CVEs from 2026
Total
14,786
critical
critical 1,335
high
high 5,004
medium
medium 4,828
low
low 503
% Critical
9.0%
% with KEV
0.4%
% with exploit
0.7%
Top vendors
Top products
- chrome 723
- firepower_threat_defense_software 310
- gcp 299
- firepower_threat_defense 298
- openclaw 172
- commerce 104
- netweaver_application_server_abap 102
- commerce_b2b 89
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-9009 | high | 8.8 | 8.8 | 10d ago | The Crawlomatic Multipage Scraper Post Generator plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.7.2 via the filter_content function. This is due t… | |||
| CVE-2026-7802 | high | 8.8 | 8.8 | 10d ago | The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.29.2. This is due to the plugin not properly verifying that a user … | |||
| CVE-2026-8915 | high | 8.8 | 8.8 | 10d ago | Out-of-bounds write vulnerability in Samsung Open Source Escargot allows Overflow Buffers. This issue affects Escargot: 36f5fb58366a67b713c02f6fd985e924fcc09e31. | |||
| CVE-2026-46414 | high | 8.8 | 8.8 | 10d ago | Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO's WebSocket control plane trusts client-supplied identity and role fie… | |||
| CVE-2026-44713 | high | 8.8 | 8.8 | 10d ago | pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, src/tmux.c reads the user's $TMUX environment variable, splits it on commas, and interpolates the so… | |||
| CVE-2026-9208 | high | 8.8 | 8.8 | 10d ago | Tanium addressed an unauthorized code execution vulnerability in Connect. | |||
| CVE-2026-44346 | high | 8.8 | 8.8 | 10d ago | BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.39, a malicious bentofile.yaml containing a newline-injected value in envs[*].n… | |||
| CVE-2026-45716 | high | 8.8 | 8.8 | 10d ago | Budibase: Builder-to-Admin Privilege Escalation via onboardUsers Endpoint Without SMTP Configuration | |||
| CVE-2026-45717 | high | 8.8 | 8.8 | 10d ago | Budibase: `PUT /api/datasources/:datasourceId` is protected only by `TABLE/READ` permission instead of builder access, allowing any authenticated app user to overwrite datasource connection parameter… | |||
| CVE-2026-42184 | high | 8.8 | 8.8 | 10d ago | Tauri is a framework for building binaries for all major desktop platforms. From 2.0 to 2.11.0, a flaw in Tauri's is_local_url() function causes it to incorrectly classify remote URLs as trusted loca… | |||
| CVE-2026-44988 | high | 8.8 | 8.8 | 10d ago | LibVNCClient is a library for easy implementation of a VNC client. In 0.9.15 and earlier, LibVNCClient's Tight encoding decoder uses fixed-size 2048-pixel scratch buffers for the Gradient filter, but… | |||
| CVE-2026-48920 | high | 8.8 | 8.8 | 10d ago | Jenkins Email Extension Plugin 1933.v45cec755423f and earlier allows inlining images as `base64` in email content by setting the `data-inline` attribute, without restrictions on the image URLs that c… | |||
| CVE-2026-9617 | high | 8.8 | 8.8 | 10d ago | PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a table and placing malicious code inside a column identifier. If a superuser calls the k-an… | |||
| CVE-2026-8179 | high | 8.8 | 8.8 | 10d ago | IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Server 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Endpoint are affecte… | |||
| CVE-2026-46056 | high | 8.8 | 8.8 | 10d ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: fix potential UAF in SSP passkey handlers hci_conn lookup and field access must be covered by hdev lock in … | |||
| CVE-2026-5065 | high | 8.8 | 8.8 | 10d ago | IBM Controller 11.0.1, 11.1.0, 11.1.1, and 11.1.2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to… | |||
