366844 matches found
CVE-2026-49323
The CVE concerns the Indian Motorcycle Scout Bobber + Tech 2025 model year WCM–ECM link. Weak authentication allows an adjacent-network attacker with read access to passively capture one seed/key exchange and recover the per-vehicle immobilizer secret because the WCM’s response uses a reversible,...
CVE-2026-48527
HAX CMS (PHP/NodeJS backends) is affected up to version 26.0.0 by a stored XSS in the /system/api/saveNode endpoint. An authenticated user with page-edit permissions can bypass the HTML sanitizer by injecting an event handler attribute without whitespace before the attribute name. Affected compon...
CVE-2026-45043
RustFS vulnerability CVE-2026-45043: prior to 1.0.0-beta.2, improper validation in PUT /rustfs/admin/v3/import-iam lets a user with ImportIAMAction create service accounts under arbitrary parents, including minioadmin, by submitting attacker-controlled parent, claims, accessKey and secretKey. Thi...
CVE-2026-45312
RAGFlow (open-source RAG engine) is affected in 0.24.0 and earlier by a Jinja2 template injection in the prompt generator (rag/prompts/generator.py). This allows any authenticated user to execute arbitrary OS commands on the server via the SSTI chain, once a user registers and creates a Canvas wo...
CVE-2026-9509
CVE-2026-9509 affects Suprema BioStar 2 Server (versions 2.9.8, 2.9.10, 2.9.11). An unhandled exception triggered by unauthenticated HTTP POST requests to the /api/migration endpoint can cause a denial of service, halting critical processes and leaving the system offline until services or the ser...
CVE-2026-9508
The CVE-2026-9508 issue affects Suprema BioStar 2, versions 2.9.3–2.9.11, where incorrect permission settings on a critical resource allow backup ZIP files to be publicly exposed when an admin configures the NGINX webroot path. An attacker with network access can directly download backups via htt...
CVE-2026-8326
CVE-2026-8326 describes a path traversal in Remote Spark SparkView via the RDP drive redirection , enabling an unauthenticated attacker to read and write arbitrary files as root, potentially leading to remote code execution . Affected builds are listed as “before build 1127.” The CVSS 4.0 base sc...
CVE-2025-41281
Nozomi Networks Labs identifies a CWE-78 OS Command Injection in Waterfall WF-500 RX Host (version 7.9.1.0 R2502171040). The root cause is improper neutralization of special elements used in an OS command, triggered when a MySQL connector is configured. Attackers with access to the TX Host can po...
CVE-2025-41280
CVE-2025-41280 affects Waterfall WF-500 RX Host (version 7.9.1.0 R2502171040). The vulnerability is a CWE-23 Relative Path Traversal (Zip Slip) in the MySQL connector scenario when file compression is enabled, allowing a user with access to the TX Host to execute code on the RX Host. Documented i...
CVE-2025-41279
CVE-2025-41279 concerns Nozomi Networks Waterfall WF-500 RX Host (Administration WebUI). A CWE-78 OS Command Injection vulnerability in version 7.9.1.0 R2502171040 allows remote authenticated attackers to execute arbitrary OS commands on the WF-500 RX Host. The underlying root cause is improper n...
CVE-2025-41278
The CVE-2025-41278 entry concerns Nozomi Networks’ Waterfall WF-500 RX Host (version 7.10.0.0 R2601141040). A CWE-125 Out-of-bounds Read vulnerability exists in the RX Host’s handling, enabling code execution on the RX Host by an attacker who has access to the TX Host. The description indicates t...
CVE-2025-41277
CVE-2025-41277 affects Waterfall WF-500 TX and RX Hosts (Console WebUI) running version 7.9.1.0 R2502171040. The issue is CWE-78 OS Command Injection in the Console WebUI that allows remote unauthenticated attackers to execute arbitrary operating system commands on the device. Root cause: imprope...
CVE-2025-41276
CVE-2025-41276 affects Waterfall WF-500 TX and RX Hosts (Console WebUI) running version 7.9.1.0 R2502171040. Nozomi Networks Labs identifies CWE-78 (OS Command Injection) allowing remote unauthenticated attackers to execute arbitrary operating system commands on the device. The vulnerability is t...
CVE-2025-41275
The CVE-2025-41275 entry concerns Waterfall WF-500 TX and RX Hosts (Console WebUI) with a CWE-78 OS command injection in version 7.9.1.0 R2502171040. The root cause is improper neutralization of special elements in the OS command flow, enabling remote unauthenticated attackers to execute arbitrar...
CVE-2025-41274
Waterfall WF-500 TX and RX Hosts (Console WebUI) with version 7.9.1.0 R2502171040 is affected by a CWE-78 OS Command Injection vulnerability. Nozomi Networks Labs identifies that remote, unauthenticated attackers can execute arbitrary operating system commands on the device via the Console WebUI....
CVE-2025-41273
CVE-2025-41273 affects Waterfall WF-500 TX and RX Hosts (version 7.9.1.0 R2502171040). Nozomi Networks Labs describe CWE-288: Authentication Bypass Using an Alternate Path or Channel in the Console WebUI, enabling remote unauthenticated attackers to bypass authentication and perform actions as an...
