CVEs from 2026
Total
14,797
critical
critical 1,335
high
high 5,010
medium
medium 4,834
low
low 504
% Critical
9.0%
% with KEV
0.4%
% with exploit
0.7%
Top vendors
Top products
- chrome 723
- firepower_threat_defense_software 310
- gcp 299
- firepower_threat_defense 298
- openclaw 172
- commerce 104
- netweaver_application_server_abap 102
- commerce_b2b 89
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-10650 | medium | 5.3 | 5.3 | 5d ago | A flaw has been found in warmcat libwebsockets up to 4.5.8. This issue affects the function lws_ssh_parse_plaintext of the file plugins/protocol_lws_ssh_base/sshd.c of the component SSH Protocol Hand… | |||
| CVE-2026-42507 | medium | 5.3 | 5.3 | 5d ago | When returning errors, functions in the net/textproto package would include its input as part of the error. This might allow an attacker to inject misleading content to errors that are printed or log… | |||
| CVE-2026-45289 | medium | 5.3 | 5.3 | 5d ago | CloudburstMC Protocol is a protocol library for Minecraft Bedrock Edition. Prior to version 3.0.0.Beta12-20260420.182526-15, CloudburstMC Protocol is partially missing validation for FULL type authen… | |||
| CVE-2026-9590 | medium | 5.3 | 5.3 | 5d ago | Improper access control in the permission validation component in Devolutions Server 2026.1.19 and earlier allows an authenticated user with entry edit privileges to modify asset information without … | |||
| CVE-2026-38978 | medium | 5.3 | 5.3 | 5d ago | transmission through 4.1.1 was found to have a clickjacking weakness in the browser-facing WebUI and RPC response paths. | |||
| CVE-2026-10566 | medium | 5.3 | 5.3 | 5d ago | A weakness has been identified in FoundationAgents MetaGPT up to 0.8.2. This affects the function Message.check_instruct_content of the file metagpt/schema.py. Executing a manipulation of the argumen… | |||
| CVE-2026-10548 | medium | 5.3 | 5.3 | 5d ago | A security flaw has been discovered in NousResearch hermes-agent up to 2026.4.23. This affects the function _sync_anthropic_entry_from_credentials_file of the file agent/credential_pool.py of the com… | |||
| CVE-2026-45543 | medium | 5.3 | 5.3 | 6d ago | Nextcloud is an open source content collaboration platform. From version 4.3.0 to before version 5.2.7, a removed collaborator retains unauthorized read access to uploaded respondent files for the af… | |||
| CVE-2026-10255 | medium | 5.3 | 5.3 | 6d ago | A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this vulnerability is the function sell_statement of the file application/controllers/ShowForm.ph… | |||
| CVE-2026-10254 | medium | 5.3 | 5.3 | 6d ago | A flaw has been found in SourceCodester Pet Grooming Management Software 1.0. Affected is an unknown function of the file /admin/. This manipulation causes file and directory information exposure. Th… | |||
| CVE-2026-49328 | medium | 5.3 | 5.3 | 6d ago | Server-Side Request Forgery (SSRF) in the UrlImageConverter component of Apache Fesod (Incubating) fesod-sheet before 2.0.2-incubating allows attackers to cause outbound network requests to internal … | |||
| CVE-2026-8474 | medium | 5.3 | 5.3 | 6d ago | A vulnerability was discovered on Stormshield Network Security * 4.3.0 to 4.3.41, * 4.8.0 to 4.8.15, * 5.0.0 to 5.0.5 It is possible to execute a reflected XSS attack on the … | |||
| CVE-2026-10232 | medium | 5.3 | 5.3 | 6d ago | A weakness has been identified in Assimp up to 6.0.4. Affected by this vulnerability is the function aiNode::~aiNode of the file scene.cpp of the component ASE File Parser. Executing a manipulation c… | |||
| CVE-2026-10231 | medium | 5.3 | 5.3 | 6d ago | A security flaw has been discovered in Assimp up to 6.0.4. Affected is the function HL1MDLLoader::extract_anim_value of the file HL1MDLLoader.cpp of the component Half-Life 1 MDL Loader. Performing a… | |||