| CVE-2026-9704 | high | 8.8 | 8.8 | 10d ago | A flaw was found in Keycloak. An authenticated user with low privileges can exploit this vulnerability by sending an oversized subject_token JSON Web Token (JWT) to the TokenEndpoint. When the token … | |||
| CVE-2026-45945 | high | 8.8 | 8.8 | 10d ago | In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix race condition during PASID entry replacement The Intel VT-d PASID table entry is 512 bits (64 bytes). When repla… | |||
| CVE-2026-8832 | high | 8.8 | 8.8 | 11d ago | The WPCode - Insert Headers and Footers + Custom Code Snippets - WordPress Code Manager plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 2.3.5 This is due… | |||
| CVE-2026-8787 | high | 8.8 | 8.8 | 11d ago | The Firebase Support & Chat Management plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.1.1. This is due to the `firebase_auth()` function authentica… | |||
| CVE-2026-9632 | high | 8.8 | 8.8 | 11d ago | A flaw has been found in UTT HiPER 1250GW up to 3.2.7-210907-180535. Affected by this issue is the function strcpy of the file /goform/formGroupConfig of the component Web Management Interface. Execu… | |||
| CVE-2026-9207 | high | 8.8 | 8.8 | 11d ago | Tanium addressed an unauthorized code execution vulnerability in Connect. | |||
| CVE-2026-9631 | high | 8.8 | 8.8 | 11d ago | A vulnerability was detected in UTT HiPER 1250GW up to 3.2.7-210907-180535. Affected by this vulnerability is the function strcpy of the file /goform/formConfigFastDirectionW of the component Web Man… | |||
| CVE-2026-9628 | high | 8.8 | 8.8 | 11d ago | A weakness has been identified in UTT HiPER 1200GW up to 2.5.3-170306. Affected is an unknown function of the file /goform/formPptpClientConfig of the component Web Management Interface. This manipul… | |||
| CVE-2026-9627 | high | 8.8 | 8.8 | 11d ago | A security flaw has been discovered in UTT HiPER 1200GW up to 2.5.3-170306. This impacts the function strcpy of the file /goform/setSysAdm of the component Web Management Interface. The manipulation … | |||
| CVE-2026-8957 | high | 8.8 | 8.8 | 11d ago | Important: thunderbird security update | |||
| CVE-2026-36044 | high | 8.8 | 8.8 | 11d ago | @pensar/apex <= 0.0.58 is vulnerable to OS command injection via the smart_enumerate tool. The createSmartEnumerateTool() function in src/core/agent/tools.ts constructs a shell command by concatenati… | |||
| CVE-2026-8955 | high | 8.8 | 8.8 | 11d ago | Important: thunderbird security update | |||
| CVE-2026-8970 | high | 8.8 | 8.8 | 11d ago | Important: thunderbird security update | |||
| CVE-2026-8975 | high | 8.8 | 8.8 | 11d ago | Important: thunderbird security update | |||
| CVE-2026-38807 | high | 8.8 | 8.8 | 11d ago | Insecure Permissions vulnerability in kvf-admin v1.0.0 allows a remote attacker to escalate privileges via the UserController.java component | |||
| CVE-2026-8974 | high | 8.8 | 8.8 | 11d ago | Important: thunderbird security update | |||
| CVE-2026-8676 | high | 8.8 | 8.8 | 11d ago | An attacker is able to downgrade the security of a Bluetooth LE connection by deleting an existing bond, spoofing the bonded device and creating a new bond. | |||
| CVE-2026-24187 | high | 8.8 | 8.8 | 11d ago | NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to denial of service, escalation of priv… | |||
| CVE-2026-46368 | high | 8.8 | 8.8 | 11d ago | luci-app-https-dns-proxy through 2025.12.29-5 — an optional LuCI web UI add-on for the https-dns-proxy package, distributed through the OpenWrt community packages feed and not installed by default — … | |||
| CVE-2026-40033 | high | 8.8 | 8.8 | 11d ago | FreeRDP before 3.26.0 contains a heap-buffer-overflow vulnerability in gdi_CacheToSurface that allows remote attackers to write out-of-bounds heap memory. The vulnerability occurs because rectangle v… | |||
