CVE-2025-22424

CVE-2025-22424 is described across multiple sources as an Android vulnerability arising from improper input validation that can cause images to be revealed across users, enabling local privilege escalation with no extra execution privileges. The NVD entry assigns a CVSS v3.1 base score of 7.8 (Hi...

CVE-2026-40964

Cloud Foundry Foundation reports an Authentication Bypass in cf-auth-proxy that permits an unauthenticated remote attacker to read all logs and metrics for all apps and platform components by minting a JWT accepted as a valid logs.admin token. Affected: log-cache_release up to v3.2.6 (inclusive);...

CVE-2026-49491

Technical details beyond the initial description are not publicly available in the provided documents. Monitor for updates from connected sources to obtain confidential details, affected versions, or remediation steps.

CVE-2018-25435

CVE-2018-25435 describes a cross-site request forgery (CSRF) in ZeusCart 4.0 that allows an attacker to perform unauthorized admin actions on behalf of a victim. Specifically, by convincing a logged-in admin to visit attacker-controlled pages, requests to the regstatus endpoint with action=deny c...

CVE-2018-25434

WP AutoSuggest 0.24 is affected by an unauthenticated SQL injection in the wpas_keys parameter of autosuggest.php. An attacker can send crafted GET requests to extract sensitive data from WordPress posts and other tables. Root cause is unsafely injected wpas_keys handling in the plugin’s autosugg...

CVE-2018-25433

Technical details for CVE-2018-25433 are not publicly available in the provided documents. Monitor for updates.

CVE-2018-25432

Arm Whois 3.11 is affected by a local buffer overflow that allows code execution via exception handler hijacking. An input file crafted with a 672-byte offset can overwrite nSEH and SEH pointers, enabling arbitrary code execution when the structured exception handler is triggered. CVSS data prese...

CVE-2018-25431

CVE-2018-25431 affects No-CMS 1.0 and describes an SQL injection in the order_by parameter of the manage_privilege export endpoint. An authenticated attacker can submit a crafted POST request to /nocms/main/manage_privilege/index/export with SQL payload in order_by[0] to manipulate database queri...

CVE-2018-25430

Paroiciel 11.20 contains an SQL injection vulnerability in the egeq.php endpoint, exploitable by an authenticated user via the egeqIdEquipe parameter in GET requests to execute arbitrary SQL and extract sensitive database information (including version details). This aligns with the CVSS metrics ...

CVE-2018-25429

Paroiciel 11.20 contains an SQL injection in zpro.php via the zProIdPro parameter, exploitable by authenticated users to run arbitrary SQL and exfiltrate sensitive DB info (usernames, databases, version). CVSS 4.0/3.1 base scores are HIGH (7.1) with NETWORK attack vector and LOW privileges requir...

CVE-2018-25428

Technical details are not publicly available in the provided documents. Monitor for updates.

CVE-2018-25427

CVE-2018-25427 pertains to Arm Whois 3.11, where a stack-based buffer overflow allows remote code execution by sending oversized input to the IP address or domain field. Input longer than 658 bytes with shellcode can overwrite the Structured Exception Handler, enabling command execution during pr...

CVE-2026-10292

Technical details are not publicly available in the provided documents. Monitor for updates.

CVE-2026-10291

CVE-2026-10291 affects Enderfga claw-orchestrator (up to 3.7.0). The vulnerability lies in the function validateRegex in claw-orchestrator/src/embedded-server.ts of the Session Grep Endpoint , where manipulating the argument body.pattern leads to inefficient regular expression complexity. Remote ...

CVE-2026-10290

The vulnerability CVE-2026-10290 affects code-projects Hotel and Tourism Reservation System 1.0, specifically the GET Parameter Handler’s tour.php. The issue arises from an unspecified function allowing manipulation of the tour argument, leading to SQL injection. Remote exploitation is possible a...

CVE-2026-10289

The CVE concerns code-projects Hotel and Tourism Reservation System 1.0. Affected is an unknown function in the file /ht/tour.php where manipulating the arguments /email, /people, or /number leads to cross-site scripting. The attack is remote, and the exploit has been released publicly. No remedi...

CVE-2026-10288

The vulnerability affects code-projects Hotel and Tourism Reservation System 1.0 (Admin Login component). The issue lies in the function password_verify in /admin/login.php, where manipulation of the Password argument leads to improper authentication. It is exploitable remotely, and a publicly av...

