CVE-2026-45613

CVE-2026-45613 affects Rizin; a heap-buffer-overflow is reported in the OMF parser (librz/bin/format/omf/omf.c). The vulnerability is mitigated by the commit e6d0937c8a083e23ed76ccfb9f631cdc50c7af47. CVSSv3.1 vector from the entry: AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N with base score 3.3 (LOW). Th...

CVE-2026-38739

CVE-2026-38739 is linked to a GitHub advisory for ezsystems/ezpublish-legacy, describing a local-access SQL injection in dfscleanup (dfscleanup.php) and the _getFileList method of eZDFSFileHandlerMySQLiBackend (mysqli.php). The issue enables a union-based SQL injection when an attacker has local ...

CVE-2026-47266

CVE-2026-47266 - Formie (Craft CMS plugin) Affected: Formie plugin for Craft CMS. Vulnerable in versions prior to 2.2.21 and 3.1.26. Root cause: Unauthenticated users could modify existing submissions by posting a known or guessed submission ID to formie/submissions/save-submission. Impact: Allow...

CVE-2026-45697

Formie (Craft CMS plugin) exposes a pre-authenticated server-side template injection via Hidden fields configured with Default value → Custom. Unauthenticated users could submit crafted values that are evaluated as Twig during submission handling, potentially compromising the Craft site. Affected...

CVE-2026-34127

CVE-2026-34127 affects TP-Link TL-SG108PE v5 switches. The vulnerability is a stored XSS in the web management interface caused by improper sanitation of the SYSNAM configuration parameter during configuration file import. An attacker with administrator access can inject malicious script into the...

CVE-2026-31039

Technical details for CVE-2026-31039 are not publicly available in the provided documents. Monitor for updates from CIRCL and other sources for sightings or disclosures.

CVE-2026-42500

CVE-2026-42500 affects decoding in golang.org/x/image/bmp for paletted BMP images. The issue is triggered by decoding a BMP with an out-of-range palette index, causing a panic when accessing pixels in the invalid image. Root cause: palette index validation failure during palette/pixel processing....

CVE-2026-48555

Spatie Laravel Media Library (≤11.22.x) is affected by an SSRF in addMediaFromUrl() used by InteractsWithMedia.php, allowing a remote attacker to induce the server to make arbitrary outbound HTTP requests by providing user-controlled URLs. Impact aligns with CVSS: Network, with low to moderate co...

CVE-2026-4387

StrongDM Desktop Application prior to 23.74.0 (Desktop Client before 53.77.0) stores authentication state in cleartext in a per-user file C:\Users.sdm\state.kv, exposing a JSON Web Token and asymmetric key material. Access requires local read to the user profile and additional deployment/executio...

CVE-2026-49385

JetBrains YouTrack is affected by CVE-2026-49385 in versions before 2026.1.13570, due to improper access control that allows low-privileged users to modify service accounts. The exposed component is YouTrack’s service account management, with an underlying cause described as access control failur...

CVE-2026-49386

CVE-2026-49386 affects JetBrains YouTrack prior to 2026.1.13570, where an improper access control allows enumeration of restricted issues and articles on Planning Canvas. The issue’s impact is limited to information exposure (enumeration) without indicating broader code execution or data modifica...

CVE-2026-49384

JetBrains PyCharm before 2025.3.4 is affected by a stored XSS vulnerability in Jupyter notebook Markdown cells. The CVE notes untrusted content in Markdown cells can be rendered, enabling potential script execution. Supported data: CVSS 3.1 base score 6.1 (Network attack vector, required user int...

CVE-2026-49383

JetBrains IntelliJ IDEA prior to 2026.1 has a low-severity issue in the UI Designer form parser (xXE) that is locally exploitable with user interaction required. The CVSS 3.1 vector indicates Local access, Low complexity, no privileges, with Confidentiality impact Low and no impact on Integrity/A...

CVE-2026-49382

CVE-2026-49382 affects JetBrains IntelliJ IDEA prior to 2026.1. The issue allows code execution via template injection in the Copyright plugin. This is the concrete vulnerability described across trusted sources; no exploit details are provided in the connected documents. The core root cause is t...

CVE-2026-49380

CVE-2026-49380 : In JetBrains TeamCity (before 2026.1), the SAML plugin allows an open redirect. Affected product: JetBrains TeamCity with the SAML plugin; root cause: improper redirection handling in the SAML plugin leading to open redirect. Impact: potential user redirection to arbitrary URL. R...

CVE-2026-49381

JetBrains TeamCity prior to version 2026.1 is affected by a stored cross-site scripting (XSS) vulnerability on the SAML login page. The issue allows an attacker to inject content that could be rendered in the victim’s browser, with the CVSS basis indicating UI interaction is required and privileg...

CVE-2026-49378

JetBrains TeamCity prior to version 2026.1 exposes credentials parameters through parameter autocompletion. Affected product: TeamCity server. Root cause: credential values were surfaced in autocompletion UI, enabling potential disclosure. This entry provides no specific exploit details, affected...