| CVE-2026-45216 | high | 8.8 | 8.8 | 12d ago | Incorrect Privilege Assignment vulnerability in StoreApps Smart Manager allows Privilege Escalation. This issue affects Smart Manager: from n/a through 8.85.0. | |||
| CVE-2026-9482 | high | 8.8 | 8.8 | 12d ago | A vulnerability has been found in Edimax EW-7438RPn 1.31. This impacts the function formSDHCP of the file /goform/formSDHCP. Such manipulation of the argument submit-url leads to stack-based buffer o… | |||
| CVE-2026-9481 | high | 8.8 | 8.8 | 12d ago | A flaw has been found in Edimax EW-7438RPn 1.31. This affects the function formStats of the file /goform/formStats. This manipulation of the argument submit-url causes stack-based buffer overflow. Th… | |||
| CVE-2026-9480 | high | 8.8 | 8.8 | 12d ago | A vulnerability was detected in Edimax EW-7438RPn 1.31. The impacted element is the function formrefresh of the file /goform/formrefresh. The manipulation of the argument submit-url results in stack-… | |||
| CVE-2026-9479 | high | 8.8 | 8.8 | 12d ago | A security vulnerability has been detected in Edimax EW-7438RPn 1.31. The affected element is the function formLogout of the file /goform/formLogout. The manipulation of the argument submit-url leads… | |||
| CVE-2026-9463 | high | 8.8 | 8.8 | 12d ago | A flaw has been found in Edimax EW-7438RPn 1.31. Affected by this issue is the function formLicence of the file /goform/formLicence. This manipulation of the argument submit-url causes stack-based bu… | |||
| CVE-2026-9462 | high | 8.8 | 8.8 | 12d ago | A vulnerability was detected in Edimax EW-7438RPn 1.31. Affected by this vulnerability is the function formWpsProxyEnable of the file /goform/formWpsProxyEnable. The manipulation of the argument subm… | |||
| CVE-2026-9461 | high | 8.8 | 8.8 | 12d ago | A security vulnerability has been detected in Edimax EW-7438RPn 1.31. Affected is the function formRadius of the file /goform/formRadius. The manipulation of the argument submit-url leads to stack-ba… | |||
| CVE-2026-9460 | high | 8.8 | 8.8 | 12d ago | A weakness has been identified in Edimax EW-7438RPn 1.31. This impacts the function formAccept of the file /goform/formAccept. Executing a manipulation of the argument submit-url can lead to stack-ba… | |||
| CVE-2026-9459 | high | 8.8 | 8.8 | 12d ago | A security flaw has been discovered in Edimax EW-7438RPn 1.31. This affects the function formConnectionSetting of the file /goform/formConnectionSetting. Performing a manipulation of the argument max… | |||
| CVE-2026-9443 | high | 8.8 | 8.8 | 12d ago | A security vulnerability has been detected in Edimax BR-6478AC 1.23. This vulnerability affects the function formL2TPSetup of the file /goform/formL2TPSetup of the component POST Request Handler. The… | |||
| CVE-2026-9442 | high | 8.8 | 8.8 | 12d ago | A weakness has been identified in Edimax BR-6478AC 1.23. This affects the function formiNICSiteSurvey of the file /goform/formiNICSiteSurvey of the component POST Request Handler. Executing a manipul… | |||
| CVE-2026-9431 | high | 8.8 | 8.8 | 13d ago | A vulnerability was identified in Tenda F1202 1.2.0.20(408). This affects the function fromPptpUserAdd of the file /goform/PptpUserAdd. The manipulation of the argument opttype leads to stack-based b… | |||
| CVE-2026-9430 | high | 8.8 | 8.8 | 13d ago | A vulnerability was determined in Tenda F1202 1.2.0.20(408). Affected by this issue is the function formGstDhcpSetSer of the file /goform/GstDhcpSetSerof. Executing a manipulation of the argument dip… | |||
| CVE-2026-9429 | high | 8.8 | 8.8 | 13d ago | A vulnerability was found in Tenda F1202 1.2.0.20(408). Affected by this vulnerability is the function formWrlExtraSet of the file /goform/WrlExtraSet. Performing a manipulation of the argument delno… | |||
