VYPR

CVEs

30,474 total · page 36 of 610

  • CVE-2026-34877CriApr 2, 2026
    risk 0.57cvss 9.8epss 0.00

    An issue was discovered in Mbed TLS versions from 2.19.0 up to 3.6.5, Mbed TLS 4.0.0. Insufficient protection of serialized SSL context or session structures allows an attacker who can modify the serialized structures to induce memory corruption, leading to arbitrary code…

  • CVE-2026-33950CriApr 2, 2026
    risk 0.54cvss 9.4epss 0.00

    Signal K Server is a server application that runs on a central hub in a boat. Prior to version 2.24.0-beta.4, there is a privilege escalation vulnerability by Admin Role Injection via /enableSecurity. An unauthenticated attacker can gain full Administrator access to the SignalK…

  • CVE-2026-25212CriApr 2, 2026
    risk 0.64cvss 9.9epss 0.00

    An issue was discovered in Percona PMM before 3.7. Because an internal database user retains specific superuser privileges, an attacker with pmm-admin rights can abuse the "Add data source" feature to break out of the database context and execute shell commands on the underlying…

  • CVE-2026-33746CriApr 2, 2026
    risk 0.57cvss 9.8epss 0.00

    Convoy is a KVM server management panel for hosting businesses. From version 3.9.0-beta to before version 4.5.1, the JWTService::decode() method did not verify the cryptographic signature of JWT tokens. While the method configured a symmetric HMAC-SHA256 signer via lcobucci/jwt,…

  • CVE-2026-35002CriApr 2, 2026
    risk 0.57cvss 9.8epss 0.01

    Agno versions prior to 2.3.24 contain an arbitrary code execution vulnerability in the model execution component that allows attackers to execute arbitrary Python code by manipulating the field_type parameter passed to eval(). Attackers can influence the field_type value in a…

  • CVE-2026-32871CriApr 2, 2026
    risk 0.58cvss 10.0epss 0.01

    FastMCP is a Pythonic way to build MCP servers and clients. Prior to version 3.2.0, the OpenAPIProvider in FastMCP exposes internal APIs to MCP clients by parsing OpenAPI specifications. The RequestDirector class is responsible for constructing HTTP requests to the backend…

  • CVE-2026-2701CriApr 2, 2026
    risk 0.59cvss 9.1epss 0.49

    Authenticated user can upload a malicious file to the server and execute it, which leads to remote code execution.

  • CVE-2026-2699CriApr 2, 2026
    risk 0.66cvss 9.8epss 0.49

    Customer Managed ShareFile Storage Zones Controller (SZC) allows an unauthenticated attacker to access restricted configuration pages. This leads to changing system configuration and potential remote code execution.

  • CVE-2026-33615CriApr 2, 2026
    risk 0.59cvss 9.1epss 0.00

    An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the setinfo endpoint due to improper neutralization of special elements in a SQL UPDATE command. This can result in a total loss of integrity and availability.

  • CVE-2026-29143CriApr 2, 2026
    risk 0.59cvss 9.1epss 0.00

    SEPPmail Secure Email Gateway before version 15.0.3 does not properly authenticate the inner message of S/MIME-encrypted MIME entities, allowing an attacker to control trusted headers.

  • CVE-2026-29139CriApr 2, 2026
    risk 0.64cvss 9.8epss 0.00

    SEPPmail Secure Email Gateway before version 15.0.3 allows account takeover by abusing GINA account initialization to reset a victim account password.

  • CVE-2026-29133CriApr 2, 2026
    risk 0.59cvss 9.1epss 0.00

    SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to upload PGP keys with UIDs that do not match their email address.

  • CVE-2026-34571CriApr 1, 2026
    risk 0.64cvss 9.9epss 0.00

    CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, a Stored Cross-Site Scripting (Stored XSS) vulnerability exists in the backend user management functionality.…

  • CVE-2026-34569CriApr 1, 2026
    risk 0.64cvss 9.9epss 0.00

    CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to properly sanitize user-controlled input when creating or editing blog categories. An…

  • CVE-2026-34568CriApr 1, 2026
    risk 0.59cvss 9.1epss 0.00

    CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to properly sanitize user-controlled input when creating or editing blog posts. An…

  • CVE-2026-34567CriApr 1, 2026
    risk 0.59cvss 9.1epss 0.00

    CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to properly sanitize user-controlled input when creating or editing blog posts within…

  • CVE-2026-34566CriApr 1, 2026
    risk 0.59cvss 9.1epss 0.00

    CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to properly sanitize user-controlled input within the Page Management functionality when…

