CVE-2026-11466

CVE-2026-11466 affects the zilliztech deep-searcher up to version 0.0.2. The issue is in deepsearcher/agent/collection_router.py (function CollectionRouter.invoke ), where argument kwargs manipulation leads to improper access controls. This enables remote exploitation ; the exploit is publicly av...

CVE-2026-11465

CVE-2026-11465 affects songquanpeng’s one-api (up to 0.6.11-preview.7). The issue is in the Redemption Code Top-Up Endpoint, specifically the function Redeem in file model/redemption.go, where manipulation leads to business logic errors. Reported as exploitable remotely with high complexity and l...

CVE-2026-11464

JeecgBoot v3.9.2 and earlier are affected by CVE-2026-11464. The vulnerability is in the User List Endpoint, specifically the function queryPageList in SysUserController.java. Manipulating the salt argument leads to information disclosure. The issue can be triggered remotely and is described as h...

CVE-2026-11463

USCiLab Cereal

CVE-2026-11462

The CVE-2026-11462 entry concerns Chengdu Everbrite Network Technology BeikeShop (up to version 1.6.0.22) and its Stripe Plugin. The vulnerability affects StripeController.php (plugins/Stripe/Controllers/StripeController.php) where manipulating the Request argument leads to improper authorization...

CVE-2026-11461

CVE-2026-11461 affects NousResearch Hermes-Agent up to version 0.12.0. The vulnerability is in the resume endpoint’s file hermes_state.py, in the function resolve_session_by_title, where manipulating the Title argument can bypass authorization. It allows remote exploitation, with the exploit publ...

CVE-2026-11460

Boost Serialization up to 1.91 has an improper validation flaw in an unknown function. The vulnerability can be exploited remotely; the exploit has been published. No patch is currently available and the disclosure deadline has expired; maintainers were notified in Aug 2025.

CVE-2026-49494

CVE-2026-49494 affects Comodo Internet Security's firewall driver Inspect.sys. The IPv6 packet parser contains an integer underflow: it decrements an unsigned 64-bit payload-length value (from the IPv6 header) by the size of each extension header without validating the sum. If a packet declares a...

CVE-2026-11459

CVE-2026-11459 affects SecureAge CatchPulse up to 10.9.1. The issue is in an unknown function within the saappctl.sys IOCTL Handler library, where manipulation leads to information disclosure. Local access is required. Public exploitation is disclosed, and the vendor did not respond. Concrete rem...

CVE-2026-11458

CVE-2026-11458 affects erzhongxmu JeeWMS Boot Actuator Endpoint. The weakness involves the handling of the /base-boot/actuator path, where a manipulation can cause information disclosure. The vulnerability is exploitable remotely, and exploits have been made public. JeeWMS is on a rolling release...

CVE-2026-11457

CVE-2026-11457 affects erzhongxmu JeeWMS, specifically the JimuReport test-connection endpoint’s file /base-boot/jmreport/testConnection. The vulnerability arises from injectable parameters in dbType, dbDriver, dbUrl, dbUsername, and dbPassword, enabling injection via crafted input. Remote exploi...

CVE-2026-11456

CVE-2026-11456 affects Chanjet CRM 1.0, specifically the HTTP GET Request Handler’s /tools/jxf_dump_systable.php. Manipulating the argument gblOrgID enables SQL injection, as described in the CVE. The vulnerability can be triggered remotely, and a publicly available exploit is indicated. Affected...

CVE-2026-11455

Summary: CVE-2026-11455 affects FoundationAgents MetaGPT up to 0.8.2. The vulnerability targets the function check_cmd_exists in metagpt/utils/common.py, where manipulating the mermaid.path argument enables a command injection. The issue potentially allows remote initiation with a high attack com...

CVE-2026-11453

Technical details are not publicly available in the provided documents; no affected versions, vectors, or fixes are specified. Monitor for updates.

CVE-2026-11452

GL.iNet GL-MT3000 (firmware ≤ 4.4.5) exposes a remote command-injection in the SET_USER_PWD Handler (function FUN_0042e200) via the /cgi-bin/glc interface. The vulnerability stems from manipulating the Password parameter, enabling remote execution of commands. Upgrading to firmware 4.8.1 is recom...

CVE-2026-11451

GL.iNet GL-MT3000 (firmware 4.4.5) is affected by a command-injection flaw in the FTP Protocol Handler: the snprintf path in /cgi-bin/glc vulnerable to manipulation of media_dir, potentially allowing remote execution. The vendor confirms that in version 4.8.1 the code escapes single quotes before...

