| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-8713 | 0.00 | — | 0.01 | Jun 19, 2026 | The Avada (Fusion) Builder plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the maybe_delete_files function in all versions up to, and including, 3.15.3. This makes it possible for unauthenticated attackers to delete… | |||
| CVE-2026-8118 | 0.00 | — | 0.00 | Jun 19, 2026 | The Royal Addons for Elementor – Addons and Templates Kit for Elementor plugin for WordPress is vulnerable to Arbitrary File Read in versions 1.7.1058 through 1.7.1059. This is due to the wpr_get_csv_handle() helper (introduced in version 1.7.1058 as part of the patch for… | |||
| CVE-2026-11989 | 0.00 | — | 0.00 | Jun 19, 2026 | The Bit integrations – Form Integration, Webhook, Spreadsheets, CRM, LMS & Email Automation plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.8.7 via the upload_attachment. This makes it possible for unauthenticated… | |||
| CVE-2026-4328 | 0.00 | — | 0.00 | Jun 19, 2026 | The Advanced Import plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.4.6. This is due to the plugin using wp_remote_get() to fetch a user-supplied URL without validating that the URL does not point to internal or private… | |||
| CVE-2026-9013 | 0.00 | — | 0.00 | Jun 19, 2026 | The Bogo plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.9.1 via the bogo_rest_create_post_translation. This makes it possible for authenticated attackers, with subscriber-level access and above, to extract the raw… | |||
| CVE-2026-12157 | 0.00 | — | 0.00 | Jun 19, 2026 | The BetterDocs - Knowledge Base Docs & FAQ Solution for Elementor & Block Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the blockId attribute of the betterdocs/category-slate-layout Gutenberg block in versions up to, and including, 4.5.3. This is… | |||
| CVE-2026-7547 | 0.00 | — | 0.00 | Jun 19, 2026 | The Woosa – Marktplaats for WooCommerce plugin for WordPress is vulnerable to Arbitrary File Read via Path Traversal in versions up to and including 2.0.4. This is due to insufficient path sanitization in the render_logs_ui() function, which accepts a base64-encoded file name… | |||
| CVE-2026-1856 | 0.00 | — | 0.00 | Jun 19, 2026 | The Appointment Booking Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom booking field labels in all versions up to, and including, 1.4.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated… | |||
| CVE-2026-10779 | 0.00 | — | 0.00 | Jun 19, 2026 | The Classified Listing – Classified ads & Business Directory plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 5.4.2. This is due to a missing capability/ownership check on the gallery_image_update_as_feature AJAX handler… | |||
| CVE-2026-56132 | 0.00 | — | 0.00 | Jun 19, 2026 | In libexpat before 2.8.2, there is a heap-based buffer overflow in doProlog in xmlparse.c because scaffold backing array reallocation is mishandled when there is data-structure sharing across parsers. | |||
| CVE-2026-56131 | 0.00 | — | 0.00 | Jun 19, 2026 | libexpat before 2.8.2 lacks handler call depth tracking for calls to XML_ResumeParser from within handlers in cases of a policy violation. Thus, a use-after-free can occur (similar to the CVE-2026-50219 situation). | |||
| CVE-2026-11775 | 0.00 | — | 0.00 | Jun 19, 2026 | The User Admin Simplifier plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.0.0. This is due to missing or incorrect nonce validation on the useradminsimplifier_options_page function. This makes it possible for… | |||
| CVE-2025-62821 | 0.00 | — | 0.01 | Jun 19, 2026 | Microsoft HEIF Image Extensions 1.2.22.0 has an out-of-bounds read because CHEIFItemInfoEntry_GetDataSize can return success while leaving the reported data size as 0. This causes a caller to make a 1-byte allocation. Later, CopyPixels computes copy_size = stride *… | |||
| CVE-2026-51843 | 0.00 | — | 0.00 | Jun 19, 2026 | Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the wanMTU parameter. | |||
| CVE-2026-51844 | 0.00 | — | 0.00 | Jun 19, 2026 | Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the cloneType parameter. | |||
| CVE-2026-51845 | 0.00 | — | 0.00 | Jun 19, 2026 | Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the mac parameter. | |||
| CVE-2026-51846 | 0.00 | — | 0.01 | Jun 19, 2026 | In Tenda AC7 v15.03.06.44, the wanSpeed parameter of the route /goform/AdvSetMacMtuWan has a stack buffer overflow vulnerability that can lead to remote arbitrary code execution. | |||
| CVE-2026-56208 | imp | 0.49 | 7.6 | 0.00 | Jun 19, 2026 | libaom: libaom: heap buffer overflow in AV1 encoder first-pass stats buffer via LAP mode | ||
| CVE-2026-56209 | imp | 0.46 | 7.1 | 0.00 | Jun 19, 2026 | libaom: libaom: arbitrary address write via SVC layer context OOB and cyclic refresh map pointer hijack | ||
