Lucene search
K

368666 matches found

CVE
CVE
added 4 days ago8 views

CVE-2026-54764

Technical details for CVE-2026-54764 are not publicly available in the provided documents. Monitor for updates as the entry is reserved and no exposed vulnerability information is present.

Exploits0References2
CVE
CVE
added 4 days ago7 views

CVE-2026-45045

GoFiber vulnerability (BalancerForward) : The GoFiber proxy helper uses Header.Add("X-Real-IP", c.IP()) instead of Header.Set(), causing the attacker-supplied IP to be combined with the real client IP. Upstream servers that read the first X-Real-IP value can log, rate-limit, or gate access using ...

Exploits0References4
CVE
CVE
added 4 days ago13 views

CVE-2026-44332

Summary: GoFiber’s BasicAuth default Authorizer short-circuits on unknown usernames, causing a timing oracle that leaks username existence. The vulnerability arises because verifiers are only invoked for known users; for unknown users, authentication returns false immediately, creating a ~100ms v...

Exploits0References4
CVE
CVE
added 4 days ago12 views

CVE-2026-53357

CVE-2026-53357 triggers a use-after-free in the Linux kernel Bluetooth stack (l2cap) when closing a listening socket: bt_accept_dequeue() temporarily holds the child, then cleanup_listen() may operate on a sk that has already been freed by l2cap_conn_del() during an HCI disconnect. The race occur...

5.8AI score0.00165EPSS
Exploits0References8
CVE
CVE
added 4 days ago8 views

CVE-2026-53358

The CVE-2026-53358 issue is in the Linux kernel Bluetooth L2CAP code. The vulnerability related to channel cleanup in cleanup_listen() was fixed by not calling l2cap_chan_close() under the incorrect lock order; instead, it now schedules l2cap_chan_timeout with a delay of 0 to close the channel as...

5.8AI score0.00165EPSS
Exploits0References8
CVE
CVE
added 4 days ago5 views

CVE-2026-57796

The CVE entry references a Local File Inclusion (LFI) vulnerability in the WordPress Leedo theme (versions

Exploits0
CVE
CVE
added 4 days ago6 views

CVE-2026-57795

CVE-2026-57795 is associated with a Local File Inclusion vulnerability in the WordPress Theme Kitchor, affected versions

Exploits0
CVE
CVE
added 4 days ago5 views

CVE-2026-57794

Affected product/impacted component: WordPress Golo Framework plugin (versions ≤ 1.7.3). Vulnerability type: Local File Inclusion (LFI). Discovery/credit: Discovered by João Pedro S Alcântara (Kinorth). Impact/notes: The provided documents identify an LFI vulnerability but do not include details ...

Exploits0
CVE
CVE
added 4 days ago7 views

CVE-2026-57792

The Connected document details a Local File Inclusion (LFI) vulnerability in WordPress theme Dør, versions <= 2.4.1. Affected software: WordPress Dør theme (

Exploits0
CVE
CVE
added 4 days ago7 views

CVE-2026-57793

CVE-2026-57793 is supported by a connected document describing a Local File Inclusion vulnerability in the WordPress Flow theme, versioned

Exploits0
CVE
CVE
added 4 days ago8 views

CVE-2026-57791

WordPress Brook theme affected: Brook theme

Exploits0
CVE
CVE
added 4 days ago6 views

CVE-2026-57789

CVE-2026-57789 is supported by a connected entry describing a Local File Inclusion vulnerability in the WordPress Theme Aqua, versions ≤ 5.1.2. Affected component: Aqua theme; vulnerability class: Local File Inclusion. Exploit details, root cause specifics, and remediation steps are not provided ...

Exploits0
CVE
CVE
added 4 days ago6 views

CVE-2026-57790

WordPress theme Billey versions

Exploits0
CVE
CVE
added 4 days ago7 views

CVE-2026-57788

Affected software : WordPress Theme Aalto (versions ≤ 1.8). Vulnerability : Local File Inclusion (LFI). Discovery/attribution : Identified by João Pedro S Alcântara (Kinorth). Details provided : The connected document states the vulnerability exists in Theme Aalto ≤ v1.8 and is a local file inclu...

Exploits0
CVE
CVE
added 4 days ago6 views

CVE-2026-57787

The connected entry identifies a concrete vulnerability: WordPress plugin CWS SVGicons (versions ≤ 1.5.5) has an SQL Injection flaw. The issue is attributed to the CWS SVGicons plugin, with the vulnerability discovered by Phat RiO. The CVE-2026-57787 description in the initial document is reserve...

Exploits0
CVE
CVE
added 4 days ago6 views

CVE-2026-57786

The connected document identifies a concrete vulnerability: WordPress WorkScout-Core plugin, versions

Exploits0
CVE
CVE
added 4 days ago6 views

CVE-2026-57783

Summary: WordPress Speaker plugin versions ≤ 4.1.13 have a Cross Site Scripting (XSS) vulnerability, as reported by the PatchStack entry. The connected document confirms the affected product and the vulnerability type, but provides no details on root cause, affected components beyond the plugin, ...

Exploits0
CVE
CVE
added 4 days ago5 views

CVE-2026-57773

The connected data confirms a SQL Injection vulnerability in the WordPress plugin Advanced Shipment Tracking for WooCommerce (versions

Exploits0
CVE
CVE
added 4 days ago11 views

CVE-2026-4767

Technical details (affected product/version, root cause, impact, or remediation) are not publicly provided in the supplied documents. Monitor for updates.

9.8CVSS5.8AI score0.00333EPSS
Exploits0References1
CVE
CVE
added 4 days ago9 views

CVE-2026-4772

CVE-2026-4772 describes a stored cross-site scripting vulnerability in TR7 Cyber Defense Inc. WAF-ASP. Affected versions range from v1.0.324.900 up to, but not including, v1.4.0.117. The issue arises from improper neutralization of input during web page generation. The CVE is confirmed by multipl...

5.4CVSS5.8AI score0.00133EPSS
Exploits0References1
Rows per page
Query Builder