CVE-2026-49433

The CVE affects DeepAI’s endpoint https://api.deepai.org/change_user_email, where POST requests lack CSRF protection. An attacker could lure a logged-in user to visit a malicious link, enabling the attacker to change the user’s email address and potentially take over the account. The issue is mit...

CVE-2026-49140

Nanobot before version 0.2.1 contains a denial-of-service vulnerability in the Matrix channel media download handler. Authenticated room members can trigger large, concurrent media downloads by sending media events with missing or invalid size metadata, causing response bodies to materialize befo...

CVE-2026-49139

Summary: Nanobot before 0.2.1 contains a server-side request forgery (SSRF) in the Microsoft Teams channel handler, enabling attackers to exfiltrate Bot Framework bearer tokens. By sending a forged inbound activity with an attacker-controlled serviceUrl, an adversary can poison the stored convers...

CVE-2026-10287

The vulnerability affects SourceCodester SEO Meta Tag Extractor 1.0, specifically the get_headers function in /index.php. The issue arises from manipulating the url parameter, enabling server-side request forgery (SSRF) that can be initiated remotely. Exploit details have been publicly disclosed....

CVE-2026-49138

Nanobot prior to version 0.2.1 contains a server-side request forgery (SSRF) in the web_fetch tool. An attacker can supply a URL that redirects to a loopback or private address via a 3xx Location header, taking advantage of the httpx library’s automatic redirect-follow behavior to bypass initial ...

CVE-2026-10286

CodeAstro Payroll System 1.0 is affected by a SQL injection in /home_employee.php via the emp_id parameter. The vulnerability can be exploited remotely, and public exploit code exists. The NVD/CNA metrics indicate a Medium severity (CVSS 4.0/3.1/2.0 variants). No remediation details are provided ...

CVE-2026-5419

The CVE-2026-5419 issue affects the GnuTLS library: PKCS#7 padding removal during decryption may leak padding information via timing differences due to non-constant-time checks. This is an information-disclosure risk. Reports and patches across multiple distros exist: SUSE-2026-2115; Ubuntu USN-8...

CVE-2026-10285

The CVE-2026-10285 affects DevaslanPHP project-management (up to 2.0.0-beta1). The issue lies in KanbanScrumHelper::recordUpdated (file app/Helpers/KanbanScrumHelper.php) where manipulation leads to improper authorization, enabling a remote attack. The available sources do not specify exploit vec...

CVE-2026-49136

Banana Slides (v0.4.0) contains a path traversal in ai service backend’s generate_image() that lets unauthenticated attackers read arbitrary image files outside the uploads directory. Root cause: incomplete path prefix check via os.path.startswith(), without a trailing separator, allowing crafted...

CVE-2021-46747

CVE-2021-46747 involves AMD’s Secure Processor (ASP) and is detailed in AMD’s security bulletins. The issue is described as insufficient granularity of access control in the ASP, which could allow an attacker with an untrusted user-space application to map sensitive SMN (System Management Network...

CVE-2026-10284

The CVE-2026-10284 entry concerns DevaslanPHP Project-Management up to version 2.0.0-beta1. The vulnerability affects the Livewire Handler component, specifically the editComment and doDeleteComment functions within app/Filament/Resources/TicketResource/Pages/ViewTicket.php. The root cause is imp...

CVE-2026-49135

CVE-2026-49135 affects CodexBar up to version 0.31.x (before 0.32.0). The issue is insecure temporary file handling in the notarization workflow, enabling a local attacker with access to the same host to read the App Store Connect API key written to a fixed path, pre-create files or symlinks to r...

CVE-2026-49134

CodexBar prior to 0.32.0 is affected by a local privilege-escalation in the CLI installer due to a race condition in temporary file handling. The installer uses mktemp to create a privileged temporary file, writes a shell payload into it, and then executes it with administrator privileges via bas...

CVE-2026-24751

Kiteworks CVE-2026-24751 is a reflected XSS in Kiteworks Secure Data Forms present before version 9.3.0. An attacker could induce a user to execute arbitrary JavaScript via a crafted input, over a network, with user interaction required. The vulnerability’s impact includes high confidentiality ri...