  • CVE-2026-34565CriApr 1, 2026
    risk 0.59cvss 9.1epss 0.00

    CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to properly sanitize user-controlled input when adding Posts to navigation menus through…

  • CVE-2026-34564CriApr 1, 2026
    risk 0.59cvss 9.1epss 0.00

    CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to properly sanitize user-controlled input when adding Pages to navigation menus through…

  • CVE-2026-34563CriApr 1, 2026
    risk 0.59cvss 9.1epss 0.00

    CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to properly sanitize user-controlled input when handling backup uploads and processing…

  • CVE-2026-34560CriApr 1, 2026
    risk 0.59cvss 9.1epss 0.00

    CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application renders user-controlled input unsafely within the logs interface. If any stored XSS payload…

  • CVE-2026-34559CriApr 1, 2026
    risk 0.59cvss 9.1epss 0.00

    CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to properly sanitize user-controlled input when creating or editing blog tags. An…

  • CVE-2026-34873CriApr 1, 2026
    risk 0.52cvss 9.1epss 0.00

    An issue was discovered in Mbed TLS 3.5.0 through 4.0.0. Client impersonation can occur while resuming a TLS 1.3 session.

  • CVE-2026-34520CriApr 1, 2026
    risk 0.52cvss 9.1epss 0.00

    AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, the C parser (the default for most installs) accepted null bytes and control characters in response headers. This issue has been patched in version 3.13.4.

  • CVE-2026-34872CriApr 1, 2026
    risk 0.52cvss 9.1epss 0.00

    An issue was discovered in Mbed TLS 3.5.x and 3.6.x through 3.6.5 and TF-PSA-Crypto 1.0. There is a lack of contributory behavior in FFDH due to improper input validation. Using finite-field Diffie-Hellman, the other party can force the shared secret into a small set of values…

  • CVE-2026-34456CriApr 1, 2026
    risk 0.52cvss 9.1epss 0.00

    Reviactyl is an open-source game server management panel built using Laravel, React, FilamentPHP, Vite, and Go. From version 26.2.0-beta.1 to before version 26.2.0-beta.5, a vulnerability in the OAuth authentication flow allowed automatic linking of social accounts based solely…

  • CVE-2026-34875CriApr 1, 2026
    risk 0.57cvss 9.8epss 0.00

    An issue was discovered in Mbed TLS through 3.6.5 and TF-PSA-Crypto 1.0.0. A buffer overflow can occur in public key export for FFDH keys.

  • CVE-2026-34751CriApr 1, 2026
    risk 0.52cvss 9.1epss 0.00

    Payload is a free and open source headless content management system. Prior to version 3.79.1 in @payloadcms/graphql and payload, a vulnerability in the password recovery flow could allow an unauthenticated attacker to perform actions on behalf of a user who initiates a password…

  • CVE-2026-34159CriApr 1, 2026
    risk 0.57cvss 9.8epss 0.01

    llama.cpp is an inference of several LLM models in C/C++. Prior to version b8492, the RPC backend's deserialize_tensor() skips all bounds validation when a tensor's buffer field is 0. An unauthenticated attacker can read and write arbitrary process memory via crafted…

  • CVE-2026-33990CriApr 1, 2026
    risk 0.52cvss 9.1epss 0.00

    Docker Model Runner (DMR) is software used to manage, run, and deploy AI models using Docker. Prior to version 1.1.25, Docker Model Runner contains an SSRF vulnerability in its OCI registry token exchange flow. When pulling a model, Model Runner follows the realm URL from the…

  • CVE-2026-30643CriApr 1, 2026
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in DedeCMS 5.7.118 allowing attackers to execute code via crafted setup tag values in a module upload.

  • CVE-2026-20160CriApr 1, 2026
    risk 0.64cvss 9.8epss 0.01

    A vulnerability in Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected SSM On-Prem host. This vulnerability is due to the unintentional exposure of…

  • CVE-2026-20093CriApr 1, 2026
    risk 0.64cvss 9.8epss 0.01

    A vulnerability in the change password functionality of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to bypass authentication and gain access to the system as Admin. This vulnerability is due to incorrect handling of…

  • CVE-2024-43028CriApr 1, 2026
    risk 0.64cvss 9.8epss 0.02

    A command injection vulnerability in the component /jmreport/show of jeecg boot v3.0.0 to v3.5.3 allows attackers to execute arbitrary code via a crafted HTTP request.

  • CVE-2024-40489CriApr 1, 2026
    risk 0.64cvss 9.8epss 0.01

    There is an injection vulnerability in jeecg boot versions 3.0.0 to 3.5.3 due to lax character filtering, which allows attackers to execute arbitrary code on components through specially crafted HTTP requests.

