Lucene search
K
VulnrichmentRecent

161693 matches found

Vulnrichment
Vulnrichment
added 2026/06/30 9:49 a.m.17 views

CVE-2026-53917 Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Client, Apache ActiveMQ Broker: Unbounded memory allocation in OpenWire property unmarshalling

Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Client, Apache ActiveMQ Broker. An authenticated user can cause a broker DoS by sending a crafted OpenWire Message with a large encoded size value for the map. OpenWire message...

5.7AI score0.00796EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 9:48 a.m.6 views

CVE-2026-54475 Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Temporary destination ownership takeover

Missing Authorization vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. Apache ActiveMQ Classic temporary destinations are expected to be isolated to the connection that created them. The isolation can be broken as this is only checked in the client, allowing...

5.7AI score0.00589EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 9:37 a.m.7 views

CVE-2026-10763

PROMOD V is using insecure HTTP communication instead of HTTPS. The vulnerability is due to the lack of HTTPS support from 3rd party Digipede server...

7CVSS5.8AI score0.00347EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 9:31 a.m.6 views

CVE-2026-8141 Ajax Load More - Filters <= 3.4.1 - Unauthenticated Stored Cross-Site Scripting via 'taxonomy_include_children' Field

The Ajax Load More - Filters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'taxonomyincludechildren' parameter in all versions up to, and including, 3.4.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers t...

7.2CVSS5.9AI score0.00261EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/30 9:31 a.m.16 views

CVE-2026-9711 EventON - WordPress Virtual Event Calendar Plugin <= 5.0.11 - Unauthenticated Blind SQL Injection via Search Parameter

The EventON - WordPress Virtual Event Calendar Plugin plugin for WordPress full is vulnerable to SQL Injection via the WordPress 'search' parameter in versions up to, and including, 5.0.11 due to insufficient escaping on the user supplied parameter and lack of preparation on the existing SQL quer...

9.8CVSS5.8AI score0.00438EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/30 9:10 a.m.8 views

CVE-2026-12076 SQL Injection in Raytha CMS

Raytha CMS is vulnerable to SQL Injection within the OData filter parsing pipeline. The vulnerability allows a remote, unauthenticated attacker to execute arbitrary SQL statements against the underlying PostgreSQL database, leading to full database compromise, including credential extraction...

9.3CVSS5.9AI score0.00431EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/30 8:59 a.m.7 views

CVE-2025-7406 A Sudo Privilege Escalation Vulnerability in Nokia MantaRay NM

Nokia MantaRay NM is vulnerable to a sudo privilege escalation vulnerability where a local attacker possessing administrative local admin privileges can escalate to full root privileges on the host. Successful exploitation results in root-level access to the filesystem and the ability to execute...

5.9AI score0.00128EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 8:58 a.m.9 views

CVE-2025-24816 An Improper Access Control vulnerability in Nokia MantaRay NM

Nokia MantaRay is subject to an Improper Access Control vulnerability due to insufficient authorization within the API. Successful exploitation could allow an authenticated attacker to retrieve confidential information beyond their assigned privileges...

5.8AI score0.00276EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 8:55 a.m.7 views

CVE-2025-24815 An unrestricted file upload vulnerability in Nokia MantaRay NM

Nokia MantaRay NM is subject to an unrestricted file upload vulnerability due to insufficient file type validation. Successful exploitation could allow an authenticated attacker to upload malicious files onto the system...

5.8AI score0.00151EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 8:54 a.m.7 views

CVE-2026-6954 Multiple vulnerabilities in Intermark IT's WebControl CMS

Cross-Site Scripting XSS vulnerability in Intermark IT's WebControl CMS v3.5. This vulnerability allows an attacker to execute JavaScript code or inject a dynamic iframe into the victim’s browser by sending a malicious URL via the 'urlDestino' parameter in '/portal.do'. This vulnerability can be...

5.1CVSS5.9AI score0.00366EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 8:53 a.m.7 views

CVE-2026-6953 Multiple vulnerabilities in Intermark IT's WebControl CMS

HTML injection vulnerability in Intermark IT's WebControl CMS v3.5. This vulnerability allows an attacker to send an email containing malicious HTML code to a victim via the contact form. To exploit this vulnerability, the attacker must send a request using the 'nombreApellidos', 'dirección ', an...

5.1CVSS5.8AI score0.0036EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 8:30 a.m.8 views

CVE-2026-13149

brace-expansion through 5.0.6 is vulnerable to denial of service. The expand function exhibits exponential-time complexity in the number of consecutive non-expanding '' brace groups. An attacker who passes a crafted string to expand, directly or transitively, can cause significant CPU consumption...

