-2026-41031 describes a Stored Cross-Site Scripting vulnerability in Vinna Process Monitor 4.0 SP1 (Build 63255) . An authenticated, low-privilege attacker can inject malicious JavaScript to access tokens and session credentials. Public metadata lists CVSS v3.1 base score 8.7 (HIGH) with netwo...

CVE-2026-52903

CVE-2026-52903 (RH) describes a deserialization of untrusted data in ManageIQ via the YamlLoadAliases module, which overrides YAML.safe_load to fall back to YAML.unsafe_load in production when Psych::DisallowedClass errors occur. An authenticated attacker with dialog import access can exploit thi...

CVE-2026-52902

CVE-2026-52902 affects awxkit (AWX CLI). The YAML !include directive permits path traversal, enabling an attacker to craft a YAML file that reads arbitrary local YAML files when a user imports it via awx --conf.format yaml import. This is a client-side vulnerability requiring user interaction. Mi...

CVE-2026-4058

The CVE-2026-4058 entry concerns the WordPress plugin “User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration”. A missing capability check in user_subscription_cancel() across all versions up to 4.3.2 allows authenticated users with Subscriber-level ac...

CVE-2025-10263

CVE-2025-10263 affects Arm architectures (C1-Ultra, C1-Premium; Neoverse V3/V3AE/V2/V1/N2/N1; Cortex-X9/25/4/3/2/1/1C; Cortex-A710/A78/A78AE/A78C/A77/A76/A76A) where a write to a resource may occur under a lower EL than the owner. Impact described as potential privilege escalation to the hypervis...

CVE-2026-10731

CVE-2026-10731 describes a SQL injection flaw in the two_steps_auth_code parameter processed by the twoStepsAuthVerification function in the /user-login endpoint of Nemon products. The vulnerability allows unauthenticated attackers to execute arbitrary SQL on the backend database, potentially ena...

CVE-2026-46749

Summary: CVE-2026-46749 affects SINEC INS (versions older than 1.0 SP2 Update 6). The password hashing uses a static, hardcoded salt shared across users/installations and too few iterations, enabling feasible brute-force or precomputed attacks to recover passwords and potentially gain unauthorize...

CVE-2026-46748

CVE-2026-46748 affects SINEC INS (all versions

CVE-2026-46747

The CVE-2026-46747 issue affects SINEC INS (all versions

CVE-2026-46746

Vulnerability summary (CVE-2026-46746): In Siemens SINEC INS, all versions prior to V1.0 SP2 Update 6 expose a flaw in the /api/sftp/uploadFiles endpoint. The app does not properly sanitize user input, enabling injection of shell command payloads via crafted directory names. These payloads are st...

CVE-2026-24349

The CVE-2026-24349 entry affects SIMATIC WinCC Unified PC Runtime V16–V21 (all versions up to but not including V21 Update 2). The root cause is insufficient protection of key material in WinCC Certificate Manager, which could allow an attacker to extract sensitive information. All connected sour...

CVE-2025-40808

The vulnerability CVE-2025-40808 affects SIPROTEC 5 line hardware (multiple models listed) where the affected application allows authenticated users to upload arbitrary files via the DIGSI 5 protocol. This could result in uploading malicious configuration files, potentially causing denial of serv...

CVE-2026-28262

CVE-2026-28262 affects Dell iDRAC Tools, versions prior to 11.4.1.0. The vulnerability is an Improper Link Resolution Before File Access (Link Following) that could allow a low privileged attacker with local access to tamper with information. The initial sources describe the affected product and ...

CVE-2026-6899

CVE-2026-6899 affects the CycloneCrypto wrapper in the S2OPC library. The check for certificate revocation only reviews the first matching CRL and ignores other valid CRLs for the same CA, potentially allowing a revoked certificate to establish a connection between an OPC UA client and server. No...

CVE-2026-8365

The Blocksy WordPress theme (up to at least 2.1.41) is vulnerable to PHP Object Injection via the blocksy_meta REST API field and the V200 migration. Root cause: blocksy_sanitize_post_meta_options() only blocks '' and does not prevent serialized PHP objects, combined with SearchReplacer::run_recu...

CVE-2026-8677

CVE-2026-8677 affects the Prime Elementor Addons – Lightweight Elementor Widgets for Faster Pages plugin for WordPress. All versions up to 1.3.3 are susceptible to Stored Cross-Site Scripting via Widget HTML Tag Settings due to insufficient input sanitization and output escaping. Exploitation req...

CVE-2026-7542

The CVE-2026-7542 issue affects the Slider Revolution WordPress plugin (versions up to 7.0.10). The vulnerability arises from three design flaws that enable Sensitive Information Disclosure: (1) a valid backend AJAX nonce (revslider_actions) is leaked to all authenticated users via the admin_foot...

CVE-2026-8599

The CVE covers the WordPress plugin MailerPress (Email Marketing, Newsletter, Email Automation & WooCommerce Emails) with stored XSS in Campaign HTML Content Field across versions up to 2.0.4. Exploitation requires author-level access (authenticated, Author+), and affects pages loaded in the admi...