| CVE-2026-10230 | medium | 5.3 | 5.3 | 6d ago | A vulnerability was identified in Assimp up to 6.0.4. This impacts the function Assimp::MDL::HalfLife::HL1MDLLoader::read_animations of the file HL1MDLLoader.cpp of the component Half-Life 1 MDL Load… | |||
| CVE-2026-10229 | medium | 5.3 | 5.3 | 6d ago | A vulnerability was determined in Assimp up to 6.0.4. This affects the function HL1MDLLoader::read_meshes of the file HL1MDLLoader.cpp of the component Half-Life 1 MDL Loader. This manipulation cause… | |||
| CVE-2026-10224 | medium | 5.3 | 5.3 | 6d ago | A security vulnerability has been detected in NousResearch hermes-agent up to 2026.4.30. This vulnerability affects the function _handle_webhook_request of the file gateway/platforms/feishu.py of the… | |||
| CVE-2026-10200 | medium | 5.3 | 5.3 | 7d ago | A vulnerability was found in Assimp up to 6.0.4. This affects the function glTFCommon::CopyValue in the library glTFCommon.h of the component 4x4 Matrix Parser. Performing a manipulation results in h… | |||
| CVE-2026-8382 | medium | 5.3 | 5.3 | 7d ago | The Advanced Custom Fields (ACF®) plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 6.8.1. This is due to the plugin not properly verifying that a user … | |||
| CVE-2026-48840 | medium | 5.3 | 5.3 | 8d ago | Exim 4.88 before 4.99.4, in some proxy configurations, mishandles certain short payloads, leading to disclosure of uninitialized stack memory values to a client. | |||
| CVE-2026-45294 | medium | 5.3 | 5.3 | 9d ago | FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.219, the password reset endpoint returns visually distinct responses depending on whether the submitted… | |||
| CVE-2026-46344 | medium | 5.3 | 5.3 | 9d ago | liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Prior to 0.16.0, an out-of-bounds read has been identified in the XMSS and XMSS^MT … | |||
| CVE-2026-44518 | medium | 5.3 | 5.3 | 9d ago | liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Prior to 0.16.0, an out-of-bounds read has been identified in the XMSS and XMSS^MT … | |||
| CVE-2026-45352 | medium | 5.3 | 5.3 | 9d ago | cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.43.4, negative chunk-size in chunked Transfer-Encoding causes unbounded memory allocation and process cras… | |||
| CVE-2026-42500 | medium | 5.3 | 5.3 | 9d ago | Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image. | |||
| CVE-2026-10075 | medium | 5.3 | 5.3 | 9d ago | DreamMaker developed by Interinfo has a Path Traversal vulnerability, allowing unauthenticated remote attackers to read file names under arbitrary path by exploiting an Absolute Path Traversal vulner… | |||
| CVE-2026-9189 | medium | 5.3 | 5.3 | 9d ago | The Contact Form 7 – PayPal & Stripe Add-on plugin for WordPress is vulnerable to Payment Bypass via Insufficient Verification of Data Authenticity in all versions up to, and including, 2.4.9. Althou… | |||
| CVE-2026-2128 | medium | 5.3 | 5.3 | 9d ago | The Breeze plugin for WordPress is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor in all versions up to, and including, 2.5.2 This is due to improper verification of the `wo… | |||
| CVE-2026-9985 | medium | 5.3 | 5.3 | 10d ago | Insufficient validation of untrusted input in Media in Google Chrome on ChromeOS prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to obtain potentially sensi… | |||
| CVE-2026-45410 | medium | 5.3 | 5.3 | 10d ago | TREK is a collaborative travel planner. Prior to 3.0.18, early return on missing user during login flow allowed an attacker to enumerate valid user accounts via response timing discrepancy. When an e… | |||
| CVE-2026-46843 | medium | 5.3 | 5.3 | 10d ago | Vulnerability in Oracle REST Data Services (component: Core). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network ac… | |||