8.7CVSS5.7AI score0.00361EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/30 8:27 a.m.8 views

CVE-2026-12610 Sssd: use-after-free crash in sssd' 'sssd_pam' process

A flaw was found in sssd. When authenticating with a YubiKey, the SSSD PAM responder can crash due to a use-after-free vulnerability, where a memory pointer is incorrectly handled. A local attacker could exploit this flaw by manipulating smartcard or YubiKey contents, leading to a denial of servi...

6.4CVSS5.8AI score0.00155EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/30 8:5 a.m.7 views

CVE-2026-45822

decode-uri-component through 0.4.1 is vulnerable to denial of service. The decode function splits input on '%' producing N tokens and calls decodeComponents, exhibiting super-linear parsing time: 200 '%ab' tokens takes approximately 0.7s, 700 tokens approximately 6s, and 1400 tokens approximately...

8.7CVSS5.8AI score0.00304EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/30 7:20 a.m.7 views

CVE-2026-12578 DTMSoft - Deserialization of Untrusted Data Vulnerability

The affected product is vulnerable to a deserialization of untrusted data, which may allow an attacker to execute arbitrary code...

8.4CVSS6AI score0.00388EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 6:52 a.m.7 views

CVE-2026-12240 Export User Data <= 2.2.6 - Authenticated (Subscriber+) PHP Object Injection to Arbitrary File Deletion via display_name Field

The Export User Data plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the unserialize function in all versions up to, and including, 2.2.6. This makes it possible for authenticated attackers, with subscriber-level access and above, to delet...

8CVSS6.5AI score0.00341EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/30 6:29 a.m.18 views

CVE-2026-14164 Libarchive: double-free vulnerability in rar5 decompression logic via dangling filtered_buf pointer in init_unpack()

A double free issue has been identified in libarchive's RAR5 reader. During parsing of a specially crafted RAR5 archive, the filteredbuf pointer may remain stale after being freed during unpacking state reinitialization. Subsequent processing of another archive entry can trigger a second free of...

7.5CVSS5.7AI score0.0035EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/06/30 6:28 a.m.7 views

CVE-2026-12819 DVP-12SE Missing Authentication and Unauthorized Write access Vulnerability

Delta Electronics DVP12SE PLC exposes a Modbus TCP service over a specified port without authentication or access control, permitting unauthenticated interaction with security-sensitive PLC functions...

9.3CVSS5.8AI score0.0031EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 6:24 a.m.7 views

CVE-2026-12818 DVP-12SE Exposure of Sensitive Information Vulnerability

Delta Electronics DVP12SE PLCs are susceptible to a resource allocation vulnerability without limits or throttling CWE-770 within their Modbus TCP service...

9.3CVSS5.8AI score0.00253EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 6:2 a.m.7 views

CVE-2026-56137

RPG MAKER MV and MZ provided by Gotcha Gotcha Games Inc. contain an OS command injection vulnerability. If a user loads a specially crafted save-file, arbitrary OS command may be executed...

8.4CVSS7.2AI score0.00677EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/30 6:2 a.m.7 views

CVE-2026-56809

Multiple laser printers and MFPs multifunction printers which implement Ricoh Web Image Monitor contain a reflected cross-site scripting vulnerability. An arbitrary script may be executed on the web browser of the user who accesses a crafted URL...

6.1CVSS6.4AI score0.00187EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/30 6:0 a.m.8 views

CVE-2026-56808

DGM3103SCT provided by AVTECH Security Corporation contains an OS command injection vulnerability, which may lead to arbitrary command execution with the root privilege by a user who can log in to the web management console of the affected product...

8.6CVSS7.3AI score0.0155EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/30 6:0 a.m.20 views

CVE-2026-9576 Fluent Booking < 2.1.2 - Calendar Manager+ Sensitive Information Disclosure via Attendee Export

The Fluent Booking WordPress plugin before 2.1.2 does not verify ownership of the requested groupid before exporting attendee data via the export endpoint, allowing users with at least the Calendar Manager role to retrieve attendees' PII name, email, phone, address, payment information from...

5.8AI score0.00234EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 6:0 a.m.8 views

CVE-2026-11581 Kali Forms < 2.4.13 - Contributor+ Stored XSS via Form Field Caption

The Kali Forms — Contact Form & Drag-and-Drop Builder WordPress plugin before 2.4.13 does not sanitise a form field's caption before outputting it as a column header on the administrator form-entries screen, allowing users with Contributor-level access or above to store JavaScript that executes i...