| CVE-2026-9428 | high | 8.8 | 8.8 | 13d ago | A vulnerability has been found in Tenda F1202 1.2.0.20(408). Affected is the function fromPPTPUserSetting of the file /goform/PPTPUserSetting. Such manipulation of the argument delno leads to stack-b… | |||
| CVE-2026-9427 | high | 8.8 | 8.8 | 13d ago | A flaw has been found in Edimax EW-7438RPn 1.31. This impacts the function formWlSiteSurvey of the file /goform/formWlSiteSurvey of the component webs. This manipulation of the argument selSSID/submi… | |||
| CVE-2026-9426 | high | 8.8 | 8.8 | 13d ago | A vulnerability was detected in Edimax EW-7438RPn 1.31. This affects the function formHwSet of the file /goform/formHwSet. The manipulation of the argument Anntena/Mcs/regDomain/nic0Addr/nic1Addr/wla… | |||
| CVE-2026-9425 | high | 8.8 | 8.8 | 13d ago | A security vulnerability has been detected in Edimax EW-7438RPn 1.31. The impacted element is the function formWlanMP of the file /goform/formWlanMP. The manipulation of the argument ateFunc/ateGain/… | |||
| CVE-2026-9403 | high | 8.8 | 8.8 | 13d ago | A vulnerability was determined in Edimax BR-6675nD 1.12. The impacted element is the function formWlSiteSurvey of the file /goform/formWlSiteSurvey of the component POST Request Handler. This manipul… | |||
| CVE-2026-9401 | high | 8.8 | 8.8 | 13d ago | A vulnerability has been found in Edimax BR-6675nD 1.12. Impacted is the function formWanTcpipSetup of the file /goform/formWanTcpipSetup of the component POST Request Handler. The manipulation of th… | |||
| CVE-2026-9399 | high | 8.8 | 8.8 | 13d ago | A vulnerability was detected in Edimax BR-6675nD 1.12. This vulnerability affects the function formsetPPPoE of the file /goform/formsetPPPoE of the component POST Request Handler. Performing a manipu… | |||
| CVE-2026-9393 | high | 8.8 | 8.8 | 13d ago | A vulnerability was found in H3C Magic B0 up to 100R002. This affects the function Edit_BasicSSID_5G of the file /goform/aspForm. Performing a manipulation of the argument param results in buffer ove… | |||
| CVE-2026-9389 | high | 8.8 | 8.8 | 13d ago | A security vulnerability has been detected in Tenda F456 1.0.0.5. This affects the function frmL7ImForm of the file /goform/L7Im. The manipulation of the argument page leads to buffer overflow. The a… | |||
| CVE-2026-9382 | high | 8.8 | 8.8 | 13d ago | A flaw has been found in Edimax BR-6675nD 1.12. Affected by this issue is the function formPPTPSetup of the file /goform/formPPTPSetup of the component POST Request Handler. Executing a manipulation … | |||
| CVE-2026-9381 | high | 8.8 | 8.8 | 13d ago | A vulnerability was detected in Edimax BR-6675nD 1.12. Affected by this vulnerability is the function formPPPoESetup of the file /goform/formPPPoESetup of the component POST Request Handler. Performi… | |||
| CVE-2026-9380 | high | 8.8 | 8.8 | 13d ago | A security vulnerability has been detected in Edimax BR-6675nD 1.12. Affected is the function formL2TPSetup of the file /goform/formL2TPSetup of the component POST Request Handler. Such manipulation … | |||
| CVE-2026-9360 | high | 8.8 | 8.8 | 14d ago | A security flaw has been discovered in Edimax EW-7438RPn 1.28a. Affected by this issue is the function formwlencrypt24g of the file /goform/formwlencrypt24g of the component POST Request Handler. The… | |||
| CVE-2026-9348 | high | 8.8 | 8.8 | 14d ago | A vulnerability was found in Edimax EW-7438RPn up to 1.31. Affected by this vulnerability is an unknown functionality of the file /goform/mp of the component webs. The manipulation of the argument we… | |||
| CVE-2026-9346 | high | 8.8 | 8.8 | 14d ago | A flaw has been found in Edimax EW-7438RPn up to 1.31. This impacts the function formWirelessTbl of the file /goform/formWirelessTbl of the component webs. Executing a manipulation of the argument su… | |||
