CVE-2026-40941

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a package import signature validation bypass allows which allows self-signed packages. This issue has been fixed in version 1.2.31...

CVE-2026-40084

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Path Traversal through the Report formatfile Parameter, causing arbitrary file read. This vulnerability occurs in two stages. In the first stage stored injection, lib/htmlreports.php at...

CVE-2026-40083

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have SQL Injection through unsanitized unserialize+implode in managers.php. At line 756 of managers.php, the application assigns $selecteditems by calling...

CVE-2026-40082

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have missing sessionregenerateid after login, leading to Session Fixation. sessionregenerateid is NOT called after successful login. The login flow at authlogin.php:203-207 directly sets $SESSIONSESSUSER...

CVE-2026-40080

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Open Redirect through a substring check rather than a host check at strcontains$referer, CACTIPATHURL. When the user's loginopts == '1' redirect to referer after login, the function use...

CVE-2026-13283

Use after free in AdFilter in Google Chrome on Android prior to 149.0.7827.201 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

CVE-2026-13281

Integer overflow in Mojo in Google Chrome prior to 149.0.7827.201 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. Chromium security severity: High...

CVE-2026-13282

Use after free in Payments in Google Chrome on Android prior to 149.0.7827.201 allowed a local attacker to potentially exploit heap corruption via physical access to the device. Chromium security severity: High...

CVE-2026-22879

vtk vtk-dicom vtkDICOMItem::NewDataElement heap-based buffer overflow vulnerability...

CVE-2025-71340

picklescan through 0.0.26 fails to detect malicious pickle files that invoke idlelib.pyshell.ModifiedInterpreter.runcode in reduce methods. Attackers can embed undetected code in pickle files that executes arbitrary commands when the file is loaded via pickle.load, enabling supply chain attacks o...

CVE-2025-71338

Flowise contains a path traversal vulnerability in the /api/v1/document-store/loader/process endpoint that allows unauthenticated attackers to write arbitrary files to the filesystem. Attackers can exploit unsanitized fileName parameters with ../ sequences to overwrite critical files like...

CVE-2025-71335

Flowise before 3.0.10 affected versions 3.0.7 and earlier fails to invalidate existing sessions and session tokens after a user changes their password. An attacker who already holds an active session, for example via a stolen session token or a device left logged in, remains authenticated as the...

CVE-2025-71336

Flowise before 3.0.6 affected versions 2.2.7-patch.1 and earlier contains an unsandboxed remote code execution vulnerability in the Custom MCP feature, which is designed to execute OS commands such as launching local MCP servers. Because Flowise's authentication and authorization model is minimal...

CVE-2025-71334

Flowise before 3.0.6 affected versions 2.2.8 and earlier contains an arbitrary file access vulnerability due to missing validation that the chatflowId and chatId parameters are UUIDs or numbers in file handling operations. By supplying a path-traversal value e.g., '../../../../../tmp' as the...

CVE-2025-71333

Flowise through 2.2.4 contains an unauthenticated arbitrary file upload vulnerability in the /api/v1/attachments endpoint when storageType is set to local. Attackers can exploit path traversal in the chatId and chatflowId parameters to upload malicious files to arbitrary directories, potentially...

CVE-2025-71328

Flowise before 3.0.10 contains an unverified password change vulnerability. An authenticated user can change their account password through the account settings Security section without supplying the current password or any additional verification, as the application does not enforce a...

CVE-2025-71327

Flowise contains an authentication bypass vulnerability in the unprotected /api/v1/account/register endpoint that allows unauthenticated attackers to create user accounts. Remote attackers can exploit this endpoint to register arbitrary accounts and authenticate to the system, gaining full API...

CVE-2021-47987

Parse Server before 4.10.0 was affected by a supply chain incident in which incorrect version tags were pushed to the official repository pointing to an unreviewed personal fork of a contributor with write access. No releases were published with these tags; a project was exposed only if it define...

CVE-2025-71324

Flowise before 3.0.6 contains an arbitrary file read vulnerability in the chatId parameter of the /api/v1/get-upload-file and /api/v1/openai-assistants-file/download endpoints. The chatId value is not validated and is passed to streamStorageFile, where a fallback file-lookup path constructed...

