VIR Vulnerability Intelligence Relay

Search

Found 45,581 results in 9250ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2025-61669 medium 6.1 6.1 debian debian jupyter 1mo ago Jupyter Server has an open redirection vulnerability in `next` query parameter
CVE-2025-52206 medium 4.7 4.7 ispconfig 1mo ago ISPConfig 3.3.0 is vulnerable to Cross Site Scripting (XSS) via the system status webpage.
CVE-2026-7778 medium 5.0 5.0 1mo ago An issue that could allow a dashboard configuration to be viewed from outside of the authorized organization scope has been resolved. This is an instance of CWE-269: Improper Privilege Management, an…
CVE-2026-30246 medium 6.5 6.5 gofiber 1mo ago Fiber's cache middleware default key generator ignores query string, causing response mix-up across distinct query parameters
CVE-2026-28510 medium 5.9 5.9 elabftw 1mo ago eLabFTW is an open source electronic lab notebook. In elabftw versions through 5.4.1, the login flow did not reliably preserve the multi-factor authentication state across authentication steps. Under…
CVE-2026-27694 medium 5.4 5.4 traccar 1mo ago Traccar is an open source GPS tracking system. In org.traccar:traccar versions starting at 6.11.1 before 6.13.0, the email notification templates insert user-controlled device, geofence, and driver n…
CVE-2026-27693 medium 5.4 5.4 traccar 1mo ago Traccar is an open source GPS tracking system. In org.traccar:traccar versions starting at 6.11.1 before 6.13.0, the KML and GPX export functionality writes device names to XML output without proper …
CVE-2026-27644 medium 6.5 6.5 traccar 1mo ago Traccar is an open source GPS tracking system. In versions between 6.11.1 and 6.13.0, the CSV export functionality writes position data, including user-controlled device and computed attributes, to C…
CVE-2026-6262 medium 6.5 6.5 1mo ago The Betheme theme for WordPress is vulnerable to Arbitrary File Deletion in versions up to, and including, 28.4. This is due to the upload_icons() function workflow using a user-controlled upload pat…
CVE-2026-43574 medium 6.5 6.5 openclaw 1mo ago OpenClaw: Empty approver lists could grant explicit approval authorization
CVE-2026-43572 medium 5.3 5.3 openclaw 1mo ago OpenClaw: Microsoft Teams SSO invoke handler missed sender authorization checks
CVE-2026-43570 medium 6.5 6.5 openclaw 1mo ago OpenClaw contains a symlink traversal vulnerability
CVE-2026-43568 medium 6.5 6.5 openclaw 1mo ago OpenClaw: Memory dreaming config persistence was reachable from operator.write commands
CVE-2026-43567 medium 6.5 6.5 openclaw 1mo ago OpenClaw: screen_record outPath bypassed workspace-only filesystem guard
CVE-2026-43529 low 2.5 2.5 openclaw 1mo ago OpenClaw: TOCTOU read in exec script preflight
CVE-2026-43528 medium 6.5 6.5 openclaw 1mo ago OpenClaw: config.get redaction bypass through sourceConfig and runtimeConfig aliases
CVE-2026-42433 medium 6.5 6.5 1mo ago OpenClaw: Matrix profile config persistence was reachable from operator.write message tools
CVE-2023-54349 medium 6.1 6.1 1mo ago AmazCart CMS 3.4 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting payloads through the search functionality. Att…
CVE-2025-42611 medium 6.5 6.5 1mo ago RouterOS provides various services that rely on correct verification of client and server certificates to secure confidentiality and integrity of communications. This includes OpenVPN, CAPsMAN, Dot1x…
CVE-2026-43868 medium 5.3 5.3 FIX debian debianwindows windows apache 1mo ago Apache Thrift has a Memory Allocation with Excessive Size Value Vulnerability
CVE-2026-3601 medium 4.3 4.3 1mo ago The User Registration & Membership plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the `embed_form_action()` function in all versions up t…
