VIR Vulnerability Intelligence Relay

Search

Found 741 results in 62ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-45632 critical 9.9 9.9 7d ago Dokploy is a free, self-hostable Platform as a Service (PaaS). In 0.26.7 and earlier, the schedule router does not enforce organization/role checks. As a result, any authenticated user can create, up…
CVE-2026-45631 critical 10.0 10.0 7d ago Dokploy is a free, self-hostable Platform as a Service (PaaS). From 0.27.0 to before 0.29.3, a hardcoded BETTER_AUTH_SECRET fallback ("better-auth-secret-123456789") lets an unauthenticated attacker …
CVE-2026-45630 critical 9.0 9.0 7d ago Dokploy is a free, self-hostable Platform as a Service (PaaS). In 0.28.8 and earlier, authenticated OS command injection in the application.updateTraefikConfig tRPC endpoint allows admin/owner users …
CVE-2026-45629 critical 9.9 9.9 7d ago Dokploy is a free, self-hostable Platform as a Service (PaaS). In 0.28.8 and earlier, authenticated OS command injection in the /listen-deployment WebSocket endpoint allows any organization member to…
CVE-2026-45628 critical 9.6 9.6 7d ago Dokploy is a free, self-hostable Platform as a Service (PaaS). In 0.29.2 and earlier, Dokploy constructs shell commands using JavaScript template literals and executes them via child_process.exec() (…
CVE-2026-43917 unknown 7d ago Dokploy is a free, self-hostable Platform as a Service (PaaS). In 0.19.0 and earlier, the protectedProcedure middleware only verifies the user is authenticated - it does NOT enforce organization scop…
CVE-2026-47139 unknown 7d ago NodeVM network builtin exclusions bypass via internal _http_client and _http_server
CVE-2026-47140 unknown 7d ago NodeVM builtin denylist bypass via process and inspector/promises allows host code execution
CVE-2026-47210 unknown 7d ago vm2 sandbox escape via JSPI-backed Promise `.finally()` species bypass
CVE-2026-47137 unknown 7d ago vm2 has a CVE-2023-37903 patch bypass: nesting:true without explicit require still allows full RCE
CVE-2026-47209 unknown 7d ago vm2's Bridge Proxy set trap ignores receiver parameter, enabling host object property injection via prototype chain
CVE-2026-47135 unknown 7d ago vm2 has a sandbox escape via unblocked cross-realm Symbol.for keys + missing bridge write-trap symbol checks
CVE-2026-47208 unknown 7d ago vm2 is Vulnerable to Sandbox Breakout Through Promise Species
CVE-2026-47131 unknown 7d ago vm2 has a Sandbox Escape issue
CVE-2026-47200 unknown 7d ago Nuxt's route middleware is not enforced when rendering `.server.vue` pages via `/__nuxt_island/page_*`
CVE-2026-45742 unknown 7d ago Gotenberg has a Race Condition via Multipart `downloadFrom` Handling
CVE-2026-45741 unknown 7d ago Gotenberg has an SSRF deny-list bypass in IsPublicIP via IPv6 6to4 / NAT64 / site-local prefixes
CVE-2026-44829 unknown 7d ago Gotenberg has path traversal in zip entry name via Windows-style separators in upload filename
CVE-2026-9194 unknown 7d ago Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accid…
CVE-2026-48501 critical 9.1 9.1 debian debian github 7d ago GitHub CLI (gh) is GitHub’s official command line tool. Prior to 2.93.0, GitHub CLI incorrectly includes authorization header in API requests to TUF repository mirrors via gh attestation, gh release …
CVE-2026-45663 critical 9.9 9.9 7d ago Dokploy is a free, self-hostable Platform as a Service (PaaS). In 0.29.1 and earlier, a command injection vulnerability exists in the Docker file upload functionality. When an authenticated user uplo…
CVE-2026-44962 critical 10.0 10.0 7d ago Plesk contains an XPath injection vulnerability in the APS Application Catalog search functionality, where user-supplied input is interpolated into XPath queries without proper sanitization. This all…
