CVE-2026-50885

CVE-2026-50885 concerns Sismics Docs (Teedy) with version v1.11, where an incorrect access control flaw in the share-based read endpoints enables unauthorized attackers to access sensitive endpoints via a crafted request. The related advisories consistently describe limited information about root...

CVE-2025-55647

The CVE-2025-55647 entry concerns GPAC MP4Box v2.4. The vulnerability is an Out-of-Memory in mp4_mux_cenc_insert_pssh (filters/mux_isom.c) that allows a crafted MP4 file to cause a Denial of Service. Affected component is the mp4_mux_cenc_insert_pssh function; the root cause is memory exhaustion ...

CVE-2025-68713

Rakuten Send Anywhere for Android (com.estmob.android.sendanywhere, version 23.2.9) is affected. A vulnerability allows untrusted applications with no permissions to trigger arbitrary file downloads into the app’s scoped storage, with downloaded items appearing in the app’s trusted Received inter...

CVE-2026-50886

Summary: CVE-2026-50886 describes an access-control flaw in the webhook management component of Project Firefly III (version 6.5.9). The root cause is an incorrect access-control implementation, enabling an attacker to scan internal resources by sending a crafted POST request. Affected software: ...

CVE-2025-55652

GPAC MP4Box v2.4 is affected by a heap buffer overflow in gf_isom_vp_config_new (isomedia/avc_ext.c), enabling DoS via a crafted MP4 file. This is documented across multiple sources (CVE-2025-55652, EUVD-2025-210150, NVD, CVELIST, etc.). The vulnerability details specify the vulnerable function a...

CVE-2025-55663

GPAC MP4Box v2.4 is affected by a vulnerability in Track_SetStreamDescriptor (isomedia/track.c) where a malformed MP4 file can trigger a segmentation fault, leading to Denial of Service. The issue is caused by a segmentation violation inside Track_SetStreamDescriptor, enabling DoS via crafted inp...

CVE-2026-50872

The CVE-2026-50872 entry affects fossar selfoss v2.20-SNAPSHOT, with a vulnerability in the loopback request handling component that could allow arbitrary command execution and leakage of sensitive data via a crafted HTTP request. The issue is described across multiple sources (NVD/ENISA/CVE list...

CVE-2026-50876

The CVE-2026-50876 issue affects Deck9 Input v2.0.1 and is described as a cross-site scripting (XSS) vulnerability that allows attackers to run arbitrary web scripts or HTML via a crafted payload. The documented impact is limited to client-side script execution with low to moderate risk according...

CVE-2025-55660

The connected EUVD entry confirms a stack overflow in the function gf_opus_read_length (file media_tools/av_parsers.c ) of GPAC MP4Box v2.4 , enabling a Denial of Service (DoS) when processing a crafted MP4 file. The same CVE ID (CVE-2025-55660) is echoed across multiple sources (NVD, CVE lists, ...

CVE-2026-30121

The CVE refers to CVE-2026-30121 affecting Remotion v4.0.409, describing an arbitrary file write vulnerability. The connected sources consistently identify the issue as arbitrary file write in Remotion, but none provide concrete technical details such as vulnerable component/trigger, root cause, ...

CVE-2026-45390

CVE-2026-45390 affects OCaml-tar before 3.4.0. A crafted archive containing "../" segments in file names can escape the extraction directory, allowing arbitrary file writes outside the target path when decompression is reachable. The OSV/ENISA reports show the vulnerable function uses Filename.co...

CVE-2026-45389

Summary (OCaml-TLS CVE-2026-45389): OCaml-TLS versions before 2.1.0 fail to properly validate KeyUsage and ExtendedKeyUsage on client certificates during mutual TLS, allowing impersonation with certificates intended for server authentication. The issue arises in the server-side certificate valida...

CVE-2026-50883

CVE-2026-50883 refers to an HTML injection in the matze wastebin project (v3.4.1) affecting the internal component /src/highlight.rs . The root cause is not explicitly detailed beyond mention of HTML injection via a crafted payload, leading to arbitrary script execution. The vulnerability is rate...

CVE-2026-39118

Kandji Agent from Iru, Inc. (pre-4.7.5(5374)) contains a local privilege-escalation flaw driven by a client-validation gap that allows a local attacker to invoke restricted agent functionality. The CVSS metrics indicate HIGH impact across confidentiality, integrity, and availability with LOCAL at...

CVE-2026-38064

Affected product: Tenda 5G03 V05.03.02.04 (Version 1.0). Vulnerability: command injection in the function action_dial_call via the dialNumber parameter. Root cause/detail: not explicitly described beyond the command injection vector; connected sources confirm the same description across EUVD-2026...

CVE-2026-12197

The CVE-2026-12197 affects Ruijie EG105G-P (firmware 2.340). The issue resides in the nslookup function of /cgi-bin/luci/api/diagnose (JSON-RPC Diagnose Endpoint), where manipulating the params.target argument leads to command injection. It enables remote initiation of an attack, with an exploit ...

