Lucene search
K

367965 matches found

CVE
CVE
added 27 minutes ago3 views

CVE-2026-33592 FindServers Memory Exhaustion in open62541

An unauthenticated remote attacker can exhaust server memory via the FindServers Discovery Service in open62541. The serverUris field of FindServersRequest is not validated for length or array size. An attacker can declare an arbitrarily large string up to 3.9 GB delivered across intermediate...

7.5CVSS5.8AI score
Exploits0References3
CVE
CVE
added 1 hour ago7 views

CVE-2026-11965

The User Registration & Membership WordPress plugin before 5.2.0 does not enforce payment completion before activating a paid membership subscription, allowing unauthenticated users after self-registering an account through the open registration flow to obtain an active subscription on any paid...

5.8AI score
Exploits0References1
CVE
CVE
added 1 hour ago7 views

CVE-2026-10077

The yootheme WordPress theme before 5.0.35 does not prevent its bundled front-end framework from treating certain HTML attributes, which are permitted by wpksespost, as markup, allowing users with the Author role to perform Stored Cross-Site Scripting attacks that execute in the browser of any us...

5.8AI score
Exploits0References1
CVE
CVE
added 1 hour ago6 views

CVE-2026-11578

The Fluent Forms WordPress plugin before 6.2.5 does not properly restrict the deletion of form submission entries to the forms a restricted Manager is authorized to manage, allowing a Manager limited to specific forms to permanently delete submission entries belonging to other forms. This require...

5.8AI score
Exploits0References1
CVE
CVE
added 1 hour ago9 views

CVE-2026-11781

The Adminify WordPress plugin before 4.2.10 does not perform per-user read-capability checks on the results returned by one of its administration search features, allowing users with a low-privilege role Contributor to disclose non-public content that WordPress would not otherwise expose to them,...

5.7AI score
Exploits0References1
CVE
CVE
added 2 hours ago8 views

CVE-2026-13704

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'sequoiaintroductionimage' parameter in all versions up to, and including, 4.16.1 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS5.9AI score
Exploits0References9
CVE
CVE
added 2 hours ago8 views

CVE-2026-11592

The Email Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 5.9.27. This is due to the plugin not properly verifying that a user is authorized to perfor...

4.3CVSS5.9AI score
Exploits0References12
CVE
CVE
added 2 hours ago6 views

CVE-2026-10089

The Insert Pages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via post custom field keys meta key names in all versions up to, and including, 3.11.4. This is due to insufficient output escaping in the themeta function: while the custom field VALUE is sanitized with wpksespost...

6.4CVSS5.9AI score
Exploits0References8
CVE
CVE
added 2 hours ago10 views

CVE-2026-5348

The Academy LMS – WordPress LMS Plugin for Complete eLearning Solution plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 3.8.1. This is due to the '/topics' REST API endpoint being registered with a permission callback set to 'returntrue',...

5.3CVSS5.8AI score
Exploits0References8
CVE
CVE
added 2 hours ago7 views

CVE-2026-13357

The Houzez Property Feed plugin for WordPress is vulnerable to SQL Injection via the 'orderby' parameter in all versions up to, and including, 2.5.46 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query in the prepareitems method...

4.9CVSS5.8AI score
Exploits0References6
CVE
CVE
added 2 hours ago12 views

CVE-2026-5821

The Image Optimizer plugin for WordPress is vulnerable to arbitrary file deletion in versions up to and including 1.7.4. This is due to insufficient path validation in the ImageBackup::remove function where backup file paths stored in post meta are used directly in file deletion operations withou...

8.1CVSS5.9AI score
Exploits0References8
CVE
CVE
added 2 hours ago10 views

CVE-2026-14249

The Request a Quote plugin for WordPress is vulnerable to Code Injection in versions up to, and including, 2.5.5 via the emddeletefile AJAX action. This is due to the emddeletefile handler deriving a PHP function name from the attacker-controlled $POST'path' parameter and invoking it dynamically...