CVE-2026-49379

CVE-2026-49379 affects JetBrains TeamCity prior to 2026.1. The issue is that credentials could be exposed in thread names, per the advisory. Affected product/branch: TeamCity (before 2026.1). Root cause and exact impact details are not fully specified in the provided documents beyond credential e...

CVE-2026-49377

JetBrains TeamCity is affected: exposure of sensitive data via default agent parameters in versions prior to 2025.11.2. Root cause: data exposure due to default agent parameters. Impact: potential leakage of sensitive information. The connected sources do not provide a specific fix/version beyond...

CVE-2026-49376

CVE-2026-49376 affects JetBrains TeamCity prior to 2026.1 via the SAML plugin , where the root cause is insufficient username validation . The vulnerability is exploitable remotely over the network with low complexity and no privileges or user interaction required, and it has a confidentiality/ i...

CVE-2026-49375

CVE-2026-49375 relates to JetBrains TeamCity prior to 2026.1, with a reflected XSS on the repository download page in version 2025.11.5. The CVE has a CVSS 3.1 base score of 6.1 (MEDIUM) with a network attack vector, requiring user interaction and no privileges, and results in low confidentiality...

CVE-2026-49372

CVE-2026-49372 affects JetBrains TeamCity prior to 2026.1, with an unauthenticated SSRF via build status disclosed (noted as of 2025.11.5). The available sources confirm the vulnerability class (SSRF) and the affected product/version window, but do not provide patch details or remediation steps i...

CVE-2026-49374

CVE-2026-49374 affects JetBrains TeamCity before 2026.1, where improper permission checks exposed build configuration parameters. The CVSS 3.1 base score is 7.6 (HIGH) with Network attack vector, Low attack complexity, Privileges Required: LOW, and UI none. Impact: Confidentiality HIGH, Integrity...

CVE-2026-49373

CVE-2026-49373 affects JetBrains TeamCity prior to 2026.1, enabling remote code execution via Perforce connection settings. The connected sources confirm the vulnerability exists in that product/version, but do not provide additional exploit details, affected subcomponents, or remediation steps. ...

CVE-2026-49370

CVE-2026-49370 affects JetBrains YouTrack prior to version 2026.1.13162, where information disclosure could occur via fetchApp requests. The vulnerability exposes confidential data without impacting integrity or availability per the provided metrics; no exploitation details are given in the sourc...

CVE-2026-49371

CVE-2026-49371 affects JetBrains TeamCity prior to version 2026.1.1, where the keyword filter is vulnerable to a reflected XSS. The CVE entry documents an in-the-wild impact of a high-severity issue (CVSS 3.1: 7.1, NETWORK attack vector, UI interaction required) originating from insufficient inpu...

CVE-2026-49367

CVE-2026-49367 affects JetBrains IntelliJ IDEA prior to 2026.1.1. The issue enables command execution via the guest user account. The available sources in the provided documents describe the vulnerability at a high level (guest-user-triggered command execution) without detailing the exact exploit...

CVE-2026-49369

JetBrains YouTrack before 2026.1.13162 is affected by an information disclosure vulnerability on the Users and Groups pages. The issue is exposed in versions prior to 2026.1.13162; CVSS 3.1 base score 4.3 (Medium). No root-cause or exploit details are provided in the documents. The fix is to upgr...

CVE-2026-49368

CVE-2026-49368 affects JetBrains YouTrack prior to version 2026.1.13162. The issue is a stored XSS in project notification templates. According to the entry, the vulnerability can be triggered remotely (attack vector: NETWORK) with low privileges required and user interaction needed, leading to h...

CVE-2026-49366

CVE-2026-49366 affects JetBrains IntelliJ IDEA prior to 2026.1.1. The issue enables command injection via filename completion, with CVSSv3.1 base score 7.8 (HIGH) and user interaction required. The root cause is not detailed in the provided documents; affected component is IntelliJ IDEA’s filenam...

CVE-2026-46344

CVE-2026-46344 pertains to the liboqs C library (post-quantum cryptography). Before v0.16.0, there is a heap/out-of-bounds risk in XMSS/XMSS^MT stateful signature verification when a public key’s OID points to a larger parameter set than the declared algorithm, causing xmss_sign_open / xmssmt_sig...

CVE-2026-44518

liboqs (C library for post-quantum crypto) exposes a buffer overread in XMSS/XMSS^MT stateful signature verification prior to 0.16.0. If verify is called with a signature shorter than the parameter’s sig_bytes, length isn't validated and the code reads past the end of the signature buffer. The ex...

CVE-2026-9051

CVE-2026-9051 describes an authentication bypass in the NI SystemLink Enterprise Dashboard, affecting 2026-04 and earlier. An unauthenticated remote attacker can bypass authentication controls via a specially crafted HTTP request, potentially leading to privilege escalation or information disclos...