5.8AI score0.0014EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 6:0 a.m.7 views

CVE-2026-11590 WP Support Plus Responsive Ticket System <= 9.1.2 - Unauthenticated SQL Injection via filter[elements] Array Keys

The WP Support Plus Responsive Ticket System WordPress plugin through 9.1.2 does not sanitize user-supplied array keys before using them in a SQL statement, allowing unauthenticated users to perform SQL injection attacks...

5.8AI score0.00262EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 6:0 a.m.6 views

CVE-2026-11589 WP Support Plus Responsive Ticket System <= 9.1.2 - Unauthenticated Stored XSS via File Upload

The WP Support Plus Responsive Ticket System WordPress plugin through 9.1.2 does not properly validate uploaded files, allowing unauthenticated users to upload files containing malicious JavaScript such as HTML or SVG to a publicly accessible location, leading to Stored Cross-Site Scripting attac...

5.6AI score0.00276EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 5:34 a.m.8 views

CVE-2026-12073 ProfileGrid - User Profiles, Groups and Communities <= 5.9.9.5 - Unauthenticated Privilege Escalation via Email Overwrite

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.9.9.5. This is due to the plugin not validating a userlogin on registration forms that don't contain this parameter, and...

9.8CVSS5.8AI score0.0031EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/30 4:30 a.m.8 views

CVE-2026-11367 PixMagix <= 1.7.2 - Authenticated (Author+) Path Traversal in 'layers[].id' Parameter

The PixMagix – WordPress Image Editor plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.7.2 via the moveimageonserver function. This makes it possible for authenticated attackers, with author-level access and above, to write files with...

6.5CVSS5.9AI score0.00541EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/30 4:30 a.m.6 views

CVE-2026-12349 Premium Addons for KingComposer <= 1.1.1 - Missing Authorization to Unauthenticated Arbitrary Custom Sidebar Creation and Deletion via 'add_custom_sidebar' and 'remove_custom_sidebar' AJAX actions

The Premium Addons for KingComposer plugin for WordPress is vulnerable to unauthorized modification and loss of data in versions up to, and including, 1.1.1. This is due to missing authorization and capability checks on the addcustomsidebar and removecustomsidebar AJAX handlers, both of which are...

5.3CVSS5.9AI score0.00239EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/30 4:30 a.m.7 views

CVE-2026-8944 Plugin for Google Analytics by IO technologies <= 1.1 - Cross-Site Request Forgery via 'ga_id' Parameter

The Plugin for Google Analytics by IO technologies plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1. This is due to missing or incorrect nonce validation on the Google Analytics settings page ga.php. This makes it possible for unauthenticated...

4.3CVSS5.6AI score0.00102EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/30 4:30 a.m.6 views

CVE-2026-12560 Editorial Rating <= 4.0.5 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'Link URL' Field

The Editorial Rating – Product Review & Rating System plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'Link URL' Field in all versions up to, and including, 4.0.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

4.4CVSS5.9AI score0.0024EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2026/06/30 2:30 a.m.9 views

CVE-2026-12114 Team Members <= 8.7 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'custom_css' Parameter

The Team Members – Multi Language Supported Team Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 8.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, wi...

4.4CVSS5.9AI score0.00212EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/06/30 2:9 a.m.6 views

CVE-2026-14160

Time-of-check time-of-use TOCTOU race condition vulnerability in Samsung Open Source Escargot allows Leveraging Race Conditions. This issue affects Escargot: bab3a5797557014ce3c2e28419a6310cfba90d0d...

5.9CVSS5.8AI score0.0009EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 1:9 a.m.5 views

CVE-2026-58302

rtapiapp in linuxcnc-uspace in LinuxCNC before 2.9.9 allows privilege escalation. It is installed SUID root and loads shared library modules via dlopen by using a user-supplied module name. Insufficient validation of the module name allows path traversal, enabling an unprivileged local user to lo...

8.4CVSS5.9AI score0.00152EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/30 12:14 a.m.6 views

CVE-2026-12243 Path Traversal via Percent-Encoding in nltk.data.find() and nltk.data.load()

NLTK version 3.9.4 is vulnerable to a path traversal attack due to an incomplete fix for GitHub Issue 3504. The UNSAFENOPROTOCOLRE regex in nltk/data.py checks for literal ../ sequences but fails to account for percent-encoded traversal sequences such as ..%2f. The url2pathname function decodes...

7.5CVSS7.3AI score0.0051EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/06/30 12:0 a.m.5 views

CVE-2026-52196

Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub416f28 component...

5.8AI score0.00452EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/30 12:0 a.m.4 views

CVE-2026-52195

Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub472f08 component...

5.8AI score0.00452EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/30 12:0 a.m.5 views

CVE-2026-52193

Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub447CAC component...