7.5CVSS6AI score
Exploits0References6
CVE
CVE
added 2 hours ago6 views

CVE-2026-11600

The Envo's Templates & Widgets for Elementor and WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing authorization check on the Envo Tabs and Off Canvas widget's template rendering in versions up to, and including, 1.4.26. The render method of the Tabs...

4.3CVSS5.7AI score
Exploits0References8
CVE
CVE
added 5 hours ago9 views

CVE-2026-57278

GeoWebPlayer (Web Plugin/WS Player) vulnerable to a stack-based buffer overflow in the connectInfo handler, specifically in the ip field (conn_info.ip_or_host) with unbounded JSON input. TALOS confirms multiple CVEs in the same connectInfo codepath, including potential arbitrary code execution in...

8.3CVSS5.9AI score
Exploits0References2
CVE
CVE
added 5 hours ago6 views

CVE-2026-57277

CVE-2026-57277 affects GeoWebPlayer (Web Plugin/WS Player) GeoVision GeoWebPlayer Websocket Server connectInfo handler. The vulnerability is a stack-based buffer overflow in the key field (buffer key_blob[17]), caused by copying attacker-controlled JSON fields into fixed-size buffers without prop...

8.3CVSS5.9AI score
Exploits0References2
CVE
CVE
added 5 hours ago6 views

CVE-2026-57276

GeoWebPlayer’s Websocket Server connectInfo handler contains stack-based buffer overflow vulnerabilities in several fields (e.g., username/password/password_enc with key present; ip, key_blob) leading to potential arbitrary code execution. Affected product: GeoWebPlayer (GeoVision GV-VMS/GV-Cloud...

8.3CVSS5.9AI score
Exploits0References2
CVE
CVE
added 5 hours ago6 views

CVE-2026-57275

Geovision GeoWebPlayer Websocket Server connectInfo handler is vulnerable to stack-based buffer overflows in multiple fields when handling JSON input (username, password, username_enc, password_enc, key, ip). Affected product: GeoWebPlayer (GeoVision software family), with version context cited b...

8.3CVSS5.9AI score
Exploits0References2
CVE
CVE
added 5 hours ago5 views

CVE-2026-57274

GeoWebPlayer’s CVE-2026-57274 is a buffer overflow in the connectInfo password handling of the Websocket Server (no key present) affecting GeoWebPlayer 1.1.1.0. A crafted websocket message can overflow the 64-byte password buffer, potentially enabling arbitrary code execution. Vendor patch releas...

8.3CVSS5.9AI score
Exploits0References2
CVE
CVE
added 5 hours ago6 views

CVE-2026-57273

GeoWebPlayer Websocket Server connectInfo handler in GeoVision software contains multiple stack-based buffer overflows in user-supplied JSON fields. Specifically, overflows occur in: username and password when key is absent (64-byte buffers), and username_enc, password_enc, key_blob, ip fields wh...

8.3CVSS5.9AI score
Exploits0References2
CVE
CVE
added 5 hours ago5 views

CVE-2026-57272

GeoWebPlayer/Websocket Server in GeoVision software (GV-VMS, GV-Cloud, etc.) uses an index parameter that is not validated, allowing out-of-bounds reads when handling localhost commands. This is the stated root cause and leads to the reported vulnerability (CVE-2026-57272). Impact is noted as hig...

8.3CVSS5.8AI score
Exploits0References2
CVE
CVE
added 5 hours ago7 views

CVE-2026-57271

GeoWebPlayer (GeoVision GeoWebPlayer/Web Plugin/WS Player) contains a WebSocket server component, and a discovered out-of-bounds read vulnerability affecting the pause command index, as reported in CVE-2026-57271. Connected records identify this as a WebSocket server issue within GeoVision softwa...