CVE-2026-12193

VS Revo RevoUninstaller 2.5.x/2.6.x contains a heap-based overflow in IOCtl_Handler of RevoDetector.sys (IOCTL Handler). The vulnerability enables a local attack and is supported by publicly available exploit material. Upgrading to version 2.7.0 fixes the issue. If you rely on affected builds, ap...

CVE-2026-12192

GALAYOU Y4 Web Server 1.0.0 is affected by a buffer overflow in an unspecified Web Server function. The flaw enables local-network exploitation with no authentication required and affects confidentiality, integrity, and availability. Public exploit details are indicated in the CVE context, and th...

CVE-2026-12191

CVE-2026-12191 affects Comma AI Openpilot 0.11. The issue is a deserialization vulnerability in the pickle.loads/pickle.load usage inside selfdrive/modeld/modeld.py (Pickle Module). Exploitation requires local access. The CVSS metrics indicate high impact (confidentiality, integrity, availability...

CVE-2026-12190

The CVE-2026-12190 entry concerns Genspark AI Workspace App version 2.8.4 on Android, affecting the ai.mainfunc.genspark component. The issue is described as improper authorization in the handler for a custom URL scheme, with exploitation limited to a local environment. The provided documents do ...

CVE-2026-12189

The CVE-2026-12189 entry concerns Moovit Bus & Public Transit App 1.18 on Android, affecting the com.tranzmate component. The flaw is described as improper authorization in the handler for a custom URL scheme, enabling a local attacker to manipulate the app. Exploitability is local with low attac...

CVE-2026-12188

Affected software: Grit42 Grit (up to 0.11.0). Vulnerable component: grit_entity_controller.rb (modules/core/backend/app/controllers/concerns/grit/core/grit_entity_controller.rb) within GritEntityController. Issue: SQL injection triggered by manipulating a function in the controller; described as...

CVE-2026-12187

CVE-2026-12187 affects GL.iNet GL‑MT3000 devices running firmware up to 4.4.5. The vulnerability is in an unknown function of the /usr/bin/one_click_upgrade component (Online Firmware Upgrade Handler) that allows remote command injection. Public disclosure and PoC details are indicated; exploitat...

CVE-2026-12186

GL.iNet GL-MT3000 is affected up to firmware 4.4.5. The vulnerability resides in the Tor Proxy Service Configuration Handler, specifically the replace_country function in the library /usr/lib/oui-httpd/rpc/tor, where input manipulation enables remote command injection. The issue can be exploited ...

CVE-2026-54413

driftregion iso14229 up to 0.9.0 has an integer underflow in Handle_0x27_SecurityAccess() that enables a remote unauthenticated attacker to crash a UDS server and possibly read memory beyond the receive buffer by sending a 0x27 SecurityAccess request after a prior well-formed 0x27 message. The co...

CVE-2026-54412

CVE-2026-54412 affects LiamBindle MQTT-C up to v1.1.6. The vulnerability is a heap-based out-of-bounds read and integer underflow in mqtt_unpack_publish_response() (src/mqtt.c). A broker-controlled or injected PUBLISH packet can allow a remote unauthenticated attacker to crash a subscribed MQTT-C...

CVE-2026-54411

Linux-PAM up to 1.7.2 is affected by a timing side-channel in the pam_userdb plaintext-password comparison path (modules/pam_userdb/pam_userdb.c). When configured with crypt=none, an unrecognized crypt method, or without a crypt= argument, credentials are stored/compared in plaintext. The compari...

CVE-2026-54410

nanoMODBUS (through v1.23.0) contains an off-by-one buffer overflow in the recv_msg_header() of the Modbus/TCP server. An unauthenticated remote attacker can craft an MBAP Length=255 to force writing one attacker-controlled byte past the 260-byte receive buffer, corrupting the adjacent state stru...

CVE-2026-11527

CVE-2026-11527 affects Perl Config::IniFiles prior to 3.001000. The vulnerability arises when _make_filehandle opens the -file argument with Perl’s 2-arg open(); untrusted input passed to -file can be treated as a command or redirect (e.g., starting/ending with |, or >/>>), enabling OS c...

CVE-2026-11526

The CVE-2026-11526 issue affects GD for Perl (versions before 2.86). The vulnerability lies in GD::Image::_make_filehandle, which uses a 2-arg open() on filename arguments, causing any filename starting/ending with a pipe or redirect to be executed as a command or redirected, leading to OS comman...

CVE-2025-15546

The CVE-2025-15546 entry concerns the Iptanus File Upload WordPress plugin (pre-5.1.7). A TOCTOU race condition between the file existence check and the actual write operation, when the duplicatepolicy is set to “maintain both,” allows an authenticated attacker to overwrite files uploaded by othe...

CVE-2026-54421

CVE-2026-54421 affects OpenStack Ironic (through 35.0.1). A PATCH to update fields in volume properties, restricted to the user’s permissions, can disclose unredacted sensitive information (e.g., iSCSI credentials). The PATCH outcome is identified as a security issue; the POST outcome is not. Thi...