CVE-2026-47740

Shopper: Authorization bypass vulnerability in a headless e-commerce Admin Panel. Before 2.8.0, multiple Filament actions on the admin Order detail and Order shipments tables could be invoked by an authenticated user with only read_orders or browse_orders permissions, without needing edit_orders....

CVE-2026-47741

CVE-2026-47741 affects Shopper, a Headless e-commerce Admin Panel. Before 2.8.0, CreateOrderFromCartAction::execute created the Order row before incrementing the discount’s total_use, allowing a race condition under concurrent checkout that silently exceeded the global usage_limit and applied the...

CVE-2026-47742

Affected software: Shopper: Headless e-commerce Admin Panel. Vulnerability summary: Before version 2.8.0, sub-form Livewire components used in the product editor (Edit, Inventory, Seo, Shipping, Files) lacked authorization on their store() method. This allowed any authenticated panel user, regard...

CVE-2026-47744

CVE-2026-47744 affects Shopper: a Headless e-commerce Admin Panel. Two authorization flaws in Settings/Team enable RBAC takeover prior to version 2.8.0. First, Settings/Team/Index had no mount() authorization, allowing any authenticated panel user to load the page and perform public actions to cr...

CVE-2026-47745

CVE-2026-47745 affects Shopper: Headless e-commerce Admin Panel. Before 2.8.0, admin tables for PaymentMethods, Currencies and Carriers exposed inline toggles and per-record actions (enable/disable/edit/delete) without per-action permission checks, allowing a low-privilege authenticated user to d...

CVE-2026-44651

SillyTavern’s CVE-2026-44651 affects the CORS proxy middleware (src/middleware/corsProxy.js). Before version 1.18.0, when fetch(url) throws, the code writes a 500 error response that includes the attacker-controlled url directly in plain text: "Error occurred while trying to proxy to: " + url + …...

CVE-2026-44650

CVE-2026-44650 affects SillyTavern (local UI for LLMs) where the POST /api/extensions/delete endpoint accepts extensionName: "." and bypasses sanitize-filename validation. This causes path traversal that deletes the entire user extensions directory (and potentially the global extensions dir) with...

CVE-2026-40425

CVE-2026-40425 affects the Danelec MacGregor Voyage Data Recorder (VDR) web interface. The vulnerability allows the administrator account to directly edit sensitive authentication-related files, potentially changing the root password. This is supported by ICS-CERT/DHS metrics indicating impact to...

CVE-2026-44648

CVE-2026-44648 affects SillyTavern where authentication relies on cookie-session, storing session data in a signed client cookie. Prior to version 1.18.0, endpoints POST /api/users/change-password and POST /api/users/recover-step2 only update the password hash and do not expire existing sessions,...

CVE-2026-44649

SillyTavern) vulnerability (CVE-2026-44649) affects SillyTavern before version 1.18.0 where header-based SSO authentication can be bypassed. The root cause is lack of validation that Remote-User (Authelia) and X-Authentik-Username (Authentik) headers originate from a trusted reverse proxy. The lo...

CVE-2026-42929

CVE-2026-42929 affects the Danelec MacGregor Voyage Data Recorder (VDR) — specifically the G4e line — where default accounts are hard-coded. This represents a credential-related vulnerability (high impact) with CVSS 3.1/3.4-like metrics indicating unauthorized access potential from adjacent netwo...

CVE-2026-44652

SillyTavern is affected by an SSRF in the optional CORS proxy middleware (corsProxyMiddleware). Before version 1.18.0, it forwards req.params.url directly into fetch(url, ...) without enforcing a destination allowlist or blocking private/loopback targets, enabling an attacker-controlled URL to re...

CVE-2026-44611

CVE-2026-44611 affects Danelec MacGregor Voyage Data Recorder. The password storage uses a hashing method that limits password length and is susceptible to brute-force attacks, potentially compromising authentication. According to the provided metrics, the vulnerability has a CVSS base score arou...

CVE-2026-46372

SillyTavern

CVE-2026-42951

CVE-2026-42951 concerns the Danelec MacGregor Voyage Data Recorder (VDR) device. The description across sources states an authenticated user can download a backup of the VDR that includes account data and password hashes. The connected records corroborate credentials exposure as the primary issue...

CVE-2026-42941

The CVE-2026-42941 relates to the Danelec MacGregor Voyage Data Recorder (VDR) G4e, which ships with default credentials and no enforced password change. The confirmed issues include hard-coded/default accounts, an authenticated user being able to download device backups containing account data a...

CVE-2026-45668

CVE-2026-45668 affects Trilium Notes prior to 0.102.2. A malicious ZIP imported with Safe Import enabled can lead to remote code execution via a #docName path traversal and XSS by combining a payload note (type: code, mime: text/plain) containing HTML/JS with a trigger note (type: doc or launcher...