| CVE-2026-9345 | high | 8.8 | 8.8 | 14d ago | A vulnerability was detected in Edimax EW-7438RPn up to 1.31. This affects the function formWizSurvey of the file /goform/formWizSurvey of the component webs. Performing a manipulation of the argumen… | |||
| CVE-2026-9344 | high | 8.8 | 8.8 | 14d ago | A security vulnerability has been detected in Edimax EW-7438RPn up to 1.31. The impacted element is an unknown function of the file /goform/formWpsStart of the component webs. Such manipulation of th… | |||
| CVE-2026-43503 | high | 8.8 | 8.8 | 14d ago | In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through frag-transfer helpers Two frag-transfer helpers (__pskb_copy_fclone() and skb_s… | |||
| CVE-2026-9294 | high | 8.8 | 8.8 | 14d ago | A vulnerability was identified in Edimax BR-6428NS 1.10. The impacted element is the function formWanTcpipSetup of the file /goform/formWanTcpipSetup of the component POST Request Handler. Such manip… | |||
| CVE-2026-9295 | high | 8.8 | 8.8 | 14d ago | A security flaw has been discovered in Edimax BR-6428NS 1.10. This affects the function formWirelessTbl of the file /goform/formWirelessTbl of the component POST Request Handler. Performing a manipul… | |||
| CVE-2026-6898 | high | 8.8 | 8.8 | 15d ago | The Wishlist Member plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'WishListMember3_Hooks::generate_api_key' function in all versions… | |||
| CVE-2026-6897 | high | 8.8 | 8.8 | 15d ago | The Wishlist Member plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'WishListMember\Features\Team_Accounts::save_settings' function in… | |||
| CVE-2026-6895 | high | 8.8 | 8.8 | 15d ago | The WishList Member plugin for WordPress is vulnerable to Missing Authorization leading to Sensitive Information Disclosure and Privilege Escalation in versions up to and including 3.30.1. This is du… | |||
| CVE-2026-6419 | high | 8.8 | 8.8 | 15d ago | The WishList Member plugin for WordPress is vulnerable to Privilege Escalation via Missing Authorization in versions up to and including 3.30.1. This is due to the missing capability and nonce check … | |||
| CVE-2026-47125 | high | 8.8 | 8.8 | 15d ago | Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to 1.19.2, the PUT /api/environments/{id}/templates/variables endpoint, which writes the system-wide .env.g… | |||
| CVE-2026-35430 | high | 8.8 | 8.8 | 15d ago | Authorization bypass through user-controlled key in Azure Privileged Identity Management (PIM) allows an authorized attacker to elevate privileges over a network. | |||
| CVE-2026-41075 | high | 8.8 | 8.8 | 15d ago | RT is an open source, enterprise-grade issue and ticket tracking system. Versions 5.0.0 through 5.0.9 and 6.0.0 through 6.0.2 contain an SQL injection vulnerability. An authenticated user can craft i… | |||
| CVE-2026-45659 | high | 8.8 | 8.8 | 15d ago | Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | |||
| CVE-2026-3294 | high | 8.8 | 8.8 | 15d ago | An authentication logic vulnerability in multiple TP-Link range extenders allows an unauthenticated attacker on an adjacent network to manipulate a login parameter and reset the administrator passwor… | |||
| CVE-2026-6406 | high | 8.8 | 8.8 | 15d ago | The Docker CLI --use-api-socket flag bypasses Enhanced Container Isolation (ECI) restrictions in Docker Desktop. When ECI is enabled, Docker socket mounts from containers are denied unless explicitly… | |||
| CVE-2026-8992 | high | 8.8 | 8.8 | 15d ago | An improper certificate validation vulnerability in Ivanti Secure Access Client before 22.8R6 allows a remote unauthenticated attacker to execute arbitrary code. | |||