CVE-2026-6418 medium 4.9 4.9 papercut 1mo ago An issue was discovered in the Shared Account Synchronization component of PaperCut MF (version 25.0.4). The application allows administrative users to configure a source path for account data synchr…
CVE-2026-3454 medium 6.5 6.5 1mo ago The GenerateBlocks plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.0. This is due to missing object-level authorization checks in the …
CVE-2026-2729 medium 5.3 5.3 1mo ago The Forminator plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.52.0. This is due to the plugin not properly verifying that a user is authorized to p…
CVE-2026-7822 medium 6.3 6.3 1mo ago A vulnerability was identified in itsourcecode Courier Management System 1.0. This impacts an unknown function of the file /print_pdets.php. The manipulation of the argument ids leads to sql injectio…
CVE-2026-4362 medium 6.5 6.5 1mo ago The ElementsKit Elementor Addons plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the `Live_Action::reset()` function in all versions up to…
CVE-2026-5957 medium 6.5 6.5 1mo ago The EmailKit plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to and including 1.6.5. This is due to a flawed path traversal validation in the create_template() method of …
CVE-2026-5159 medium 6.4 6.4 1mo ago The Royal Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Instagram Feed widget's 'instagram_follow_text' setting in all versions up to, and including, …
CVE-2026-4665 medium 6.4 6.4 1mo ago The WP Carousel Free plugin for WordPress is vulnerable to Stored Cross-Site Scripting via crafted fancybox `data-caption` attributes in all versions up to, and including, 2.7.10. This is due to the …
CVE-2026-2948 medium 6.4 6.4 1mo ago The Gutenverse – Ultimate WordPress FSE Blocks Addons & Ecosystem plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 3.5.3 via the import_images() fun…
CVE-2026-6704 medium 6.1 6.1 1mo ago The Blog Settings plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 1.0. This is due to insufficient input sanitizati…
CVE-2026-6702 medium 6.1 6.1 1mo ago The Publish 2 Ping.fm plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1. This is due to missing or incorrect nonce validation on the '/wp-admi…
CVE-2026-6701 medium 4.3 4.3 1mo ago The addfreespace plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.1.3. This is due to missing or incorrect nonce validation on a function. This…
CVE-2026-6700 medium 4.3 4.3 1mo ago The DX Sources plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.1. This is due to missing or incorrect nonce validation on the settings_page_…
CVE-2026-6696 medium 6.1 6.1 1mo ago The Zingaya Click-to-Call plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'email', 'first_name', 'last_name', and 'phone' parameters on the plugin's sign-up admin page in…
CVE-2026-6255 medium 6.4 6.4 1mo ago The Simple Owl Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'num' attribute of the 'owls_wrapper' shortcode in all versions up to, and including, 2.1.1 due to …
CVE-2026-5505 medium 6.4 6.4 1mo ago The WP-Clippy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `clippy` shortcode in all versions up to, and including, 1.0.0. This is due to insufficient input sani…
CVE-2026-5247 medium 5.5 5.5 1mo ago The Schedule Post Changes With PublishPress Future plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wrapper' attribute of the [futureaction] shortcode in all versions up to,…
CVE-2026-4730 medium 6.4 6.4 1mo ago The Charts Ninja: Create Beautiful Graphs & Charts and Easily Add Them to Your Website plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'chartid' shortcode attribute in all v…