5.8AI score0.00423EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/30 12:0 a.m.4 views

CVE-2026-37106

An issue in DokuWiki 2025-05-14b "Librarian" 56.2 allows a remote attacker to create an account via the register function in inc/auth.php. NOTE: this is disputed by the Supplier because this is the intentional behavior when the product is configured for self-registration a non-default feature...

5.8AI score0.0051EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/30 12:0 a.m.5 views

CVE-2026-52198

Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub425994 component...

5.8AI score0.00423EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/30 12:0 a.m.7 views

CVE-2026-52197

An issue in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub44af70 component...

5.8AI score0.00409EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/29 10:51 p.m.7 views

CVE-2026-10648 NULL-pointer dereference in MCUmgr serial/console SMP transport on buffer-pool exhaustion

mcumgrserialprocessfrag in subsys/mgmt/mcumgr/transport/src/serialutil.c calls netbufreset on the result of smppacketalloc before checking it for NULL. smppacketalloc uses netbufallocKNOWAIT against the shared MCUmgr packet pool CONFIGMCUMGRTRANSPORTNETBUFCOUNT, default 4, which returns NULL when...

6.2CVSS6AI score0.00109EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/06/29 10:15 p.m.6 views

CVE-2026-8023 Path traversal in Zephyr HTTP server static-filesystem resource handler allows unauthenticated remote arbitrary file read

Zephyr's HTTP server subsys/net/lib/http provides a static-filesystem resource type HTTPRESOURCETYPESTATICFS, available when CONFIGFILESYSTEM is enabled that serves files from a configured root directory. Before this fix, both the HTTP/1 and HTTP/2 front-ends placed the raw, attacker-controlled...

7.5CVSS6AI score0.00912EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/06/29 10:9 p.m.7 views

CVE-2026-7656 Broken IPv6 Neighbor Discovery input validation allows spoofed RA/NS/NA acceptance in Zephyr net stack

The IPv6 Neighbor Discovery handlers in subsys/net/ip/ipv6nbr.c handlerainput, handlensinput, handlenainput used an incorrect boolean expression that combined the RFC 4861 validity checks with the ICMPv6 code check using the wrong operator precedence: the form was 'length/hop/source/target checks...

8.1CVSS6AI score0.00205EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/06/29 9:47 p.m.7 views

CVE-2026-34592 Coolify: Cross-Team IDOR via Unscoped Server and Project Lookups Exposes SSH Keys and Infrastructure

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, Coolify server and project lookups are not scoped to the current team, allowing any authenticated user to access servers and projects belonging to other teams by specifying...

7.7CVSS5.8AI score0.00201EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/29 9:39 p.m.8 views

CVE-2026-10647 Deadlock denial of service in USB CDC-NCM device class on TX enqueue failure

The USB CDC-NCM device class subsys/usb/devicenext/class/usbdcdcncm.c ignores the return value of usbdepenqueue in its ethernet transmit callback cdcncmsend. When the enqueue fails, the function still calls ksemtake&data-syncsem, KFOREVER, blocking on a completion semaphore that is only ever...

5.3CVSS6AI score0.00134EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/06/29 9:16 p.m.4 views

CVE-2026-57997 Strapi users-permissions - JWT Algorithm Confusion via Missing Algorithm Configuration

Strapi users-permissions plugin fails to restrict JWT algorithms when plugin::users-permissions.jwt.algorithm is not explicitly configured, allowing acceptance of HS384 and HS512 tokens alongside HS256. Attackers possessing the jwtSecret can mint tokens with non-standard HMAC variants to bypass...

6.3CVSS5.8AI score0.00147EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/29 8:47 p.m.17 views

CVE-2026-55957 Apache Tomcat: Authentication bypass with JNDIRealm and GSSAPI authenticated bind

Missing Critical Step in Authentication vulnerability in Apache Tomcat when the JNDIRealm was configured to authenticate binds using GSSAPI allowed attackers to authenticate without provided the correct password. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.4, from 10.1.0-M1...

5.7AI score0.00462EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/29 8:46 p.m.4 views

CVE-2026-55956 Apache Tomcat: Security constraints for default servlet ignored method

Improper Authorization vulnerability in Apache Tomcat leads to security constraints specified for the default servlet ignoring any method or method omission configured as part of the constraint. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from...

5.7AI score0.0041EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/29 8:44 p.m.6 views

CVE-2026-55955 Apache Tomcat: EncryptInterceptor not protected against replay attacks

Improper Authentication vulnerability in Apache Tomcat allowed a replay attack against the EncryptionInterceptor in the cluster component. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from 9.0.13 through 9.0.18, from 8.5.38 through 8.5.100, fro...

5.7AI score0.0028EPSS
Exploits0References1
Total number of security vulnerabilities161693