8.3CVSS5.7AI score
Exploits0References2
CVE
CVE
added 5 hours ago6 views

CVE-2026-57270

GeoWebPlayer (also called Web Plugin in GV-VMS and WS Player in VMS-Cloud) furnishes a websocket server that extends the Web interfaces of GeoVision software. The server processes commands from localhost, many of which use an index to access arrays and perform actions. The index value is not cons...

8.3CVSS5.8AI score
Exploits0References2
CVE
CVE
added 5 hours ago6 views

CVE-2026-57269

GeoWebPlayer (Web Plugin/WS Player) in GeoVision software exposes a websocket server where an unvalidated index can access multiple arrays out-of-bounds, leading to an out-of-bounds read. This affects the Websocket interface used by GV-VMS and GV-Cloud; CVSS 3.1 base score 8.3 (HIGH) with potenti...

8.3CVSS5.8AI score
Exploits0References2
CVE
CVE
added 5 hours ago3 views

CVE-2026-57268

GeoWebPlayer’s Websocket server exposes a saveVideo command where the provided index is not validated before it's used to access internal arrays and call a function pointer in CCriticalSection. This out-of-bounds access can reach the critical section and release path, potentially enabling code ex...

8.3CVSS5.8AI score
Exploits0References2
CVE
CVE
added 5 hours ago6 views

CVE-2026-57267

GeoWebPlayer (aka Web Plugin / WS Player) ships a websocket server that handles localhost commands. The index parameter used to access internal arrays is not consistently validated, enabling index-out-of-bounds reads in multiple arrays. This is documented as a GeoVision vulnerability (CVE-2026-57...

8.3CVSS5.8AI score
Exploits0References2
CVE
CVE
added 5 hours ago6 views

CVE-2026-57266

GeoWebPlayer (Websocket Server component used by GV-VMS/GV-Cloud) contains multiple index-out-of-bounds vulnerabilities in its websocket command handling, allowing an attacker-supplied index to access arrays and trigger out-of-bounds reads/writes or call out-of-bounds function pointers. Documente...

8.3CVSS5.8AI score
Exploits0References2
CVE
CVE
added 5 hours ago6 views

CVE-2026-57265

GeoWebPlayer (Web Plugin/WS Player) Websocket Server vulnerabilities exist in GeoVision GeoWebPlayer 1.1.1.0 where an index value from websocket commands is not consistently validated, causing out-of-bounds reads/writes and potential code execution via critical sections and function pointers. Doc...

8.3CVSS5.8AI score
Exploits0References2
CVE
CVE
added 5 hours ago6 views

CVE-2026-57264

GeoWebPlayer’s Websocket Server (used by GV-VMS/GV-Cloud) exposes a command interface where many commands accept an index that is not consistently validated. The Talos and CVE records describe multiple CVEs (e.g., CVE-2026-57264) across several commands (connectInfo, setStream, setPIP, audio, sna...

8.3CVSS5.8AI score
Exploits0References2
CVE
CVE
added 5 hours ago6 views

CVE-2026-13132

GeoWebPlayer (Web Plugin/WS Player) Websocket Server in GeoVision software contains multiple out-of-bounds read/write vulnerabilities triggered by index values in websocket commands (notably setStream). The Talos report specifies exploitable out-of-bounds reads in GeoWebPlayer version 1.1.1.0, wi...

8.3CVSS5.8AI score
Exploits0References2
CVE
CVE
added 5 hours ago4 views

CVE-2026-13131

GeoWebPlayer Websocket Server (GeoVision) has a concrete out-of-bounds read vulnerability in the connectInfo command (index not range-checked), enabling out-of-bounds access to viewer IPCams and potential code execution. Reported for GeoWebPlayer 1.1.1.0; CVSSv3.1 score 8.3 (NETWORK, HIGH impact)...

8.3CVSS5.8AI score
Exploits0References2
CVE
CVE
added 5 hours ago5 views

CVE-2026-13125

GeoWebPlayer (GeoVision addon, also called Web Plugin/WS Player) exposes a websocket server with no authentication. Vulnerable component: GeoWebPlayer version 1.1.1.0. Root cause: missing authentication for critical websocket operations, enabling a malicious page to open a connection and issue pr...