CVE-2026-33386 unknown 7d ago QuickCMS is vulnerable to Cross-Site Scripting (XSS) through its insecure HTTP-based plugin‑fetching mechanism. A malicious attacker can perform a Man‑in‑the‑Middle (MITM) attack by impersonating the…
CVE-2026-33384 unknown 7d ago QuickCMS allows a user's session identifier to be set before authentication. The value of this session ID stays the same after authentication. This behaviour enables an attacker to fix a session ID f…
CVE-2026-10064 critical 9.8 9.8 trendnet 7d ago A security flaw has been discovered in TRENDnet TEW-432BRP 3.10B20. This affects the function formSetPortTr of the file /goform/formSetPortTr. Performing a manipulation of the argument special_name r…
CVE-2026-44495 unknown 7d ago axios Vulnerable to Credential Theft and Response Hijacking via Prototype Pollution Gadget in Config Merge
CVE-2026-44494 unknown 7d ago axios Vulnerable to Full Man-in-the-Middle via Prototype Pollution Gadget in `config.proxy`
CVE-2026-44492 unknown 7d ago axios's shouldBypassProxy does not recognize IPv4-mapped IPv6 addresses, allowing NO_PROXY bypass (incomplete fix for CVE-2025-62718)
CVE-2026-44490 unknown 7d ago axios has DoS & Header Injection via Prototype Pollution Read-Side Gadgets in axios merge functions
CVE-2026-44489 unknown 7d ago Axios has a Patch Bypass: Proxy-Authorization Header Injection via Prototype Pollution — Incomplete Null-Prototype Fix
CVE-2026-41237 unknown 7d ago Froxlor is open source server administration software. In version 2.3.6 and earlier, the LOC record regex uses `\s+` which matches newlines (allowing embedded newlines to pass), TLSA `matchingType=0`…
CVE-2026-41235 unknown 7d ago Froxlor is open source server administration software. Version 2.3.6 lets administrators configure `system.available_shells` as the approved shell list that customers may assign to FTP users. However…
CVE-2026-4290 critical 9.1 9.1 7d ago The WP Travel Pro plugin for WordPress is vulnerable to arbitrary user deletion via the /wp-json/wp-travel/v1/travel-guide/{user_id} REST API endpoint in all versions up to, and including, 10.6.0. Th…
CVE-2026-10063 critical 9.8 9.8 trendnet 7d ago A vulnerability was identified in TRENDnet TEW-432BRP 3.10B20. Affected by this issue is the function formWPS of the file /goform/formWPS. Such manipulation of the argument peerPin leads to stack-bas…
CVE-2026-10062 critical 9.8 9.8 trendnet 7d ago A vulnerability was determined in TRENDnet TEW-432BRP 3.10B20. Affected by this vulnerability is the function formSetRoute of the file /goform/formSetRoute. This manipulation of the argument ip/mask/…
CVE-2026-10042 critical 9.8 9.8 7d ago manga-image-translator contains a remote code execution vulnerability in the shared API server mode due to unsafe deserialization of untrusted pickle data in the share.py module, where the /execute/{…
CVE-2026-49318 low 2.4 2.4 7d ago Incorrect behavior order in the Infotainment / Digital Round display of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker to bypass the PIN entry screen. T…
CVE-2026-49317 low 2.4 2.4 7d ago Incorrect behavior order in the Infotainment / Digital Round display of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker to bypass the PIN entry screen. T…
CVE-2026-46376 critical 9.8 9.8 sangoma 7d ago FreePBX is an open source IP PBX. From 15.0.42 to before 16.0.45 and 17.0.7, unauthenticated users may be able to access the User Control Panel (UCP) using hard-coded initial template credentials if …
CVE-2026-10061 critical 9.8 9.8 trendnet 7d ago A vulnerability was found in TRENDnet TEW-432BRP 3.10B20. Affected is the function formWPS of the file /goform/formWPS. The manipulation of the argument peerPin results in command injection. The atta…
CVE-2026-10060 critical 9.8 9.8 trendnet 7d ago A vulnerability has been found in TRENDnet TEW-432BRP 3.10B20. This impacts the function formSetRoute of the file /goform/formSetRoute. The manipulation of the argument ip/mask/gateway leads to comma…