VYPR

CVEs

100,472 total · page 115 of 2,010

  • CVE-2026-6483HigApr 17, 2026
    risk 0.47cvss 7.2epss 0.14

    A vulnerability was found in Wavlink WL-WN530H4 20220721. This vulnerability affects the function strcat/snprintf of the file /cgi-bin/internet.cgi. The manipulation results in os command injection. It is possible to launch the attack remotely. The exploit has been made public…

  • CVE-2026-23776HigApr 17, 2026
    risk 0.47cvss 7.2epss 0.00

    Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60, contain(s) an Improper Certificate Validation…

  • CVE-2026-23778HigApr 17, 2026
    risk 0.47cvss 7.2epss 0.01

    Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain a command injection vulnerability. A high…

  • CVE-2026-23775HigApr 17, 2026
    risk 0.49cvss 7.6epss 0.00

    Dell PowerProtect Data Domain appliances with Data Domain Operating System (DD OS) of Feature Release versions 8.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.10 contain an insertion of sensitive information into log file vulnerability. A low privileged attacker…

  • CVE-2025-36568HigApr 17, 2026
    risk 0.51cvss 7.8epss 0.00

    Dell PowerProtect Data Domain BoostFS for client of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain an insufficiently protected credentials vulnerability. A low…

  • CVE-2025-15624HigApr 17, 2026
    risk 0.49cvss 7.5epss 0.00

    Plaintext Storage of a Password vulnerability in Sparx Systems Pty Ltd. Sparx Pro Cloud Server.  In a setup where OpenID is used as the primary method of authentication to authenticate to Sparx EA, Pro Cloud Server creates local passwords to the users and stores them in…

  • CVE-2025-15623HigApr 17, 2026
    risk 0.49cvss 7.5epss 0.00

    Exposure of Private Personal Information to an Unauthorized Actor, : Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Sparx Systems Pty Ltd. Sparx Pro Cloud Server. Unauthenticated user can retrieve database password in plaintext in…

  • CVE-2026-33392HigApr 17, 2026
    risk 0.47cvss 7.2epss 0.00

    In JetBrains YouTrack before 2025.3.131383 high privileged user can achieve RCE via sandbox bypass

  • CVE-2026-23853HigApr 17, 2026
    risk 0.55cvss 8.4epss 0.00

    Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain a use of weak credentials vulnerability. An…

  • CVE-2026-4659HigApr 17, 2026
    risk 0.49cvss 7.5epss 0.01

    The Unlimited Elements for Elementor plugin for WordPress is vulnerable to Arbitrary File Read via the Repeater JSON/CSV URL parameter in versions up to, and including, 2.0.6. This is due to insufficient path traversal sanitization in the URLtoRelative() and urlToPath()…

  • CVE-2026-6482HigApr 17, 2026
    risk 0.51cvss 7.8epss 0.00

    The Rapid7 Insight Agent (versions > 4.1.0.2) is vulnerable to a local privilege escalation attack that allows users to gain SYSTEM level control of a Windows host. Upon startup the agent service attempts to load an OpenSSL configuration file from a non-existent directory that…

  • CVE-2026-6421HigApr 17, 2026
    risk 0.46cvss 7.0epss 0.00

    A vulnerability has been found in Mobatek MobaXterm Home Edition up to 26.1. This affects an unknown part in the library msimg32.dll. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The attack is considered to have high complexity. It…

  • CVE-2026-21719HigApr 17, 2026
    risk 0.40cvss 7.2epss 0.01

    An OS command injection vulnerability exists in CubeCart prior to 6.6.0, which may allow a user with an administrative privilege to execute an arbitrary OS command.

  • CVE-2026-5807HigApr 17, 2026
    risk 0.42cvss 7.5epss 0.01

    Vault is vulnerable to a denial-of-service condition where an unauthenticated attacker can repeatedly initiate or cancel root token generation or rekey operations, occupying the single in-progress operation slot. This prevents legitimate operators from completing these…

  • CVE-2026-4525HigApr 17, 2026
    risk 0.42cvss 7.5epss 0.00

    If a Vault auth mount is configured to pass through the "Authorization" header, and the "Authorization" header is used to authenticate to Vault, Vault forwarded the Vault token to the auth plugin backend. Fixed in 2.0.0, 1.21.5, 1.20.10, and 1.19.16.