8.8CVSS5.7AI score
Exploits0References2
CVE
CVE
added yesterday8 views

CVE-2026-50280

Craft CMS contains an authorization bypass in the entries/move-to-section endpoint (EntriesController::actionMoveToSection). In versions 5.0.0-RC1 through below 5.9.21, destination section gate relies only on viewEntries:$section->uid instead of requiring saveEntries permission; source entry p...

6CVSS5.7AI score
Exploits0References2
CVE
CVE
added yesterday7 views

CVE-2026-50279

Craft CMS (versions 5.0.0-RC1 through 5.9.20) contains an authorization gap in EntriesController::actionSaveEntry where entry-edit checks precede author changes. The code path allows attacker-supplied authors to mutate the authors list when the current user is among the old authors, without re-ru...

7.6CVSS5.7AI score
Exploits0References2
CVE
CVE
added yesterday8 views

CVE-2026-55794

Craft CMS

8.7CVSS5.8AI score
Exploits0References2
CVE
CVE
added yesterday6 views

CVE-2026-55792

Craft CMS is vulnerable in versions 4.0.0-RC1 through 4.17.x and 5.0.0-RC1 through 5.9.x due to dataUrl() being in the Twig sandbox allowlist. A control panel user with the utility:system-messages permission can embed a file-reading payload in system emails, causing the server to read targeted fi...

6CVSS5.8AI score
Exploits0References2
CVE
CVE
added yesterday23 views

CVE-2026-55791

Craft CMS vulnerability CVE-2026-55791 enables SSRF and Arbitrary JavaScript Injection via /actions/app/resource-js when assetManager.cacheSourcePaths is false and trustedHosts is permissive. An attacker can poison Host/X-Forwarded-Host to hijack $baseUrl, causing Craft::createGuzzleClient()->...

6.9CVSS5.8AI score
Exploits0References2
CVE
CVE
added yesterday7 views

CVE-2026-14439

CVE-2026-14439 describes a path-traversal in the Git Service shared by Altium Enterprise Server and Altium 365. The vulnerability arises from a post-clone file-manipulation primitive that accepts user-supplied paths without validation, enabling an authenticated user with basic git access to move ...

9.4CVSS6.5AI score
Exploits0References1
CVE
CVE
added yesterday4 views

CVE-2026-55790

Summary of CVE-2026-55790 (Craft CMS) : This is a DOM-based cross-site scripting flaw in Craft CMS. Versions affected are 5.0.0-RC1–5.9.22 and 4.0.0-RC1–4.17.15. An attacker with only a GitHub account can insert a JavaScript payload into a craftcms/cms issue title. When a Craft admin uses the Cra...

7.4CVSS5.8AI score
Exploits0References2
CVE
CVE
added yesterday11 views

CVE-2026-50284

Craft CMS (versions 5.0.0-RC1–5.9.21 and 4.0.0-RC1–4.17.14) has a privilege check flaw in AssetsController::actionDeleteFolder: it only enforces deleteAssets: for the target folder and does not enforce deletePeerAssets:, allowing a low-privilege user with folder-management rights on a shared volu...

7.1CVSS5.8AI score
Exploits0References2
CVE
CVE
added yesterday9 views

CVE-2026-14440

Summary: CVE-2026-14440 concerns Cloudflare’s Universal SSL: automatic, permissive CAA RRset management on Universal SSL zones supersedes customer CAA records. When customers push stricter CAA via RFC 8657 accounturi or validationmethods, CAs do not observe those parameters during RFC 8659 evalua...

7.6CVSS5.7AI score
Exploits0References4
CVE
CVE
added yesterday6 views

CVE-2026-14426

CVE-2026-14426 is a Use After Free in V8 within Google Chrome before 150.0.7871.46. A remote attacker could lure a user into specific UI gestures to run arbitrary code in Chrome’s sandbox via a crafted HTML page. Severity: High. Affected: V8 in Chrome (pre-150.7871.46). Mitigation: Chrome update ...