CVE-2026-4409 medium 6.5 6.5 1mo ago The Subscribe To Comments Reloaded plugin for WordPress is vulnerable to unauthorized modification of data due to a leaked secret key and usage of a weak hash generation algorithm in all versions up …
CVE-2026-2868 medium 6.4 6.4 1mo ago The Gutenverse – Ultimate WordPress FSE Blocks Addons & Ecosystem plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'separatorIconSVG' parameter in versions up to, and includi…
CVE-2026-1921 medium 4.9 4.9 1mo ago The Loco Translate plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 2.8.2 via the `fsReference` AJAX route. This is due to the `findSourceFile()` method norm…
CVE-2026-44029 medium 5.3 5.3 FIX slesdebian debian 1mo ago An issue was discovered in Nix before 2.34.7. Writing to arbitrary files can occur via "nix-prefetch-url --unpack" or "nix store prefetch-file --unpack" directory traversal. The fixed versions are 2.…
CVE-2026-7783 medium 6.3 6.3 1mo ago A flaw has been found in CodeCanyon Perfex CRM up to 3.4.1. This vulnerability affects the function AbstractKanban::applySortQuery of the file application/services/AbstractKanban.php of the component…
CVE-2026-35536 medium 5.5 FIX rhel sles rocky 1mo ago Moderate: python-tornado security update
CVE-2026-31958 medium 5.5 FIX rhel sles rocky 1mo ago Moderate: python-tornado security update
CVE-2026-29111 medium 5.5 FIX rhel slesdebian debian 1mo ago Moderate: systemd security update
CVE-2026-7782 medium 6.3 6.3 1mo ago A vulnerability was detected in CodeCanyon Perfex CRM up to 3.4.1. This affects the function Clients::project of the file application/controllers/Clients.php of the component Tenant Handler. The mani…
CVE-2026-7781 medium 4.3 4.3 1mo ago A security vulnerability has been detected in Open5GS up to 2.7.7. Affected by this issue is the function udm_nudm_uecm_handle_amf_registration_update of the file /src/udm/nudm-handler.c of the compo…
CVE-2026-7780 medium 4.3 4.3 1mo ago A weakness has been identified in Open5GS up to 2.7.7. Affected by this vulnerability is the function udm_state_operational of the file /src/udm/udm-sm.c of the component smf-registrations Endpoint. …
CVE-2026-7779 medium 4.3 4.3 1mo ago A security flaw has been discovered in Open5GS up to 2.7.7. Affected is the function udm_nudr_dr_handle_subscription_authentication of the file /src/udm/nudr-handler.c of the component authentication…
CVE-2026-42223 medium 6.5 6.5 nginxui 1mo ago Nginx-UI Settings API Exposes Protected Secrets
CVE-2026-42220 medium 6.5 6.5 nginxui 1mo ago Nginx-UI: Authenticated settings disclosure exposes node.secret and enables trusted-node authentication abuse, backup exfiltration, and restore-based nginx-ui state rollback
CVE-2026-41891 medium 5.5 1mo ago CI4MS has a Deactivated User Session Bypass (active=0)
CVE-2026-41890 medium 5.5 1mo ago CI4MS Vulnerable to Arbitrary Database Table Drop via Theme deleteProcess
CVE-2026-42309 medium 5.5 5.5 FIX slesdebian debian python 1mo ago Pillow has a heap buffer overflow with nested list coordinates
CVE-2026-42051 medium 4.3 4.3 getkirby 1mo ago Kirby CMS's system API endpoint leaks installed version and license data to authenticated users
CVE-2026-42174 medium 4.3 4.3 getkirby 1mo ago Kirby CMS doesn't gate user avatar creation, replacement and deletion with user update permissions
CVE-2026-42069 medium 6.5 6.5 getkirby 1mo ago Kirby CMS's read access to site, user and role information is not gated by permissions
CVE-2026-42230 medium 6.1 6.1 n8n 1mo ago n8n has Open Redirect in MCP OAuth Consent Flow