CVE-2021-47986

Parse Server before 4.10.0 contains a supply chain vulnerability where incorrect version tags were pushed to the repository linking to unreviewed code in a personal fork. Attackers could exploit this by specifying affected version tags in dependency declarations to execute unreviewed and...

CVE-2020-37256

Grav before 1.6.30 contains a cross-site scripting vulnerability in the Admin plugin page editor default security configuration. Privileged users with page editing capabilities can inject malicious scripts to execute arbitrary code and install malicious plugins for system access...

CVE-2026-7511

PKCS7verify signer confusion allows forged signatures, where the signer associated with a signature is not correctly bound, permitting a forged signature to be accepted...

CVE-2026-7532

iPAddress name constraints bypass when WOLFSSLIPALTNAME is not defined. IP address name constraints are not enforced in that configuration, allowing a certificate to bypass an issuing CA's IP address constraints...

CVE-2026-8720

CVE-2026-8720 affects wolfSSL’s HMAC-BLAKE2 APIs introduced in version 5.9.0. When the input key length exceeds the BLAKE2 block size, the implementation reinitializes the running hash state in the key-hashing branch, discarding accumulated message data. As a result, the produced MAC may become i...

CVE-2026-10098

CVE-2026-10098: In wolfSSL_OCSP_resp_find_status, OCSP CertID serial-number length-confusion allows a same-issuer SingleResponse whose serial is a prefix of the target’s to be reported as the status of another certificate. The vulnerability arises because the lookup compares serial-number bytes w...

CVE-2026-12992

Apicurio Registry is affected by an SSRF flaw in the WSDL handling path. The WSDLReaderAccessor constructs a wsdl4j WSDLReader without disabling javax.wsdl.importDocuments, and with the FULL VALIDITY rule enabled, a Developer-role user can upload a WSDL with attacker-controlled import locations, ...

CVE-2026-11703

CVE-2026-11703 (wolfSSL) describes missing SNI/ALPN binding on stateful (session-ID) TLS resumption. A cached TLS session could be resumed under a different SNI/ALPN than originally negotiated, potentially carrying cached peer-authentication state across virtual hosts. The public description stat...

CVE-2026-55962

CVE-2026-55962 (WolfSSL) : TLS 1.3 post-handshake authentication could allow a server to accept a client’s Finished message without a Certificate and CertificateVerify if a post-handshake CertificateRequest was outstanding. The fix scopes the check to the initial handshake: after certReqCtx is se...

CVE-2026-12975

CVE-2026-12975 affects Apicurio Registry. The flaw is in ContentTypeUtil.isParsableXml(), which creates a SAXParserFactory without enabling secure processing features or disabling external entity resolution. An attacker with artifact-write permission (or unauthenticated when the registry runs wit...

CVE-2026-6092

In CVE-2026-6092, when the wolfSSL option HAVE_ENCRYPT_THEN_MAC is configured, the implementation could fall back to MAC-then-Encrypt rather than enforcing Encrypt-then-MAC. This describes a root cause in the cryptographic enforcement flow, with the potential impact described as limited (low conf...

CVE-2026-6325

CVE-2026-6325: WolfSSL contains an out-of-bounds write in SetSuitesHashSigAlgo when processing an oversized signature algorithms list, allowing a write past the destination buffer. The connected documents confirm the existence of the vulnerability and its root cause within the affected function, ...

CVE-2026-6329

CVE-2026-6329 describes a vulnerability in PKCS#12 MAC verification in wolfSSL where the verification uses an attacker-controlled comparison length. The PKCS#12 verify path compares the locally computed HMAC against the MAC parsed from the PKCS#12 structure using a length taken directly from atta...

CVE-2026-6330

CVE-2026-6330 : In ML-KEM targeting ARM64 NEON, the ciphertext comparison only checks half of the input. This breaks the Fujisaki-Okamoto transform’s implicit rejection, weakening IND-CCA2 security on that path. The constant-time comparison thus ignores part of the re-encrypted ciphertext, allowi...