CVE-2026-43625

CodexBar vulnerability CVE-2026-43625 affects versions prior to 0.32.0. Affected component: CodexBar session handling for Amp and Ollama provider sessions. Root cause: improper redirect handling allows an on-path attacker to observe imported browser session cookies in cleartext HTTP requests when...

CVE-2026-10283

CVE-2026-10283 affects Bottelet DaybydayCRM up to version 2.2.1. The vulnerability is in an unknown function of the Setting Handler, where manipulation leads to missing authentication. Remote exploitation is possible. A patch is recommended to fix the issue.

CVE-2026-10282

CVE-2026-10282 affects Bottelet DaybydayCRM (up to version 2.2.1). The vulnerability is in the view function of app/Http/Controllers/DocumentsController.php, enabling improper authorization from a remote attacker. The description notes that applying a patch resolves the issue. No exploit details ...

CVE-2026-47294

CVE-2026-47294 describes a SharePoint Server remote code execution via deserialization of untrusted data in Microsoft Office SharePoint. The vulnerability allows an authenticated, network-connected attacker to potentially run code on the affected server. The linked Microsoft advisories indicate t...

CVE-2026-43624

F5-TTS up to v1.1.20 contains a path traversal vulnerability in the finetune Gradio handlers that allows unauthenticated attackers to write arbitrary files by passing unsanitized project names to os.path.join() without validating the resulting path. An attacker can supply absolute paths (e.g., /t...

CVE-2026-10281

The CVE-2026-10281 affects Enderfga claw-orchestrator

CVE-2026-23638

Kiteworks CVE-2026-23638 is an Insecure Direct Object Reference (IDOR) vulnerability in Kiteworks Secure Data Forms, affecting versions prior to 9.3.0. An authenticated attacker can tamper with internal approval flow configurations of other users’ forms due to insufficient authorization checks on...

CVE-2026-43623

CVE-2026-43623 affects microtar up to version 0.1.0. A stack-based buffer overflow in the raw_to_header() function (src/microtar.c) can be triggered by crafted TAR archives with non-null-terminated name or linkname fields. The function uses strcpy() to copy 100-byte ustar fields, which can write ...

CVE-2026-9330

IBM WebSphere Application Server 9.0 and 8.5 are affected by CVE-2026-9330 due to improper validation of user-supplied data during deserialization in the SAML Web Single Sign-On component, potentially enabling remote code execution via a crafted HTTP request with a gadget chain. Affected products...

CVE-2026-30963

Capsule (a Kubernetes multi-tenancy framework) relied on a webhook to validate namespace updates, but prior to v0.13.0 it did not intercept namespace/status or namespace/finalize subresource changes. This omission enables a tenant with permission to modify those subresources to hijack other names...

CVE-2026-10280

Affected product: horizon921 mcpilot 0.1.0. The vulnerability is in the MCP API Call Endpoint, specifically the function in client/src/app/api/mcp/call/route.ts where manipulating the serverBaseUrl enables server-side request forgery (SSRF). Remote exploit disclosed publicly; the issue was report...

CVE-2026-21543

Technical details are not publicly available in the provided documents; monitor for updates.

CVE-2026-21539

Technical details for CVE-2026-21539 are not publicly available in the provided documents. Monitor for updates from sources like the hkcert bulletin referenced by CIRCL; the OSV entry has no described details.

CVE-2026-21542

Technical details for CVE-2026-21542 are not publicly available in the provided documents; at this time, no affected products, impact, or remediation are disclosed. Monitor for updates from HKCERT/OSV.

CVE-2026-21545

Technical details for CVE-2026-21545 are not publicly available in the provided documents. Monitor for updates from authoritative sources.

CVE-2026-21544

Technical details for CVE-2026-21544 are not publicly available in the provided documents. Monitor for updates from sources like HKCERT/OSV for any disclosed details or mitigations.

CVE-2026-28574

The connected OSV entry describes a race condition in HostEmulationManager.java within onServiceConnected that could allow local privilege escalation with no user interaction required. Details specify a BAL-type risk and indicate exploitation via a race condition, with no explicit patch or workar...

CVE-2026-21541

Technical details are not publicly available in the provided documents. Monitor for updates on CVE-2026-21541 as more information is published.

CVE-2026-21546

Technical details for CVE-2026-21546 are not publicly available in the provided documents. Monitor for updates.