  • CVE-2026-31027CriApr 1, 2026
    risk 0.64cvss 9.8epss 0.01

    TOTOlink A3600R v5.9c.4959 contains a buffer overflow vulnerability in the setAppEasyWizardConfig interface of /lib/cste_modules/app.so. The vulnerability occurs because the rootSsid parameter is not properly validated for length, allowing remote attackers to trigger a buffer…

  • CVE-2026-29014CriApr 1, 2026
    risk 0.66cvss 9.8epss 0.40

    MetInfo CMS versions 7.9, 8.0, and 8.1 contain an unauthenticated PHP code injection vulnerability that allows remote attackers to execute arbitrary code by sending crafted requests with malicious PHP code. Attackers can exploit insufficient input neutralization in the execution…

  • CVE-2026-4370CriApr 1, 2026
    risk 0.58cvss 10.0epss 0.00

    A vulnerability was identified in Juju from version 3.2.0 until 3.6.19 and from version 4.0 until 4.0.4, where the internal Dqlite database cluster fails to perform proper TLS client and server authentication. Specifically, the Juju controller's database endpoint does not…

  • CVE-2025-15484CriApr 1, 2026
    risk 0.59cvss 9.1epss 0.00

    The Order Notification for WooCommerce WordPress plugin before 3.6.3 overrides WooCommerce's permission checks to grant full access to all unauthenticated requests, enabling complete read/write access to store resources like products, coupons, and customers.

  • CVE-2026-5290CriApr 1, 2026
    risk 0.62cvss 9.6epss 0.00

    Use after free in Compositing in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-5289CriApr 1, 2026
    risk 0.62cvss 9.6epss 0.00

    Use after free in Navigation in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-5288CriApr 1, 2026
    risk 0.62cvss 9.6epss 0.00

    Use after free in WebView in Google Chrome on Android prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-4374CriApr 1, 2026
    risk 0.59cvss 9.1epss 0.00

    Improper Restriction of XML External Entity Reference vulnerability in RTI Connext Professional (Routing Service,Observability Collector,Recording Service,Queueing Service,Cloud Discovery Service) allows Serialized Data External Linking, Data Serializat...

  • CVE-2025-71279CriApr 1, 2026
    risk 0.64cvss 9.8epss 0.00

    XenForo before 2.3.7 contains a security issue affecting Passkeys that have been added to user accounts. An attacker may be able to compromise the security of Passkey-based authentication.

  • CVE-2026-34449CriMar 31, 2026
    risk 0.55cvss 9.6epss 0.01

    SiYuan is a personal knowledge management system. Prior to version 3.6.2, a malicious website can achieve Remote Code Execution (RCE) on any desktop running SiYuan by exploiting the permissive CORS policy (Access-Control-Allow-Origin: * + Access-Control-Allow-Private-Network:…

  • CVE-2026-34448CriMar 31, 2026
    risk 0.52cvss 9.0epss 0.00

    SiYuan is a personal knowledge management system. Prior to version 3.6.2, an attacker who can place a malicious URL in an Attribute View mAsse field can trigger stored XSS when a victim opens the Gallery or Kanban view with “Cover From -> Asset Field” enabled. The vulnerable…

  • CVE-2026-34400CriMar 31, 2026
    risk 0.57cvss 9.8epss 0.01

    Alerta is a monitoring tool. Prior to version 9.1.0, the Query string search API (q=) was vulnerable to SQL injection via the Postgres query parser, which built WHERE clauses by interpolating user-supplied search terms directly into SQL strings via f-strings. This issue has been…

  • CVE-2026-1579CriMar 31, 2026
    risk 0.64cvss 9.8epss 0.01

    The MAVLink communication protocol does not require cryptographic authentication by default. When MAVLink 2.0 message signing is not enabled, any message -- including SERIAL_CONTROL, which provides interactive shell access -- can be sent by an unauthenticated party with …

  • CVE-2026-30285CriMar 31, 2026
    risk 0.64cvss 9.8epss 0.01

    An arbitrary file overwrite vulnerability in Zora: Post, Trade, Earn Crypto v2.60.0 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure.

  • CVE-2026-3356CriMar 31, 2026
    risk 0.60cvss epss 0.00

    The MS27102A Remote Spectrum Monitor is vulnerable to an authentication bypass that allows unauthorized users to access and manipulate its management interface. Because the device provides no mechanism to enable or configure authentication, the issue is inherent to its design…