| CVE-2026-46842 | medium | 5.3 | 5.3 | 10d ago | Vulnerability in Oracle REST Data Services (component: Core). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network ac… | |||
| CVE-2026-46841 | medium | 5.3 | 5.3 | 10d ago | Vulnerability in Oracle REST Data Services (component: General). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network… | |||
| CVE-2026-46830 | medium | 5.3 | 5.3 | 10d ago | Vulnerability in Oracle REST Data Services (component: Mongoapi). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows unauthenticated attacker with networ… | |||
| CVE-2026-49130 | medium | 5.3 | 5.3 | 10d ago | Music Player Daemon (MPD) before version 0.24.11 contains a CRLF injection vulnerability in the xspf_char_data function within the XSPF playlist plugin that allows attackers to embed literal CR/LF by… | |||
| CVE-2026-33463 | medium | 5.3 | 5.3 | 10d ago | Operation on a Resource after Expiration or Termination (CWE-672) in Kibana can lead to unauthorized information disclosure. A logic error in how expiration timestamps were validated allowed a time-b… | |||
| CVE-2026-9091 | medium | 5.3 | 5.3 | 10d ago | Casdoor versions 2.362.0 and earlier contain a logic flaw in the social‑login binding flow that allows users to bypass configured MFA requirements. The binding‑rule code path in controllers/auth.go c… | |||
| CVE-2026-47676 | medium | 5.3 | 5.3 | 10d ago | Hono: app.mount() strips mount prefix using undecoded path, causing incorrect routing for percent-encoded paths | |||
| CVE-2026-47675 | medium | 5.3 | 5.3 | 10d ago | Hono: Cookie helper does not sanitize sameSite and priority, allowing Set-Cookie injection | |||
| CVE-2026-47674 | medium | 5.3 | 5.3 | 10d ago | Hono: IP Restriction bypasses static deny rules for non-canonical IPv6 | |||
| CVE-2026-41178 | medium | 5.3 | 5.3 | 10d ago | OpenTelemetry-Go is the Go implementation of OpenTelemetry. Versions 1.41.0 and 1.43.0 removed raw-length rejection and it causes `Parse` to process arbitrarily large/invalid baggage headers and log … | |||
| CVE-2026-48525 | medium | 5.3 | 5.3 | 10d ago | PyJWT is a JSON Web Token implementation in Python. From 2.8.0 to 2.12.1, when verifying detached JWS tokens using the unencoded-payload option ("b64": false, RFC 7797), PyJWT performs Base64URL deco… | |||
| CVE-2026-6937 | medium | 5.3 | 5.3 | 10d ago | The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.6.11.8 due to the pl… | |||
| CVE-2026-7651 | medium | 5.3 | 5.3 | 10d ago | The User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder plugin for WordPress is vulnerable to Insecure… | |||
| CVE-2026-7552 | medium | 5.3 | 5.3 | 10d ago | The Geo Mashup plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.13.19. This is due to the plugin not properly verifying that a user is authorized to … | |||
| CVE-2026-9803 | medium | 5.3 | 5.3 | 10d ago | A flaw was found in Keycloak's ClientRegistrationAuth component. A remote unauthenticated attacker can exploit this vulnerability by sending a specially crafted POST request with a malformed 'Authori… | |||
| CVE-2026-9794 | medium | 5.3 | 5.3 | 10d ago | A flaw was found in Keycloak. A remote, unauthenticated attacker can exploit this vulnerability by sending specially crafted SOAP requests to the SAML ECP (Security Assertion Markup Language Enhanced… | |||
| CVE-2026-46544 | medium | 5.3 | 5.3 | 11d ago | Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO accepts client-supplied session_id values in WebSocket task messages a… | |||
| CVE-2026-6713 | medium | 5.3 | 5.3 | 11d ago | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that under certain conditions could have allowed an unauth… | |||
| CVE-2026-4392 | medium | 5.3 | 5.3 | 11d ago | A vulnerability was detected in TeamSpeak 3 Server up to 3.13.7. This issue affects some unknown processing of the component clientek Handshake Handler. Performing a manipulation of the argument proo… | |||