CVE-2026-54420

CVE-2026-54420 is a symlink-following vulnerability in LiteSpeed cPanel plugin before 2.4.8 (as distributed in LiteSpeed WHM Plugin before 5.3.2.0). A user with FTP or web shell access on a shared hosting server running CloudLinux/CageFS can abuse improperly validated symbolic links to access or ...

CVE-2026-12176

SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0 contains a cross-site scripting (XSS) vulnerability in an unknown function of the file /index.php when the action parameter is manipulated. The attack is remote and has been publicly disclosed . Exploit maturity is label...

CVE-2026-12175

CodeAstro Student Attendance Management System 1.0 is affected. The vulnerability resides in /attendance-php/Admin/createStudents.php where manipulating the admissionNumber parameter enables an SQL injection. It supports remote exploitation and the exploit is public. No remediation or patch detai...

CVE-2026-12174

CVE-2026-12174 affects D-Link DCS-935L firmware 1.10.01. The vulnerability is in the HTTP Handler’s function snprintf used by /web/cgi-bin/greece/rhea, allowing format-string manipulation. This can enable a remote attacker to exploit the flaw; public exploits have been disclosed. The available do...

CVE-2026-12183

CVE-2026-12183 affects Nefteprodukttekhnika BUK TS-G Gas Station Automation System versions 2.9.1–2.10.2 on Linux. The vulnerability is an improper authentication (CWE-287) in the system configuration module: the /php/ajax-login.php endpoint can return userid=1 (administrator) for any HTTP POST w...

CVE-2026-6428

CVE-2026-6428 describes an SQL injection in Koha’s reports/catalogue_out.pl up to versions 22.11.37, 23.x, 24.x before 24.11.16, 25.05.x before 25.05.11, 25.11.x before 25.11.05, 26.05.x before 26.05.01, and 26.11.x before 26.11.00. The vulnerability arises from a vulnerable sink that concatenate...

CVE-2026-5513

The Bookly WordPress plugin (Online Scheduling and Appointment Booking System) is vulnerable to Stored XSS in versions up to 27.2 via the bookly-customer-full-name cookie due to insufficient input sanitization and output escaping. Unauthenticated attackers can inject arbitrary scripts that execut...

CVE-2026-11624

The CVE-2026-11624 entry concerns the Model Context Protocol server where origin validation of the Origin header affects DNS rebinding risk. Before v0.25.0 there was no host validation; v0.25.0 introduces --allowed-hosts and --allowed-origins flags to specify permitted hosts at startup. Both flag...

CVE-2026-1291

CVE-2026-1291 concerns the Meow Gallery WordPress plugin. A missing capability check on the REST API endpoint /wp-json/meow-gallery/v1/save_shortcode allows authenticated users with Author-level access or higher to arbitrarily create or overwrite gallery shortcode records by supplying a user-cont...

CVE-2026-9629

The Canvas plugin for WordPress (Canvas) contains a Stored Cross-Site Scripting vulnerability via the 'tag' parameter in all versions up to 2.5.2 due to insufficient input sanitization and output escaping. An authenticated attacker with contributor-level access or higher can inject scripts that e...

CVE-2026-2470

The CVE concerns the WordPress Page Builder: Pagelayer plugin (

CVE-2026-3297

The CVE-2026-3297 entry concerns the Page Builder: Pagelayer (WordPress) plugin. Affected version: up to and including 2.0.9. Vulnerability type: Stored Cross-Site Scripting via the Anchor block due to insufficient input sanitization and output escaping. Exploitation requires authenticated access...

CVE-2026-9134

The FooGallery WordPress plugin is vulnerable to Stored XSS in versions up to 3.1.31 through the custom_attribute_key shortcode parameter. Root cause: incomplete JavaScript event handler blacklist in foogallery_sanitize_javascript() and failure to escape the attribute key in foogallery_build_cont...

CVE-2026-9062

The CVE-2026-9062 entry concerns the Store Locator WordPress plugin (affected versions prior to 1.6.9). The vulnerability arises from insufficient validation of a parameter used in a file path, enabling high-privilege users (e.g., administrators) to read arbitrary PHP files from the server, inclu...

CVE-2026-9061

CVE-2026-9061 affects the Store Locator WordPress plugin prior to 1.6.9. The description in the provided documents states that store logo metadata is not sanitized/escaped before storage and output on the admin page, allowing high-privilege users (e.g., administrators) to perform a Stored XSS att...

CVE-2026-9109

CVE-2026-9109 : Stored Cross-Site Scripting in GPTranslate – Multilingual AI Translation for WordPress (versions ≤ 2.31) due to insufficient input sanitization and output escaping in REST API Translation Storage. Unauthenticated users can inject scripts; the API key (SHA-256 of site URL) is print...

CVE-2026-54164

Technical details for CVE-2026-54164 are not publicly available in the provided documents; monitor for updates.

CVE-2026-11769

Grafana Operator CVE-2026-11769 affects all versions