CVE-2026-11616

The CVE pertains to the WordPress plugin Events Calendar for GeoDirectory, affected in versions up to and including 2.3.28. The root cause is an ajax_ayi_action() path that applies strip_tags(esc_sql()) without an allow-list to attacker-controlled POST values, forwarding them to update_ayi_data()...

CVE-2026-49818

The CVE concerns Apache Airflow Samba provider’s GCSToSambaOperator, which concatenates GCS object names to the SMB destination path without proper containment checks. This allows objects with ../ segments to traverse outside destination_path, enabling an unauthenticated-like attacker able to wri...

CVE-2026-46315

The CVE affects the Linux kernel io_uring waitid path. In IORING_OP_WAITID, result fields are stored in io_waitid::info and later copied to userspace siginfo. During prep, info wasn’t initialized; if the wait completes without a child event, the common wait code may skip writing wo_info, yet io_w...

CVE-2026-34905

CVE-2026-34905 affects Apache Answer up to version 2.0.0. The issue arises from the unlisted question feature not enforcing access restrictions on direct API endpoints, permitting authenticated users to discover and access unlisted questions, their answers, comments, and revision history. Upgrade...

CVE-2026-34033

CVE-2026-34033 affects Apache Answer up to version 2.0.0. The issue is an HTML content injection (basic XSS) where user-supplied content included in notification emails was not properly escaped, allowing authenticated users to inject arbitrary HTML into emails sent to other users. The CVSS vector...

CVE-2009-10007

CVE-2009-10007 affects Catalyst::Plugin::Authentication for Perl prior to 0.10_027. The vulnerability arises because the plugin does not automatically change the session id after authentication, enabling session fixation where an attacker with a valid session cookie can impersonate the victim. Do...

CVE-2026-34031

CVE-2026-34031 concerns Apache Answer up to version 2.0.0, where the server fails to validate user-supplied image URLs used for profile avatars. This allows embedding arbitrary external content as avatars, potentially enabling unintended external requests and tracking by third-party servers. A fi...

CVE-2026-33582

The CVE-2026-33582 issue affects Apache Answer up to version 2.0.0, where a crafted TIFF image can trigger excessive memory allocation during decoding, allowing an authenticated user to crash the server process. Upgrade to version 2.0.1 to fix the issue. The reported CVSS vector indicates MEDIUM ...

CVE-2026-25699

CVE-2026-25699 applies to Apache Answer up to version 2.0.0, where timeline-related APIs lacked proper authorization checks. This could allow regular authenticated users to access deleted, private, or unapproved content and its revision history. The issue is addressed by upgrading to version 2.0....

CVE-2026-25688

CVE-2026-25688 describes an XSS vulnerability in Apache Answer. The issue is an improper neutralization of alternate XSS syntax in AI-generated responses rendered in the browser, affecting Apache Answer up to version 2.0.0. Affected behavior allows execution of malicious scripts when content is v...

CVE-2026-9698

CVE-2026-9698 affects the Perl DBI module. Versions before 1.648 save error messages in a 200-byte buffer without length control, allowing an attacker who can influence error text to trigger a buffer overflow. Connected sources confirm the issue in DBI for Perl and identify the vulnerable compone...

CVE-2026-41982

Technical details about CVE-2026-41982 are not publicly available in the provided documents. No specifics on affected products, versions, root cause, or mitigations are present. Monitor for updates from official advisories.

CVE-2026-41981

CVE-2026-41981 describes an out-of-bounds write in the IPC module. The vulnerability stems from a memory-bounds issue in the IPC component, with impact stated as availability. The CVSSv3.1 vector (LOCAL, LOW privileges, NO user interaction, LOW attack complexity) yields a base score of 5.3 (MEDIU...

CVE-2026-41977

Technical details about CVE-2026-41977 are not publicly available in the provided documents. Monitor for updates from trusted sources.

CVE-2026-41976

CVE-2026-41976 is described as a permission control vulnerability in the audio framework with potential impact on service confidentiality. The available data include CVSS v3.1 metrics: local attack vector, no privileges required, user interaction required, confidentiality impact High, integrity a...

CVE-2026-41974

Technical details are not publicly available in the provided documents. Monitor for updates from the CVE entry (and Huawei/NVD listings) for affected products, vulnerable components, root cause, and any remediation guidance.

CVE-2026-41973

Technical details are not publicly available in the provided documents for CVE-2026-41973. Monitor for updates.

CVE-2026-41972

CVE-2026-41972 describes a path traversal vulnerability in the SMS app with an impact on availability. The provided documents mention the issue and CVSS details (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L) but do not specify affected product versions, vulnerable components, exact exploit paths, or a rem...

CVE-2026-41986

Technical details are not publicly available in the provided documents. Monitor for updates.

CVE-2026-41985

Technical details about CVE-2026-41985 are not publicly available in the provided documents. Monitor for updates from Huawei advisories and NVD/CVE listings for affected products, impact, and remediation.

CVE-2026-41984

Technical details about CVE-2026-41984 are not publicly available in the provided documents. Monitor for updates from the listed vendor references.

CVE-2026-41983

Technical details are not publicly available in the provided documents. Monitor for updates as affected products, versions, root cause, and fixes are not disclosed here.