CVE-2025-41272
The CVE-2025-41272 entry describes a CWE-78 OS Command Injection in the Waterfall WF-500 TX and RX Hosts Console WebUI (version 7.9.1.0 R2502171040). The vulnerability allows remote unauthenticated attackers to execute arbitrary operating system commands on the device through the Console WebUI, i...
CVE-2025-41271
Nozomi Networks Labs identifies a CWE-23 Relative Path Traversal affecting Waterfall WF-500 TX and RX Hosts (version 7.9.1.0 R2502171040) via the Console WebUI. An unauthenticated remote attacker could read arbitrary files on the device through this vulnerability. The provided documents do not sp...
CVE-2025-41270
CVE-2025-41270 affects Waterfall WF-500 TX and RX Hosts (version 7.9.1.0 R2502171040). The vulnerability is in the Console WebUI and stems from CWE-78, Improper Neutralization of Special Elements used in an OS Command (OS Command Injection). It allows remote unauthenticated attackers to execute a...
CVE-2025-41269
The CVE-2025-41269 entry describes a remote OS Command Injection (CWE-78) affecting Waterfall WF-500 Series controllers: Console WebUI on TX/RX Hosts, version 7.9.1.0 R2502171040. Root cause is improper neutralization of special elements in the OS command execution path, permitting remote unauthe...
CVE-2025-41268
CVE-2025-41268 affects Waterfall WF-500 TX/RX Hosts (Administration WebUI) running version 7.9.1.0 R2502171040. The issue is a CWE-23 Relative Path Traversal in the Admin WebUI that could allow remote unauthenticated attackers to delete arbitrary files on the host machines. Connected sources conf...
CVE-2025-41267
The CVE-2025-41267 entry concerns Nozomi Networks’ Waterfall WF-500 TX Host (Administration WebUI), affected version 7.9.1.0 R2502171040. It reports a CWE-78 OS Command Injection in the Administration WebUI that can be triggered by remote authenticated attackers to execute arbitrary operating sys...
CVE-2025-41266
CVE-2025-41266 affects Waterfall WF-500 TX Host (Administration WebUI), version 7.9.1.0 R2502171040. Root cause: CWE-78 OS Command Injection in the web interface, enabling remote authenticated attackers to execute arbitrary operating system commands on the WF-500 TX Host. Documented impact includ...
CVE-2026-9811
CVE-2026-9811 is a stored XSS vulnerability in Mautic 7, specifically in the project selector component. The issue arises when rendering AJAX-returned project names into DOM option fields without proper sanitization; an authenticated user with project creation rights can inject malicious script v...
CVE-2025-41265
CVE-2025-41265 affects Waterfall WF-500 TX Host (Administration WebUI) in version 7.9.1.0 R2502171040. The issue is CWE-78: OS Command Injection due to improper neutralization of special elements, allowing remote authenticated attackers to execute arbitrary operating system commands on the host. ...
CVE-2024-13745
Technical details for CVE-2024-13745 are not publicly available in the provided documents; no affected products, root cause, or remediation are described. Monitor for updates.
CVE-2026-9809
CVE-2026-9809 describes a stored XSS in Mautic 7, in the Projects component. User-supplied project names rendered on project tags/popovers in admin detail views can be exploited by an authenticated user with create/edit permissions to inject script payloads. When an admin views an entity linked t...
CVE-2026-9808
CVE-2026-9808 affects Mautic 7 API v2 endpoints (API Platform). Under certain conditions, roles with owner-scope restrictions (viewown/editown) are not properly enforced, allowing low-privilege authenticated API users to bypass ownership-logic and access or modify resources belonging to others. C...
CVE-2026-9559
CVE-2026-9559 describes a path traversal vulnerability in Mautic 7 within the campaign import feature. During ZIP extraction in campaign imports, a flaw in the validation logic allows file paths to escape the intended temporary directories, enabling an authenticated user with campaign import priv...
CVE-2026-9558
This CVE describes a Server-Side Template Injection (SSTI) in Mautic’s theme engine. The platform renders uploaded Twig templates without a sandbox or strict function restrictions. With authenticated access to create or upload themes, an attacker could execute arbitrary code on the hosting server...
CVE-2026-42965
CVE-2026-42965 affects the OpenShift Router. The issue arises when a user with EndpointSlice write access creates a Service backed by an FQDN EndpointSlice that resolves to a cloud metadata endpoint, allowing the router to proxy requests to that endpoint and disclose instance credentials and othe...
CVE-2026-46579
OpenShift Router flaw: when Route.insecureEdgeTerminationPolicy is Allow, the HTTP frontend does not strip X-SSL-Client-* headers, enabling an unauthenticated attacker to craft requests that bypass mutual TLS authentication by impersonating client certificate identities. Affected component: OpenS...
CVE-2026-9557
CVE-2026-9557 describes a Server-Side Request Forgery (SSRF) in Mautic’s Focus component. The root cause is insufficient validation of user-supplied URLs, allowing an authenticated user to cause the hosting server to perform outbound HTTP requests. This can enable internal network reconnaissance ...