CVE-2026-11450

GL.iNet GL-MT3000 firmware 4.4.5 contains a command injection in the Path Normalization Handler via dlopen in /usr/lib/oui-httpd/rpc/ when processing the dev_name argument. This can be triggered remotely over the network. Upgrading to version 4.7 mitigates the issue by enabling method-level valid...

CVE-2026-11449

GL.iNet GL-MT3000 (v4.4.5) is affected by a remote command injection in LuCI JSON-RPC Interface, via the rpc_sys function in /cgi-bin/luci/rpc. Root cause is not explicitly stated beyond the vulnerability description; CVSS metrics in the connected sources indicate MEDIUM severity (CVSSv3.1 base 6...

CVE-2026-11448

CVE-2026-11448 affects GL.iNet GL-MT3000 up to version 4.4.5. The vulnerability resides in the Minidlna Service, where the /rpc realpath function can be manipulated via the kube.set argument to cause a remote command injection. The issue can be triggered over the network without user interaction,...

CVE-2026-11447

Summary: CVE-2026-11447 affects GL.iNet GL-MT3000 (firmware up to 4.4.5), specifically the MTK Backend component’s file iwinfo.so and the function iwinfo_backend. By manipulating the device argument, an attacker can trigger a remote command injection , with exploitation reportedly public. The iss...

CVE-2026-11441

The CVE-2026-11441 affects Theonedev Onedev (up to 15.0.5) specifically the Pull Request Handler’s canAccessIssue function in the /issues/ path. The issue arises from manipulation of the issue argument, causing improper authorization. Exploitation is possible remotely. A fix is available in versi...

CVE-2026-11440

The CVE-2026-11440 entry pertained to The Onedev onedev up to version 15.0.5. It involves the REST API path /repositories/{projectId}/default-branch where manipulating the project.defaultBranch argument leads to improper authorization. The issue could be exploited remotely. A fix is available in ...

CVE-2026-11439

The vulnerability CVE-2026-11439 affects Theonedev Onedev up to version 15.0.5 in the Parent Project Handler, specifically the /projects/ function where manipulating the argument project.parentId leads to improper authorization. The attack may be executed remotely. A fix is available in version 1...

CVE-2026-11438

The CVE-2026-11438 affects Theonedev Onedev up to version 15.0.5, where the vulnerability arises from improper authorization in the /projects functionality. Specifically, manipulating the argument project.forkedFromId can enable an unauthorized action, with remote attack potential. The issue is m...

CVE-2026-11437

The CVE-2026-11437 entry describes a server-side request forgery in perfree go-fastdfs-web (up to version 1.3.7). The vulnerability affects the Installation Endpoint, specifically the function checkServer in /install/checkServer. An attacker can remotely trigger SSRF by manipulating inputs, with ...

CVE-2026-11436

Mage AI up to version 0.9.79 is affected in the Sign-in Flow. The vulnerability is in the useMutation function within mage_ai/frontend/components/Sessions/SignForm/index.tsx, where manipulating the query.redirect_url argument triggers cross site scripting. Remote exploitation is possible, and the...

CVE-2026-11435

The vulnerability CVE-2026-11435 affects Jinher OA 1.0, specifically the nextselectplan.aspx file. The issue stems from manipulating the httpOID argument, enabling a SQL injection. It is a network-accessible flaw with LOW confidentiality, integrity, and availability impacts per the CVSS, and has ...

CVE-2026-11434

CVE-2026-11434 affects FluentCMS 0.0.5, specifically the Blocks Plugin via an unknown function in the /admin/blocks file. The issue allows a cross site scripting (XSS) flaw due to manipulation of that function, with remote initiation possible. Public exploits exist according to the record, and th...

CVE-2026-11413

CVE-2026-11413 affects JingDong JD Cloud Box AX6600 (version 4.5.3.r4546). The vulnerable component is the function set_macfilter in /sbin/jdcweb_rpc, whose manipulation triggers a stack-based buffer overflow. Exploitation is possible remotely and exploitation details have been publicly disclosed...

CVE-2026-11412

The CVE-2026-11412 entry describes a SQL injection weakness in Jinher OA C6, via GetFormSn.aspx at /C6/JHSoft.Web.ModuleCount/GetFormSn.aspx. The vulnerability is exploitable by manipulating the queryID parameter from remote, with exploit code publicly available. Affected component is an unknown ...

CVE-2026-11411

CVE-2026-11411 describes a path traversal flaw in iAI Lab PDF AI App 4.21.0 on Android, specifically in the chatpdf.pro component’s getExternalCacheDir function. By manipulating the _display_name argument, an attacker with local access can cause path traversal. The exploit has been released publi...