  • CVE-2026-3605HigApr 17, 2026
    risk 0.46cvss 8.1epss 0.00

    An authenticated user with access to a kvv2 path through a policy containing a glob may be able to delete secrets they were not authorized to read or write, resulting in denial-of-service. This vulnerability did not allow a malicious user to delete secrets across namespaces, nor…

  • CVE-2026-5231HigApr 17, 2026
    risk 0.40cvss 7.2epss 0.00

    The WP Statistics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'utm_source' parameter in all versions up to, and including, 14.16.4. This is due to insufficient input sanitization and output escaping. The plugin's referral parser copies the raw…

  • CVE-2026-40262HigApr 17, 2026
    risk 0.50cvss 8.7epss 0.00

    Note Mark is an open-source note-taking application. In versions 0.19.1 and prior, the asset delivery handler serves uploaded files inline and relies on magic-byte detection for content type, which does not identify text-based formats such as HTML, SVG, or XHTML. These files are…

  • CVE-2026-22734HigApr 17, 2026
    risk 0.56cvss 8.6epss 0.00

    Cloud Foundry UUA is vulnerable to a bypass that allows an attacker to obtain a token for any user and gain access to UAA-protected systems. This vulnerability exists when SAML 2.0 bearer assertions are enabled for a client, as the UAA accepts SAML 2.0 bearer assertions that…

  • CVE-2026-40318HigApr 16, 2026
    risk 0.48cvss 8.5epss 0.00

    SiYuan is an open-source personal knowledge management system. In versions 3.6.3 and prior, the /api/av/removeUnusedAttributeView endpoint constructs a filesystem path using the user-controlled id parameter without validation or path boundary enforcement. An attacker can inject…

  • CVE-2026-40259HigApr 16, 2026
    risk 0.46cvss 8.1epss 0.00

    SiYuan is an open-source personal knowledge management system. In versions 3.6.3 and below, the /api/av/removeUnusedAttributeView endpoint is protected only by generic authentication that accepts publish-service RoleReader tokens. The handler passes a caller-controlled id…

  • CVE-2026-41113HigApr 16, 2026
    risk 0.46cvss 8.1epss 0.01

    sagredo qmail before 2026.04.07 allows tls_quit remote code execution because of popen in notlshosts_auto in qmail-remote.c.

  • CVE-2026-40308HigApr 16, 2026
    risk 0.57cvss epss 0.01

    My Calendar is a WordPress plugin for managing calendar events. In versions 3.7.6 and below, the mc_ajax_mcjs_action AJAX endpoint, registered for unauthenticated users, passes user-supplied arguments through parse_str() without validation, allowing injection of arbitrary…

  • CVE-2026-40248HigApr 16, 2026
    risk 0.42cvss 7.5epss 0.00

    free5GC is an open-source implementation of the 5G core network. In versions 4.2.1 and below of the UDR service, the handler for creating or updating Traffic Influence Subscriptions checks whether the influenceId path segment equals subs-to-notify, but does not return after…

  • CVE-2026-40247HigApr 16, 2026
    risk 0.42cvss 7.5epss 0.00

    free5GC is an open-source implementation of the 5G core network. In versions 4.2.1 and below of the UDR service, the handler for reading Traffic Influence Subscriptions checks whether the influenceId path segment equals subs-to-notify, but does not return after sending the HTTP…

  • CVE-2026-40246HigApr 16, 2026
    risk 0.49cvss 7.5epss 0.00

    free5GC is an open-source implementation of the 5G core network. In versions 1.4.2 and below of the UDR service, the handler for deleting Traffic Influence Subscriptions checks whether the influenceId path segment equals subs-to-notify, but does not return after sending the HTTP…

  • CVE-2026-40170HigApr 16, 2026
    risk 0.42cvss 7.5epss 0.01

    ngtcp2 is a C implementation of the IETF QUIC protocol. In versions prior to 1.22.1, ngtcp2_qlog_parameters_set_transport_params() serializes peer transport parameters into a fixed 1024-byte stack buffer without bounds checking. When qlog is enabled, a remote peer can send…

  • CVE-2026-39313HigApr 16, 2026
    risk 0.50cvss epss 0.01

    mcp-framework is a framework for building Model Context Protocol (MCP) servers. In versions 0.2.21 and below, the readRequestBody() function in the HTTP transport concatenates request body chunks into a string with no size limit. Although a maxMessageSize configuration value…

  • CVE-2026-35469HigApr 16, 2026
    risk 0.50cvss epss 0.01

    spdystream is a Go library for multiplexing streams over SPDY connections. In versions 0.5.0 and below, the SPDY/3 frame parser does not validate attacker-controlled counts and lengths before allocating memory. Three allocation paths are affected: the SETTINGS frame entry count,…

  • CVE-2026-40901HigApr 16, 2026
    risk 0.50cvss 8.8epss 0.01

    DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below ship the legacy velocity-1.7.jar, which pulls in commons-collections-3.2.1.jar containing the InvokerTransformer deserialization gadget chain. Quartz 2.3.2, also bundled in the…

  • CVE-2026-40900HigApr 16, 2026
    risk 0.50cvss 8.8epss 0.00

    DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection vulnerability in the /de2api/datasetData/previewSql endpoint. The user-supplied SQL is wrapped in a subquery without validation that the input is a single…

  • CVE-2026-33207HigApr 16, 2026
    risk 0.50cvss 8.8epss 0.00

    DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection vulnerability in the /datasource/getTableField endpoint. The getTableFiledSql method in CalciteProvider.java incorporates the tableName parameter directly…

  • CVE-2025-54502HigApr 16, 2026
    risk 0.46cvss epss 0.00

    Incorrect use of boot service in the AMD Platform Configuration Blob (APCB) SMM driver could allow a privileged attacker with local access (Ring 0) to achieve privilege escalation potentially resulting in arbitrary code execution.