| CVE-2026-4391 | medium | 5.3 | 5.3 | 11d ago | A security vulnerability has been detected in TeamSpeak 3 Server up to 3.13.7. This vulnerability affects unknown code of the component ECC Key Parser. Such manipulation leads to heap-based buffer ov… | |||
| CVE-2026-44318 | medium | 5.3 | 5.3 | 11d ago | free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's BSF PUT /nbsf-management/v1/subscriptions/{subId} handler has an unsynchronized write on the global Subscrip… | |||
| CVE-2026-49053 | medium | 5.3 | 5.3 | 11d ago | Missing Authorization vulnerability in Wpmet ElementsKit Elementor addons Lite allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects ElementsKit Elementor addon… | |||
| CVE-2026-7254 | medium | 5.3 | 5.3 | 11d ago | IBM OPENBMC FW1110.00 through FW1110.11 is vulnerable to denial of service attacks by unauthenticated network users. | |||
| CVE-2026-49001 | medium | 5.3 | 5.3 | 11d ago | Cross-site request forgery (CSRF) vulnerabilities allow attackers to exploit a user's authenticated session to forge cross-site requests, inducing the execution of unintended operations such as tampe… | |||
| CVE-2026-9014 | medium | 5.3 | 5.3 | 11d ago | The WP Promoter plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the reset_stats() function in versions up to, and including, 1.3. The func… | |||
| CVE-2026-7493 | medium | 5.3 | 5.3 | 11d ago | The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to denial of service in all versions up to, and including, 1.6.11.5. This is due to a… | |||
| CVE-2026-8391 | medium | 5.3 | 5.3 | 12d ago | Important: thunderbird security update | |||
| CVE-2026-38808 | medium | 5.3 | 5.3 | 12d ago | SQL Injection vulnerability in uzy-ssm-mall v1.1.0 allows a remote attacker to obtain sensitive information via the ProductMapper.xml and /OrderUtil.java components | |||
| CVE-2026-46740 | medium | 5.3 | 5.3 | 12d ago | Mojolicious::Plugin::Statsd versions through 0.04 for Perl allowed metric injections. The metric names and set values were not checked for newlines, colons or pipes. Metrics generated from untrusted… | |||
| CVE-2026-41207 | medium | 5.3 | 5.3 | 12d ago | The netty incubator codec.bhttp is a java language binary http parser. Prior to version 0.0.21.Final, HKDF_expand returns non-NULL on failure. The byte[] is filled with zeros and has no way to distin… | |||
| CVE-2026-42015 | medium | 5.3 | 5.3 | 12d ago | RHSA-2026:20612: gnutls security update (Important) | |||
| CVE-2026-44214 | medium | 5.3 | 5.3 | 12d ago | eventsource-encoder encodes events as well-formed EventSource/Server Sent Event (SSE) messages. Prior to 1.0.2, eventsource-encoder does not sanitize the event or id fields of an EventSourceMessage b… | |||
| CVE-2026-25426 | medium | 5.3 | 5.3 | 12d ago | Missing Authorization vulnerability in Magepeople inc. Taxi Booking Manager for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Taxi Booking M… | |||
| CVE-2026-9541 | medium | 5.3 | 5.3 | 12d ago | A security flaw has been discovered in Squirrel up to 3.2. Impacted is the function ReadObject of the file squirrel/sqobject.cpp of the component Cnut File Handler. Performing a manipulation results … | |||
| CVE-2026-9540 | medium | 5.3 | 5.3 | 12d ago | A vulnerability was identified in vllm-project vllm 0.19.0. This issue affects some unknown processing of the component OpenAI-compatible Serving Path. Such manipulation leads to denial of service. I… | |||
| CVE-2026-48135 | medium | 5.3 | 5.3 | 12d ago | A Check Point HTTP-based service can incorrectly handle malformed HTTP requests. The issue is related to HTTP request parsing and validation. | |||
| CVE-2026-39642 | medium | 5.3 | 5.3 | 12d ago | Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in SpabRice Nyla allows Code Injection. This issue affects Nyla: from n/a through 1.7. | |||