CVE-2026-42228 medium 6.5 6.5 n8n 1mo ago n8n Vulnerable to Hijacking of Unauthenticated Chat Execution
CVE-2026-42227 medium 6.5 6.5 n8n 1mo ago n8n has Public API Variables IDOR that Allows Cross-Project Secret Disclosure
CVE-2026-41686 medium 4.4 4.4 anthropic 1mo ago Claude SDK for TypeScript has Insecure Default File Permissions in Local Filesystem Memory Tool
CVE-2026-42146 medium 5.5 5.5 FIX debian debian 1mo ago CImg Library is a C++ library for image processing. Prior to commit c3aacf5, the nb_colors field read from the BMP file header is used directly to compute an allocation size without validating it aga…
CVE-2026-42144 medium 6.1 6.1 FIX debian debian 1mo ago CImg Library is a C++ library for image processing. Prior to commit 4ca26bc, there is an integer overflow vulnerability in the W*H*D size computation inside _load_pnm() that can bypass the memory all…
CVE-2026-42140 medium 4.4 4.4 1mo ago XWiki PlantUML Macro Vulnerable to Server-Side Request Forgery (SSRF) via 'server' parameter
CVE-2026-42138 medium 6.1 6.1 langgenius 1mo ago Dify is an open-source LLM app development platform. Prior to version 1.13.1, using the method POST /api/files/upload, any unauthenticated user can upload an SVG file with XSS. The method POST /v1/fi…
CVE-2026-42092 medium 6.5 6.5 1mo ago titra is an open source time tracking project. In version 0.99.52, the globalsettings Meteor publication returns all global settings without any admin or role check. Any authenticated user can subscr…
CVE-2026-42091 medium 6.5 6.5 goshs 1mo ago goshs has Cross-Origin Arbitrary File Write via Missing CSRF on PUT and Wildcard CORS
CVE-2026-41572 medium 5.3 5.3 1mo ago Note Mark: Unauthenticated read of notes and assets in soft-deleted public books
CVE-2026-42080 medium 4.6 4.6 1mo ago PPTAgent: Arbitrary File Write via `save_generated_slides`
CVE-2026-42078 medium 4.6 4.6 1mo ago PPTAgent: Arbitrary File Write + Directory Creation via markdown_table_to_image
CVE-2026-42077 medium 5.2 5.2 1mo ago Evolver has Prototype Pollution via `Object.assign()` in its mailbox store operations
CVE-2026-38669 medium 6.1 6.1 1mo ago wCMS v.1.4 is vulnerable to Cross Site Scripting (XSS) when creating a new blog.
CVE-2025-47406 medium 5.5 5.5 1mo ago Information Disclosure while processing IOCTL handler callbacks without verifying buffer size.
CVE-2026-37458 medium 6.5 6.5 FIX debian debian sleswindows windows frrouting 1mo ago Missing input validation in the MP_REACH_NLRI component of FRRouting (FRR) stable/10.0 to stable/10.6 allows authenticated attackers to cause a Denial of Service (DoS) via supplying a crafted UPDATE …
CVE-2025-70071 medium 5.9 5.9 debian debian sles 1mo ago An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXParser.cpp, ParseVectorDataArray()
CVE-2026-6501 medium 5.5 1mo ago jOpenDocument has an improper restriction of XML external entity reference vulnerability
CVE-2026-33523 medium 6.5 6.5 FIX debian debian sleswindows windows apache 1mo ago HTTP response splitting vulnerability in multiple Apache HTTP Server modules with untrusted or compromised backend servers. This issue affects Apache HTTP Server: from through 2.4.66. Users are rec…
CVE-2026-33007 medium 5.3 5.3 FIX debian debian rhel sles apache 1mo ago A NULL pointer dereference in the mod_authn_socache in Apache HTTP Server 2.4.66 and earlier allows an unauthenticated remote user to crash a child process in a caching forward proxy configuration. …
CVE-2026-33006 medium 4.8 4.8 FIX debian debian sleswindows windows apache 1mo ago A timing attack against mod_auth_digest in Apache HTTP Server 2.4.66 allows a bypass of Digest authentication by a remote attacker. Users are recommended to upgrade to version 2.4.67, which fixes th…