| CVE-2026-9018 | high | 8.8 | 8.8 | 16d ago | The Easy Elements for Elementor – Addons & Website Templates plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.4.5 via the `easyel_handle_register()` … | |||
| CVE-2026-8434 | high | 8.8 | 8.8 | 16d ago | Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file rescanMultiple(). The Concrete CMS security team gave this vulnerability a CVSS v.4… | |||
| CVE-2026-8433 | high | 8.8 | 8.8 | 16d ago | Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file rescan(). The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score… | |||
| CVE-2026-8432 | high | 8.8 | 8.8 | 16d ago | Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file star(). The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score o… | |||
| CVE-2026-8427 | high | 8.8 | 8.8 | 16d ago | Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file removeFavoriteFolder($id). The Concrete CMS security team gave this vulnerability a… | |||
| CVE-2026-8416 | high | 8.8 | 8.8 | 16d ago | Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file addFavoriteFolder($id). The Concrete CMS security team gave this vulnerability a CV… | |||
| CVE-2026-8415 | high | 8.8 | 8.8 | 16d ago | Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/express/association/reorder. The Concrete CMS security team gave this vulnerability a CVS… | |||
| CVE-2026-8414 | high | 8.8 | 8.8 | 16d ago | Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/event/duplicate. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 scor… | |||
| CVE-2026-8413 | high | 8.8 | 8.8 | 16d ago | Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/page/bulk/design. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 sco… | |||
| CVE-2026-8412 | high | 8.8 | 8.8 | 16d ago | Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/page/bulk/cache. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 sco… | |||
| CVE-2026-8411 | high | 8.8 | 8.8 | 16d ago | Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/page/bulk/delete. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 sco… | |||
| CVE-2026-8410 | high | 8.8 | 8.8 | 16d ago | Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/logs/bulk/delete. The The Concrete CMS security team gave this vulnerability a CVSS v.4.… | |||
| CVE-2026-8409 | high | 8.8 | 8.8 | 16d ago | Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/logs/delete. The The Concrete CMS security team gave this vulnerability a CVSS v.4.0 sco… | |||
| CVE-2026-8428 | high | 8.8 | 8.8 | 16d ago | Concrete CMS 9.5.0 and below emits a CSRF token in the local_available_update.php view ($token->output('do_update')) but the corresponding do_update() method in concrete/controllers/single_page/dashb… | |||
| CVE-2026-8426 | high | 8.8 | 8.8 | 16d ago | Concrete CMS 9.5.0 and below does not validate a CSRF token before processing requests to /dashboard/extend/update/prepare_remote_upgrade/<remoteMPID>. An attacker who controls the remote package ret… | |||
| CVE-2026-8421 | high | 8.8 | 8.8 | 16d ago | Concrete CMS 9.5.0 and below contains a CSRF vulnerability in the install_package() method of concrete/controllers/single_page/dashboard/extend/install.php. An attacker who can cause an authenticate… | |||
| CVE-2026-8417 | high | 8.8 | 8.8 | 16d ago | Concrete CMS 9.5.0 and below does not validate a CSRF token before processing requests to /dashboard/extend/update/do_update/<pkgHandle>. The do_update() method in concrete/controllers/single_page/da… | |||
| CVE-2026-8350 | high | 8.8 | 8.8 | 16d ago | Concrete CMS 9.5.0 and below is vulnerable to missing authorization in the bulk_user_assignment.php which can lead to privilege escalation to Administrative Group. Any authenticated user with access … |