CVE-2026-11408

Summary of CVE-2026-11408 : A vulnerability exists in vertex-app up to 2026.02.12 affecting the Log Viewer Endpoint, specifically the file app/model/LogMod.js. The issue arises from processing of the query parameter req.query, enabling an os command injection. This can be exploited remotely; expl...

CVE-2026-11406

GL.iNet MT3000 (up to firmware 4.4.5) is affected by a command-injection vulnerability in the ovpnclient.sh component of the OpenVPN Client Import Workflow. Remote exploitation is possible; exploit details have been publicly disclosed. Upgrading to 4.9.0_beta3-1012-0513-1778656146 resolves the is...

CVE-2026-10725

Protocol::HTTP2 for Perl (versions up to 1.12) is vulnerable to an HTTP/2 Bomb. The inbound HPACK path lacks a header-list size limit; headers_decode materialises a full key+value copy per indexed reference with no running size check, and stream_header_block_add appends every CONTINUATION frame u...

CVE-2026-9829

CVE-2026-9829 affects the WordPress plugin Photo Gallery by 10Web – Mobile-Friendly Image Gallery up to version 1.8.41. The flaw is a time-based SQL Injection in the compact_album_order_by shortcode parameter caused by insufficient escaping and lack of parameterized queries. Exploitation requires...

CVE-2026-9016

The CVE concerns the WordPress plugin Debug Log Manager (

CVE-2026-9851

The CVE-2026-9851 entry concerns the Booking Package plugin for WordPress (versions up to 1.7.16). The vulnerability arises from a missing capability check in the updateUser branch of the package_app_action AJAX endpoint, where the handler only validates a nonce and Schedule::updateUser() is invo...

CVE-2026-9594

The WP Maps plugin for WordPress (affected versions up to 4.9.4) is vulnerable to a Stored Cross-Site Scripting (XSS) via the location_messages parameter due to insufficient input sanitization and output escaping. The vulnerability requires authenticated access at administrator level or higher, w...

CVE-2026-8839

The CVE concerns MapPress Maps for WordPress plugin for WordPress. Affected: all versions up to 2.96.6. Root cause: missing ownership verification in REST API routes registered via Mappress_Api::rest_api_init(), with GET /wp-json/mapp/v1/maps/{mapid} using a permissive permission_callback, and wr...

CVE-2026-8611

The Klamra Paycal for Aspaclaria WordPress plugin is vulnerable to Insecure Direct Object Reference through the invoice_id parameter in versions up to 1.1.4, caused by missing validation on a user-controlled key. Authenticated users with subscriber-level access and higher can enumerate post IDs t...

CVE-2026-7624

The CVE concerns the SEO Plugin by Squirrly SEO for WordPress, vulnerable to an authorization bypass in all versions up to and including 12.4.16. The underlying issue is that the plugin fails to verify a user’s authorization before performing privileged cloud API operations. As a result, authenti...

CVE-2026-2500

The Quick Playground WordPress plugin vulnerability (

CVE-2026-7792

Technical details about CVE-2026-7792 are not publicly available in the provided documents. Monitor for updates.

CVE-2026-8978

The CVE covers OptinCraft

CVE-2026-7665

CVE-2026-7665 affects the WordPress plugin Essential Addons for Elementor (up to version 6.6.4). The issue arises in the ajax_load_more handler, with insufficient restrictions on which posts can be returned, enabling unauthenticated attackers to extract data from password-protected, private, or d...

CVE-2026-8502

Technical details for CVE-2026-8502 are not provided in the connected documents; the available description notes exposure via c_status and return_type in LearnPress

CVE-2026-7796

Technical details (affected plugin version, root cause, exploit specifics) are not provided in the supplied documents; monitor for updates.

CVE-2026-7795

The CVE covers the WordPress plugin Click to Chat – WA Widget. Affected component: the [chat] shortcode, parameter num. Root cause: insufficient escaping of user-supplied shortcode attributes inside a JavaScript string that ends up in an HTML onclick attribute; esc_attr() converts quotes to ', wh...

CVE-2026-7537

The CVE concerns the MDJM Event Management WordPress plugin (≤ 1.7.8.3). The vulnerability is an Arbitrary File Upload via the mdjm_send_comm_email function, caused by lack of validation for file type, extension, and MIME type on uploads. This enables authenticated attackers with administrator-le...

CVE-2026-7566

The LearnPress – Backup & Migration Tool (WordPress) is affected by a PHP Object Injection in versions up to and including 4.1.4. The issue arises from deserialization of untrusted input via a WXR XML file upload, and requires authenticated access with administrator-level privileges or higher. If...