CVE-2025-70072 medium 6.5 6.5 debian debian sles 1mo ago An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXConverter.cpp, FBXConverter::ConvertMeshMultiMaterial() components
CVE-2025-70070 medium 6.5 6.5 debian debian sles 1mo ago An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXMeshGeometry.cpp, MeshGeometry::MeshGeometry()
CVE-2026-34032 medium 5.3 5.3 FIX debian debian rhel sles apache 1mo ago Improper Null Termination, Out-of-bounds Read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which f…
CVE-2026-33857 medium 5.3 5.3 FIX debian debian rhel sles apache 1mo ago Out-of-bounds Read vulnerability in mod_proxy_ajp of Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the…
CVE-2026-31205 medium 5.7 5.7 1mo ago Cross Site Scripting vulnerability in Pluck CMS before v.4.7.21dev allows a remote attacker to escalate privileges via the editpage.php and the sanitizePageContent function
CVE-2026-7746 medium 6.3 6.3 1mo ago A vulnerability was identified in SourceCodester Web-based Pharmacy Product Management System 1.0. Affected is an unknown function of the file /product_expiry/edit-admin.php. Such manipulation of the…
CVE-2026-7745 medium 6.3 6.3 1mo ago A vulnerability was determined in CodeAstro Online Classroom 1.0. This impacts an unknown function of the file /OnlineClassroom/facultydetails. This manipulation of the argument deleteid causes sql i…
CVE-2026-7744 medium 6.3 6.3 1mo ago A vulnerability was found in CodeAstro Online Classroom 1.0. This affects an unknown function of the file /OnlineClassroom/addnewstudent. The manipulation of the argument fname results in sql injecti…
CVE-2026-7743 medium 6.3 6.3 1mo ago A vulnerability has been found in CodeAstro Online Classroom 1.0. The impacted element is an unknown function of the file /OnlineClassroom/studentdetails. The manipulation of the argument deleteid le…
CVE-2026-7742 medium 6.3 6.3 1mo ago A flaw has been found in CodeAstro Online Classroom 1.0. The affected element is an unknown function of the file /OnlineClassroom/facultylogin. Executing a manipulation of the argument fid can lead t…
CVE-2026-7741 medium 6.3 6.3 1mo ago A vulnerability was detected in CodeAstro Online Classroom 1.0. Impacted is an unknown function of the file /OnlineClassroom/studentlogin. Performing a manipulation of the argument sid results in sql…
CVE-2026-7740 low 3.3 3.3 1mo ago A security vulnerability has been detected in justdan96 tsMuxer up to 2.7.0. This issue affects the function VvcVpsUnit::setFPS of the file tsMuxer/vvc.cpp. Such manipulation of the argument track_id…
CVE-2026-7739 low 3.3 3.3 1mo ago A weakness has been identified in justdan96 tsMuxer up to 2.7.0. This vulnerability affects the function HevcVpsUnit::setFPS of the file /AFLplusplus/tsMuxer_prev/tsMuxer/hevc.cpp. This manipulation …
CVE-2026-7738 medium 6.3 6.3 1mo ago @puchunjie/doc-tools-mcp has a Path Traversal Issue
CVE-2026-5335 medium 5.3 5.3 1mo ago The Magic Export & Import WordPress plugin before 1.2.0 stores exported CSV files at a publicly accessible location, making it possible for any visitors to leak sensitive user information.
CVE-2026-43864 low 2.5 2.5 slesdebian debian 1mo ago mutt before 2.3.2 has a show_sig_summary NULL pointer dereference.
CVE-2026-43863 low 3.7 3.7 slesdebian debian 1mo ago mutt before 2.3.2 has an infinite loop in data_object_to_stream in crypt-gpgme.c.
CVE-2026-43862 low 3.7 3.7 slesdebian debian 1mo ago In mutt before 2.3.2, the imap_auth_gss security level is mishandled.
CVE-2026-43861 low 3.7 3.7 slesdebian debian 1mo ago mutt before 2.3.2 does not check for '\0' in url_pct_decode.