7.5CVSS6.2AI score
Exploits0References2
CVE
CVE
added yesterday6 views

CVE-2026-14394

CVE-2026-14394: Use-after-free in V8 (Chrome) prior to 150.0.7871.46 allows remote attackers to potentially exploit heap corruption via a crafted HTML page. Affected: Google Chrome with V8 prior to version 150.0.7871.46. Impact is described as heap corruption potential; no exploitation details ar...

5.8AI score
Exploits0References2
CVE
CVE
added yesterday6 views

CVE-2026-14432

The CVE-2026-14432 entry documents a use-after-free in V8 affecting Google Chrome’s JavaScript engine prior to version 150.0.7871.46 . This vulnerability could allow a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page, as described in multiple sources. Affected co...

8.8CVSS6.2AI score
Exploits0References2
CVE
CVE
added yesterday6 views

CVE-2026-14393

CVE-2026-14393: Use-after-free in V8 (Chrome) allows remote code execution inside the sandbox via a crafted HTML page. Affected: Google Chrome's V8 engine prior to version 150.0.7871.46. Impact: arbitrary code execution with high/total impact as per the CVSS vector. Remediation: update to Chrome ...

8.8CVSS6.2AI score
Exploits0References2
CVE
CVE
added yesterday6 views

CVE-2026-14403

CVE-2026-14403: Use-after-free in V8 (Chrome) allows remote code execution inside a sandbox via a crafted HTML page on Chrome versions prior to 150.0.7871.46. Severity is listed as Low; the vulnerability stems from a V8 use-after-free condition. Documents do not specify exploitation status or con...

8.8CVSS6.2AI score
Exploits0References2
CVE
CVE
added yesterday6 views

CVE-2026-14419

CVE-2026-14419 affects Google Chrome where a use-after-free in Skia could allow a remote attacker to escape the sandbox via a crafted HTML page. It targets Skia in Chrome before version 150.0.7871.46. The issue is listed as Critical (CVSS: 9.6, Network) with potential for total impact to confiden...

9.6CVSS5.8AI score
Exploits0References2
CVE
CVE
added yesterday6 views

CVE-2026-14417

CVE-2026-14417 affects Dawn in Google Chrome prior to 150.0.7871.46. The issue is a use-after-free in Dawn, enabling a remote attacker to potentially escape the Chrome sandbox via a crafted HTML page. The known remediation is upgrading to Chrome 150.0.7871.46 or later, as reflected in the referen...

9.6CVSS5.8AI score
Exploits0References2
CVE
CVE
added yesterday6 views

CVE-2026-14424

CVE-2026-14424 affects Dawn in Google Chrome on macOS prior to 150.0.7871.46. A use-after-free vulnerability in Dawn could allow a remote attacker to potentially escape the sandbox via a crafted HTML page, with Chromium severity listed as High. The available documents consistently describe the tr...

9.6CVSS5.8AI score
Exploits0References2
CVE
CVE
added yesterday5 views

CVE-2026-14425

This CVE affects ANGLE in Google Chrome and is caused by a use-after-free in ANGLE that could allow a remote attacker to perform a sandbox escape via a crafted HTML page in Chrome versions prior to 150.0.7871.46. Impact is described as high/critical with potential full compromise of confidentiali...

9.6CVSS5.8AI score
Exploits0References2
CVE
CVE
added yesterday6 views

CVE-2026-14390

CVE-2026-14390 describes a use-after-free in ANGLE used by Google Chrome before version 150.0.7871.46. The vulnerability could allow a remote attacker to attempt a sandbox escape via a crafted HTML page. The description and connected sources consistently identify ANGLE as the affected Graphics/AN...

9.6CVSS5.8AI score
Exploits0References2
Total number of security vulnerabilities367965