| CVE-2026-24590 | medium | 5.3 | 5.3 | 12d ago | Missing Authorization vulnerability in VideoWhisper.Com Paid Videochat Turnkey Site allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Paid Videochat Turnkey… | |||
| CVE-2026-39655 | medium | 5.3 | 5.3 | 12d ago | Missing Authorization vulnerability in TeconceTheme Mayosis Core allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Mayosis Core: from n/a through 5.4.7. | |||
| CVE-2026-27398 | medium | 5.3 | 5.3 | 13d ago | Missing Authorization vulnerability in WP Chill RSVP and Event Management allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects RSVP and Event Management: from … | |||
| CVE-2026-27357 | medium | 5.3 | 5.3 | 13d ago | Missing Authorization vulnerability in Cornel Raiu WP Search Analytics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Search Analytics: from n/a befor… | |||
| CVE-2026-24592 | medium | 5.3 | 5.3 | 13d ago | Missing Authorization vulnerability in Lucian Apostol Auto Affiliate Links allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Auto Affiliate Links: from n/a … | |||
| CVE-2026-9502 | medium | 5.3 | 5.3 | 13d ago | A vulnerability was identified in GNU LibreDWG up to 0.14. This affects the function decompress_R2004_section of the file src/decode.c of the component Dwgread Utility. The manipulation leads to heap… | |||
| CVE-2026-9500 | medium | 5.3 | 5.3 | 13d ago | A vulnerability was found in GNU LibreDWG up to 0.14. The affected element is the function read_2004_compressed_section of the file src/decode.c of the component Dwgread Utility. Performing a manipul… | |||
| CVE-2026-24546 | medium | 5.3 | 5.3 | 13d ago | Missing Authorization vulnerability in Ruben Garcia GamiPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects GamiPress: from n/a through 7.6.3. | |||
| CVE-2026-9466 | medium | 5.3 | 5.3 | 13d ago | A vulnerability was determined in Tiandy Easy7 Integrated Management Platform 7.17.0. This issue affects some unknown processing of the file /rest/user/updateUserPassword of the component API Endpoin… | |||
| CVE-2026-47069 | medium | 5.3 | 5.3 | 13d ago | CRLF injection in cookie domain/path options in hackney | |||
| CVE-2026-46745 | medium | 5.3 | 5.3 | 13d ago | Apache Airflow FAB Auth Manager contains an LDAP filter injection vulnerability (CWE-90) that allows unauthenticated attackers to exfiltrate directory data or bypass authentication. Upgrade to apache… | |||
| CVE-2026-5223 | medium | 5.3 | 5.3 | 13d ago | Cargo incorrectly handled symlinks inside of crate tarballs downloaded from third-party registries, allowing a malicious crate to override the source code of another crate from the same registry. The… | |||
| CVE-2026-9369 | medium | 5.3 | 5.3 | 14d ago | A security flaw has been discovered in NousResearch hermes-agent 2026.4.23. Affected is the function _discover_dashboard_plugins of the file hermes_cli/web_server.py of the component CLI web-dashboar… | |||
| CVE-2026-9352 | medium | 5.3 | 5.3 | 14d ago | A weakness has been identified in NousResearch hermes-agent up to 2026.4.23. This issue affects the function _make_run_env of the file tools/environments/local.py of the component Messaging Gateway H… | |||
| CVE-2026-9349 | medium | 5.3 | 5.3 | 14d ago | A vulnerability was determined in calcom cal.diy up to 4.9.4. Affected by this issue is the function getServerSideProps of the file apps/web/modules/bookings/views/bookings-single-view.getServerSideP… | |||
| CVE-2026-44618 | medium | 5.3 | 5.3 | 16d ago | Insecure XML parser configuration in Apache CXF's WS-Transfer module may allow attackers to perform XXE attacks. Users are recommended to upgrade to versions 4.2.1, 4.1.6 or 3.6.11, which fix this is… | |||