CVE-2026-10078
The CVE-2026-10078 entry concerns Quay config-tool’s GitLab OAuth validator. The vulnerability causes client_id and client_secret to be sent in plaintext via URL query parameters during POST requests to the GitLab endpoint, enabling potential exposure of credentials in logs (server access logs, r...
CVE-2025-12714
The CVE-2025-12714 relates to the Rank Math SEO – AI SEO Tools to Dominate SEO Rankings WordPress plugin. Concrete detail: a missing capability check in update_site_editor_homepage affects all versions up to 1.0.271, enabling unauthenticated modification of settings such as homepage title, meta d...
CVE-2026-49201
The CVE-2026-49201 entry concerns Acer Wave 7 routers (upload.cgi handling device backups) with a hardcoded AES encryption key. The underlying issue is a fixed cryptographic key embedded in the backup processing binary, enabling an attacker to decrypt, modify, and re-encrypt backups, which can fa...
CVE-2026-49200
The CVE-2026-49200 entry affects Acer Wave 7 router firmware. The root issue is that the acer_cgi.log file is accessible without authentication via the web interface, and this log contains cleartext credentials for web and Telnet. This exposure can lead to unauthorized system access and high impa...
CVE-2026-49199
The CVE-2026-49199 entry describes a root‑level RCE via crafted MQTT messages, enabling command injection on the target device. Connected records identify Predator Connect W6x as affected (CVE-2026-49199 CVE Record). The core issue is a vulnerability in handling MQTT payloads that allows arbitrar...
CVE-2026-10058
The CVE-2026-10058 entry concerns ITS Intelligent SCADA System by ITP Technology and describes a Stored Cross-Site Scripting vulnerability that allows privileged remote attackers to inject JavaScript executed in users’ browsers on page load. Documents confirm the affected product, vulnerability t...
CVE-2026-10057
CVE-2026-10057 affects the ITS Intelligent SCADA System from ITP Technology. The vulnerability is a Stored Cross-Site Scripting (XSS) issue that lets privileged remote attackers inject persistent JavaScript that runs in users’ browsers when a page loads. The available documents confirm the affect...
CVE-2026-49198
CVE-2026-49198 affects Predator Connect W6x: MQTT broker. The issue is improper access control that enables wildcard topic subscriptions, which can expose all MQTT traffic to unauthorized actors. Documents do not specify the vulnerable component beyond the broker, nor do they provide version numb...
CVE-2026-9189
Product & component : WordPress, Contact Form 7 – PayPal & Stripe Add-on. Vulnerability : Payment Bypass via IPN handling flaw in cf7pp_paypal_ipn_handler where the IPN payload’s mc_gross, mc_currency, or receiver_email aren’t compared against stored order values before passing the attacker-contr...
CVE-2026-49197
The CVE affects web endpoints used by the Acer Connect app, where the Authorization header is not properly validated. The underlying issue is improper handling of Base64 decoding failures, allowing requests that should be blocked. CVSS indicates a CRITICAL impact with high consequences for confid...
CVE-2026-49196
Predator Connect W6x firmware exposes a web-interface command injection via the Wi‑Fi device blocking feature, caused by inadequate MAC address input sanitization. This permits arbitrary shell command execution through the affected component. The CVSS details indicate network access with high imp...
CVE-2026-10056
CVE-2026-10056 – Nx Witness VMS : A CORS misconfiguration in the REST API (pre-6.1.2) running in Standard security mode on Linux/Windows allows an unauthenticated attacker to exfiltrate a user session token and perform Administrator Account Takeover via a malicious cross-origin page. The High sec...
CVE-2026-49195
The CVE CVE-2026-49195 affects Predator Connect W6x devices, where the /sbin/mtk_dut binary is exposed on TCP port 9000 with no authentication. This unauthenticated debug service allows any LAN-based attacker to execute arbitrary UCC commands. The associated CVSS v4.0 metrics indicate high impact...
CVE-2026-10052
The CVE-2026-10052 entry describes a flaw in Quay config-tool where LDAP and SMTP validation endpoints can initiate outbound connections to user-supplied endpoints. With config editor access, an attacker can trigger requests from the Quay pod, enabling potential internal network reconnaissance an...
CVE-2026-10039
The CVE-2026-10039 entry concerns the WordPress plugin Frontend Admin by DynamiApps. Affected versions up to and including 3.28.28 are vulnerable to a generic SQL Injection via the 'order' parameter due to insufficient escaping of user input and inadequate preparation of the existing SQL query. A...
CVE-2026-6075
The Media Library Assistant WordPress plugin is affected by a Cross-Site Request Forgery (CSRF) vulnerability up to version 3.35 due to missing nonce verification on bulk action handlers in the settings tab. This could allow an unauthenticated attacker to trick an administrator into performing bu...
CVE-2026-49212
Technical details for CVE-2026-49212 are not publicly available in the provided documents; no affected products, impact, or remediation are described. Monitor for updates.