  • CVE-2026-6442HigApr 16, 2026
    risk 0.54cvss 8.3epss 0.00

    Improper validation of bash commands in Snowflake Cortex Code CLI versions prior to 1.0.25 allowed subsequent commands to execute outside the sandbox. An attacker could exploit this by embedding specially crafted commands in untrusted content, such as a malicious repository,…

  • CVE-2026-33121HigApr 16, 2026
    risk 0.50cvss 8.8epss 0.00

    DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection vulnerability in the API datasource saving process. The deTableName field from the Base64-encoded datasource configuration is used to construct a DDL…

  • CVE-2026-33084HigApr 16, 2026
    risk 0.50cvss 8.8epss 0.00

    DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection vulnerability in the sort parameter of the /de2api/datasetData/enumValueObj endpoint. The DatasetDataManage service layer directly transfers the user-supplied…

  • CVE-2026-41082HigApr 16, 2026
    risk 0.40cvss 7.3epss 0.00

    In OCaml opam before 2.5.1, a .install field containing a destination filepath can use ../ to reach a parent directory.

  • CVE-2026-33083HigApr 16, 2026
    risk 0.50cvss 8.8epss 0.00

    DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection vulnerability in the orderDirection parameter used in dataset-related endpoints including /de2api/datasetData/enumValueDs and…

  • CVE-2026-2336HigApr 16, 2026
    risk 0.57cvss epss 0.00

    A privilege escalation vulnerability in Microchip IStaX allows an authenticated low-privileged user to recover a shared per-device cookie secret from their own webstax_auth session cookie and forge a new cookie with administrative privileges.This issue affects IStaX before…

  • CVE-2026-6409HigApr 16, 2026
    risk 0.39cvss epss 0.00

    A Denial of Service (DoS) vulnerability exists in the Protobuf PHP library during the parsing of untrusted input. Maliciously structured messages—specifically those containing negative varints or deep recursion—can be used to crash the application, impacting service…

  • CVE-2026-3324HigApr 16, 2026
    risk 0.53cvss 8.2epss 0.01

    Zohocorp ManageEngine Log360 versions 13000 through 13013 are vulnerable to authentication bypass on certain actions due to improper filter configuration.

  • CVE-2026-37344HigApr 16, 2026
    risk 0.47cvss 7.2epss 0.00

    SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/manage_location.php.

  • CVE-2026-37343HigApr 16, 2026
    risk 0.47cvss 7.2epss 0.00

    SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/manage_user.php.

  • CVE-2026-37342HigApr 16, 2026
    risk 0.47cvss 7.2epss 0.00

    SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/view_parked_details.php.

  • CVE-2026-37341HigApr 16, 2026
    risk 0.47cvss 7.2epss 0.00

    SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/manage_category.php.

  • CVE-2026-37337HigApr 16, 2026
    risk 0.47cvss 7.3epss 0.00

    SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/view_playlist.php.

  • CVE-2026-37336HigApr 16, 2026
    risk 0.47cvss 7.3epss 0.00

    SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/view_music.php.

  • CVE-2026-33804HigApr 16, 2026
    risk 0.41cvss 7.4epss 0.00

    @fastify/middie versions 9.3.1 and earlier are vulnerable to middleware bypass when the deprecated Fastify ignoreDuplicateSlashes option is enabled. The middleware path matching logic does not account for duplicate slash normalization performed by Fastify's router, allowing…

  • CVE-2026-30656HigApr 16, 2026
    risk 0.49cvss 7.5epss 0.00

    A NULL pointer dereference vulnerability exists in fio (Flexible I/O Tester) v3.41 when parsing job files containing the fdp_pli option. The callback function str_fdp_pli_cb() does not validate the input pointer and calls strdup() on a NULL value when the option is specified…

  • CVE-2026-30459HigApr 16, 2026
    risk 0.46cvss 7.1epss 0.00

    An issue in the Forgot Password feature of Daylight Studio FuelCMS v1.5.2 allows unauthenticated attackers to obtain the password reset token of a victim user via a crafted link placed in a valid e-mail message.