| CVE-2026-56210 | imp | 0.46 | 7.1 | 0.00 | Jun 19, 2026 | libaom: libaom: heap-buffer-overflow read via missing bounds check in ctrl_set_layer_id | ||
| CVE-2026-56211 | imp | 0.46 | 7.1 | 0.00 | Jun 19, 2026 | libaom: libaom: remote code execution via SVC layer context handling with attacker-controlled frames | ||
| CVE-2026-50034 | — | 0.00 | — | 0.00 | Jun 18, 2026 | An attacker within BLE communication range can passively intercept wireless traffic and obtain sensitive health-related information, including glucose measurement values. | ||
| CVE-2026-52866 | — | 0.00 | — | 0.00 | Jun 18, 2026 | An attacker within BLE communication range can monopolize the device's only available BLE connection slot, preventing legitimate users or applications from establishing a connection. | ||
| CVE-2026-12049 | low | 0.16 | 3.5 | 0.00 | Jun 18, 2026 | pgAdmin 4: pgAdmin 4: Open redirect vulnerability in multi-factor authentication can lead to phishing | ||
| CVE-2026-12048 | 0.00 | — | 0.00 | Jun 18, 2026 | Stored cross-site scripting in pgAdmin 4's error-rendering and plan-node-rendering paths. Text returned by a PostgreSQL server (ErrorResponse messages, including object names quoted back inside relation-does-not-exist errors and inside EXPLAIN Recheck Cond / Exact Heap Blocks… | |||
| CVE-2026-12047 | mod | 0.30 | 4.6 | 0.00 | Jun 18, 2026 | pgadmin4: pgAdmin 4: HTML injection via unsanitized SDK exception messages in cloud deployment module | ||
| CVE-2026-12046 | imp | 0.59 | 9.0 | 0.01 | Jun 18, 2026 | pgadmin4: pgAdmin 4: Remote Code Execution due to missing authentication on critical functions | ||
| CVE-2026-12045 | imp | 0.59 | 9.0 | 0.00 | Jun 18, 2026 | pgadmin4: pgAdmin 4: Remote code execution via prompt injection in AI Assistant | ||
| CVE-2026-12050 | mod | 0.21 | 4.3 | 0.00 | Jun 18, 2026 | pgadmin4: pgAdmin 4: Arbitrary SQL execution via SQL injection in restore point endpoint | ||
| CVE-2026-12044 | 0.00 | — | 0.00 | Jun 18, 2026 | SQL injection in pgAdmin 4 across every dialog template that renders ``COMMENT ON ... IS ''`` for a user-supplied description field. The Jinja templates for Domains (and their constraints), Foreign Tables, Languages, and Event Triggers, plus the Views OID-lookup… | |||
| CVE-2026-56078 | 0.00 | — | 0.01 | Jun 18, 2026 | PraisonAI before 1.5.115 contains a path traversal vulnerability in MultiAgentMonitor that fails to sanitize agent IDs when building file paths. Attackers can include traversal sequences like ../ in agent IDs to read, write, or overwrite arbitrary files, enabling sensitive… | |||
| CVE-2026-56077 | 0.00 | — | 0.00 | Jun 18, 2026 | PraisonAI before 1.5.115 contains an information disclosure vulnerability in the MultiAgentLedger component that allows attackers to access sensitive data by registering agents with duplicate IDs. Attackers can exploit the lack of agent ID uniqueness enforcement to share ledger… | |||
| CVE-2026-56076 | 0.00 | — | 0.01 | Jun 18, 2026 | PraisonAI before 1.5.128 contains a cross-origin agent execution vulnerability in the AGUI endpoint that allows remote attackers to trigger arbitrary agent execution. The POST /agui endpoint lacks authentication and hardcodes Access-Control-Allow-Origin: * headers, combined with… | |||
| CVE-2026-56075 | 0.00 | — | 0.00 | Jun 18, 2026 | PraisonAI before 4.5.128 contains an arbitrary shell command execution vulnerability where the UI modules hardcode approval_mode to auto, overriding administrator configuration from PRAISON_APPROVAL_MODE environment variable. Authenticated attackers can instruct the LLM agent to… | |||
| CVE-2026-56074 | 0.00 | — | 0.00 | Jun 18, 2026 | PraisonAI before 1.5.128 caches tool approval decisions by tool name only, not by invocation arguments, allowing subsequent execute_command calls to bypass approval prompts. Attackers can exploit this by obtaining initial approval for a benign command, then silently exfiltrate… | |||
| CVE-2026-47647 | 0.00 | — | 0.00 | Jun 18, 2026 | Improper access control in Microsoft Dynamics 365 allows an authorized attacker to elevate privileges over a network. | |||
| CVE-2026-54130 | 0.00 | — | 0.01 | Jun 18, 2026 | Missing authentication for critical function in M365 Copilot allows an unauthorized attacker to disclose information over a network. | |||
| CVE-2026-32174 | 0.00 | — | 0.00 | Jun 18, 2026 | Improper authentication in Azure Bot Service allows an authorized attacker to elevate privileges over a network. | |||
| CVE-2026-47633 | 0.00 | — | 0.01 | Jun 18, 2026 | Exposure of sensitive information to an unauthorized actor in Cost Management Interactive Experiences allows an unauthorized attacker to disclose information over a network. | |||