CVE-2026-40702

WebSocket endpoints lack proper authentication mechanisms, enabling attackers to impersonate charging stations. As a result, attackers can exploit this weakness to gain unauthorized access to sensitive data or perform unauthorized actions. Given that no authentication is required, this can lead t...

CVE-2026-50176

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks or brute-force attacks to gain unauthorized access...

CVE-2026-11800

CVE-2026-11800 concerns Keycloak services and describes a JWT algorithm confusion vulnerability in the JWT Authorization Grant flow. The issue allows an attacker with valid client credentials to bypass signature verification by forging an assertion, enabling creation of unauthorized access tokens...

CVE-2026-54479

The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in predictable session identifiers. This vulnerability may allow unauthorized users to authenticate as oth...

CVE-2026-6331

CVE-2026-6331 describes a vulnerability in the OpenSSL-compatibility HMAC verify path where EVP_DigestVerifyFinal could accept a zero-length or truncated tag. The root cause is insufficient validation of the supplied signature length, which was only checked to not exceed the MAC length rather tha...

CVE-2026-44622

Charging station authentication identifiers are publicly accessible via web-based mapping platforms...

CVE-2026-56445

The qrscp application's C-STORE handler uses a specific instance from attacker-supplied DICOM datasets directly in os.path.join without sanitization, allowing file writes to arbitrary paths...

CVE-2026-12473

Two data sources DICOMWebProxy and DICOMJSON shipped in the default configuration fetch an arbitrary URL parameter without validation. A global authentication service in OHIF automatically injects the authenticated user's OIDC Bearer token into the resulting requests, sending it to the...

CVE-2026-6412

Technical details about CVE-2026-6412 are not publicly available in the provided documents. Monitor for updates.

CVE-2026-6450

CVE-2026-6450 describes a CRL critical extension bypass in ParseCRL_Extensions. It affects builds with CRL support enabled, where a crafted CRL bearing a trusted signature can be accepted due to improper enforcement of critical extensions. The vulnerability’s risk is characterized by a low base s...

CVE-2026-6678

CVE-2026-6678 : Integer underflow in the wolfSSL function wc_PKCS7_DecryptOri when handling crafted Other Recipient Info , causing incorrect length handling during decryption. The issue is described in the connected sources as a vulnerability in the PKCS7 decryption path; no versions, affected pr...

CVE-2026-6679

CVE-2026-6679 describes a heap buffer overflow in the DTLS 1.3 ACK serialization path that occurs before the peer is authenticated. The root cause is an integer truncation when computing the length of the ACK record-number list, which leads to an undersized buffer and an overrun. Impact is on wol...

CVE-2026-6681

This CVE concerns wolfSSL prior to 5.9.1, where the PKCS#7 decode path ignores the caller-supplied output buffer size (outputSz), allowing decoded data to be written beyond the provided buffer. Affected: wolfSSL 5.9.0 and earlier. Impact is described as low (per CVSS 4.0), with no explicit exploi...

CVE-2026-6731

Technical details (affected products, versions, root cause specifics, or remediation) are not publicly available in the provided documents; monitor for updates and future disclosures.

CVE-2026-7531

CVE-2026-7531 describes a use-after-free in PQC hybrid key-share handling. A malicious TLS 1.3 server sending a truncated PQC hybrid KeyShare can trigger the error cleanup path to operate on freed memory. This is an incomplete-fix follow-up to CVE-2026-5460 (5.9.1). The provided connected documen...

CVE-2026-10097

ML-KEM-1024 x64 AVX2 experiences an implicit rejection failure in the Fujisaki-Okamoto transform, breaking IND-CCA2 security. The AVX2 constant-time ciphertext comparison during decapsulation does not compare the final 32-byte block of the 1568-byte ciphertext, so a ciphertext manipulated in thos...

CVE-2026-10512

CVE-2026-10512 affects X25519 x86_64 assembly in wolfSSL: the final modular reduction does not clear the most significant bit, leaving the computed field element potentially non-canonical modulo 2^255-19. This can yield an incorrect result from scalar multiplication and potentially a wrong shared...