| CVE-2026-4635 | medium | 5.3 | 5.3 | 16d ago | Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.x <= 10.11.14 fail to archive the channel before removing persistent notifications which allows authenticated user to c… | |||
| CVE-2026-8684 | medium | 5.3 | 5.3 | 16d ago | The MotoPress Hotel Booking plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 6.0.1. This is due to the plugin not properly verifying that a user is aut… | |||
| CVE-2026-46598 | medium | 5.3 | 5.3 | 16d ago | For certain crafted inputs, a 'ed25519.PrivateKey' was created by casting malformed wire bytes, leading to a panic when used. | |||
| CVE-2026-39835 | medium | 5.3 | 5.3 | 16d ago | SSH servers which use CertChecker as a public key callback without setting IsUserAuthority or IsHostAuthority could be caused to panic by a client presenting a certificate. CertChecker now returns an… | |||
| CVE-2026-8337 | medium | 5.3 | 5.3 | 17d ago | Concrete CMS 9.5.0 and below is vulnerable to IDOR in surveys. To be vulnerable, a site would have to be configured in such a way that both public and private surveys are present on the site. An unau… | |||
| CVE-2026-8240 | medium | 5.3 | 5.3 | 17d ago | Concrete CMS 9.5.0 and below is vulnerable to unauthenticated page metadata disclosure across every page with a configured summary template, revealing the existence of private, draft, and restricted … | |||
| CVE-2026-8239 | medium | 5.3 | 5.3 | 17d ago | Concrete CMS 9.5.0 and below is vulnerable to IDOR. The '/ccm/frontend/conversations/get_rating' endpoint confirms existence and returns rating score for any message by ID. The Concrete CMS security … | |||
| CVE-2026-8238 | medium | 5.3 | 5.3 | 17d ago | Concrete CMS 9.5.0 and below is vulnerable to IDOR. The '/ccm/frontend/conversations/message_page' endpoint returns the full content of any conversation message. An unauthenticated attacker can enume… | |||
| CVE-2026-8237 | medium | 5.3 | 5.3 | 17d ago | Concrete CMS 9.5.0 and below is vulnerable to IDOR. The `/ccm/frontend/conversations/message_detail` endpoint returns the full content of any conversation message. An unauthenticated attacker can enu… | |||
| CVE-2026-7879 | medium | 5.3 | 5.3 | 17d ago | In Concrete CMS 9.5.0 and below, the submit_password() method in concrete/controllers/single_page/download_file.php allows unauthorized file access since downloading permission-restricted files bypa… | |||
| CVE-2026-8205 | medium | 5.3 | 5.3 | 17d ago | Concrete CMS 9.5.0 and below is vulnerable to authorization bypass in the Calendar Block since action_get_events does not check canView on the calendar which results in restricted event details being… | |||
| CVE-2026-8204 | medium | 5.3 | 5.3 | 17d ago | Concrete CMS 9.5.0 and below is vulnerable to authorization Bypass in the Calendar Event Frontend Dialog which can allow cross-calendar data disclosure. A public calendar block can be used as a pivot… | |||
| CVE-2026-6826 | medium | 5.3 | 5.3 | 17d ago | Concrete CMS 9.5.0 and below is vulnerable to unauthenticated file usage disclosure via missing permission check in the usage controller. Any unauthenticated visitor can request /ccm/system/dialogs… | |||
| CVE-2026-48245 | medium | 5.3 | 5.3 | 17d ago | Open ISES Tickets before 3.44.2 embeds a hardcoded Google Maps API key in tables.php that is committed to the public source repository. The key can be extracted by anyone with read access to the sour… | |||
| CVE-2026-48244 | medium | 5.3 | 5.3 | 17d ago | Open ISES Tickets before 3.44.2 embeds a hardcoded Google Maps API key in settings.inc.php that is committed to the public source repository. The key can be extracted by anyone with read access to th… | |||
| CVE-2026-48243 | medium | 5.3 | 5.3 | 17d ago | Open ISES Tickets before 3.44.2 embeds a hardcoded WhitePages reverse-phone API key in wp1.php that is committed to the public source repository. Any actor with read access to the source tree can ext… |