369054 matches found
CVE-2026-58035
The CVE describes a stored XSS in MediaWiki (Wikimedia Foundation) related to resources/src/mediawiki.Special.Block/SpecialBlock.Vue in the codex version of Special:Block. The issue arises from improper neutralization of user input during web page generation, enabling XSS via a system message. Af...
CVE-2026-5220
DivvyDrive Information Technologies Inc. DivvyDrive contains a Stored XSS vulnerability caused by improper neutralization of input during web page generation. Affected versions are 4.8.2.23 up to, but not including, 4.8.3.1. CVSS v3.1 base score 6.4 (Medium) with network attack vector, low attack...
CVE-2026-14330
CVE-2026-14330 describes an issue in Pipewire’s PulseAudio protocol server, where multiple unbounded alloca() calls can cause a stack overflow. The affected component is the PulseAudio protocol server within Pipewire. Root cause: unbounded alloca() usage leading to potential stack overflow. Accor...
CVE-2026-14324
CVE-2026-14324 — Pipewire RAOP module vulnerability. The RAOP module accepts unbounded Content-Length values and does not validate the return of pw_array_add(), which can lead to a null dereference. This is a technical detail documented in the CVE record and CVE-list entry. The CVSSv3.1 metrics i...
CVE-2026-2891
The CVE-2026-2891 entry concerns Poly Voice IP devices (CCX, Trio, Edge E) and describes a potential DoS if these devices connect to a malicious SIP server sending malformed data. Affected components are the Poly Voice devices themselves; the root cause is triggered by malformed SIP input from a ...
CVE-2026-5138
Foreman vulnerability CVE-2026-5138 involves the taxonomy_scope controller failing to validate organization and location IDs in nested request parameters. An authenticated user with host-edit permissions can trigger cross-tenant information disclosure, leaking sensitive infrastructure metadata (s...
CVE-2026-5135
CVE-2026-5135 concerns Foreman and describes a broken access control vulnerability where an authenticated user with host-edit permissions can retarget an existing lookup value override to a different host by modifying the match field via nested host attributes, effectively bypassing authorisation...
CVE-2026-5142
CVE-2026-5142 (Foreman) : A flaw allows authenticated users with the low-privilege permission view_keypairs to bypass taxonomy scoping and download private SSH keys from other organizations by querying key pair IDs. This results in cross-tenant data exposure in multi-tenant deployments. The initi...
CVE-2026-12374
CVE-2026-12374 affects the macOS PrivilegedHelperTool in Cato Client prior to v5.13.1. The issue combines improper XPC caller certificate validation with a TOCTOU race, allowing a local authenticated attacker to escalate to root by using a self-signed certificate that bypasses XPC caller verifica...
CVE-2026-49089
Kibana ( Elastic 8.x ) is affected by CVE-2026-49089 through an Authorization Bypass via a user-controlled key in AI Assistant conversations, allowing an authenticated user to access or modify another user’s AI Assistant conversation and potentially perform unauthorized data modifications. Affect...
CVE-2026-6688
CVE-2026-6688 affects FatFs R0.16 and earlier . It is a downstream-caller vulnerability in FatFs long filename handling: with LFN enabled, fno.fname can be up to 255 characters , and callers copy it into short fixed buffers without bounds checks, causing a buffer overflow (CWE-120). CVSS v3.1: AV...
CVE-2026-6687
CVE-2026-6687 affects FatFs R0.16 and earlier. Root cause: f_getlabel() trusts exFAT label length (XDIR_NumLabel) beyond the spec maximums, causing a stack-based buffer overflow (CWE-121). Documented impact per CVSS: high for confidentiality, integrity, and availability. Exploitation status is no...
CVE-2026-6686
FatFs CVE-2026-6686 affects FatFs R0.16 and earlier. The issue is an uninitialized cluster exposure when f_lseek() extends a file beyond EOF without zero-filling newly allocated clusters, mapping to CWE-908 (Use of Uninitialized Resource). The root cause is not zero-filling or initializing cluste...
CVE-2026-23537
The CVE-2026-23537 issue affects the Feast Feature Server, specifically the vulnerable "/save-document" endpoint. An unauthenticated remote attacker can write arbitrary JSON files to the server filesystem, bypassing path restrictions and potentially overwriting vital configurations or startup scr...
CVE-2026-6685
FatFs CVE-2026-6685 affects FatFs R0.16 and earlier, where a stale dirty-cache skip can occur due to an unsigned-subtraction wrap in f_read() and f_write() during interleaved reads/writes on fragmented filesystems (fp->sect - sect < cc). The root cause is an integer underflow (CWE-191) in t...
CVE-2026-13602
The CVE-2026-13602 issue describes a session‑takeover chain affecting multiple payment integration plugins (Stripe, pretix-mollie, pretix-oppwa, pretix-bitpay, pretix-payone, pretix-secuconnect, pretix-sofort, pretix-saferpay) and core features. A code path transports session parameters via URL b...
CVE-2026-6684
CVE-2026-6684 affects FatFs prior to R0.16 when GPT scanning is used with FF_LBA64 = 1. The issue stems from an unbounded loop count derived from the GPT header field GPTH_PtNum, leading to extremely long or effectively infinite mount-time scans (CWE-835: Loop with Unreachable Exit Condition). Af...
CVE-2026-6683
CVE-2026-6683 describes a divide-by-zero in FatFs exFAT sync for FatFs R0.16 and earlier. The bug arises when crafted metadata causes the expression n_fatent - 2 to be zero during write/sync, mapping to CWE-369 (Divide By Zero). The vulnerability is applicable to FatFs versions ending at R0.16 an...
CVE-2026-6682
CVE-2026-6682 affects FatFs in R0.16 and earlier, where in mount_volume() a multiply operation fasize *= fs->n_fats can overflow, causing an integer wrap. This overflow can lead to attacker-controlled file-size metadata and unsafe read lengths in downstream callers. Impact described as CWE-190...
CVE-2026-57692
WordPress PrivateContent plugin