| CVE-2026-8668 | — | 0.00 | — | 0.00 | Jun 18, 2026 | A static credential embedded in Chef 360 prior to v1.7.0 permitted unauthenticated access to internal message queues. Queue messages contained tenant-specific identifiers. The credential has been rotated and replaced with per-tenant access in subsequent versions, eliminating… | ||
| CVE-2026-8100 | 0.00 | — | 0.00 | Jun 18, 2026 | Impact A security issue has been identified in Chef 360 that could allow unauthorized access to protected API endpoints under specific conditions. This issue is due to improper handling of URL-encoded paths during request processing. In certain scenarios, an authenticated… | |||
| CVE-2026-55591 | 0.00 | — | — | Jun 18, 2026 | ### Summary signalk-server versions up to and including 2.27.0 contain a Server-Side Request Forgery (SSRF) vulnerability in three administrative endpoints used for remote Signal K server connection management. The `makeRemoteRequest()` function accepts attacker-controlled… | |||
| CVE-2026-49205 | 0.00 | — | 0.00 | Jun 18, 2026 | phpMyFAQ is an open source FAQ web application. Versions prior to 4.1.4 have Missing Authorization in the API CategoryController. CVE-2026-24421 addressed this in the BackupController by adding: $this->userHasPermission(PermissionType::BACKUP). The same fix was not applied to 4… | |||
| CVE-2026-22674 | 0.00 | — | 0.00 | Jun 18, 2026 | Hashgraph Guardian through 3.5.0, fixed in commit ba8c566, contains a stored cross-site scripting vulnerability that allows authenticated users with the STANDARD_REGISTRY role to inject malicious scripts by submitting a crafted companyName value via the branding configuration… | |||
| CVE-2026-49257 | 0.00 | — | 0.01 | Jun 18, 2026 | mcp-pinot is a Python-based Model Context Protocol (MCP) server for interacting with Apache Pinot. In versions 3.0.1 and below, mcp-pinot defaults to running an HTTP MCP server bound to 0.0.0.0:8080 with no authentication enabled. All MCP tools, including SQL query execution,… | |||
| CVE-2026-49454 | 0.00 | — | 0.00 | Jun 18, 2026 | Relyra is a strict-by-default SAML 2.0 Service Provider library for Elixir and Phoenix. Versions 1.0.0 and 1.1.0 accept forged SAML signatures because SignatureValue was not cryptographically verified before the library returned a successful authentication result. The XMLDSig… | |||
| CVE-2026-46699 | 0.00 | — | 0.00 | Jun 18, 2026 | conda-smithy is a tool for combining a conda recipe with configurations to build using freely hosted CI services into a single repository. Prior to version 3.61.0, a vulnerability in the conda-forge automated webservices allowed unintended write access to feedstock repositories… | |||
| CVE-2026-45696 | 0.00 | — | 0.00 | Jun 18, 2026 | OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11, the HTJ2K (High-Throughput JPEG 2000) decoder, ht_undo_impl() in OpenEXRCore is vulnerable to a heap-buffer-overflow… | |||
| CVE-2026-44663 | 0.00 | — | 0.00 | Jun 18, 2026 | OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11, an integer overflow in ht_undo_impl() in src/lib/OpenEXRCore/internal_ht.cpp leads to a heap-buffer overflow when… | |||
| CVE-2025-15661 | 0.00 | — | 0.00 | Jun 18, 2026 | libssh2 through 1.11.1, fixed in commit 2dae302, contains an out-of-bounds heap read vulnerability in the sftp_symlink() function in src/sftp.c that allows a malicious SSH server or man-in-the-middle attacker to disclose heap memory contents or cause a crash by sending a crafted… |
- CVE-2026-8713Jun 19, 2026risk 0.00cvss —epss 0.01
The Avada (Fusion) Builder plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the maybe_delete_files function in all versions up to, and including, 3.15.3. This makes it possible for unauthenticated attackers to delete…
- CVE-2026-8118Jun 19, 2026risk 0.00cvss —epss 0.00
The Royal Addons for Elementor – Addons and Templates Kit for Elementor plugin for WordPress is vulnerable to Arbitrary File Read in versions 1.7.1058 through 1.7.1059. This is due to the wpr_get_csv_handle() helper (introduced in version 1.7.1058 as part of the patch for…
- CVE-2026-11989Jun 19, 2026risk 0.00cvss —epss 0.00
The Bit integrations – Form Integration, Webhook, Spreadsheets, CRM, LMS & Email Automation plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.8.7 via the upload_attachment. This makes it possible for unauthenticated…
- CVE-2026-4328Jun 19, 2026risk 0.00cvss —epss 0.00
The Advanced Import plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.4.6. This is due to the plugin using wp_remote_get() to fetch a user-supplied URL without validating that the URL does not point to internal or private…
- CVE-2026-9013Jun 19, 2026risk 0.00cvss —epss 0.00
The Bogo plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.9.1 via the bogo_rest_create_post_translation. This makes it possible for authenticated attackers, with subscriber-level access and above, to extract the raw…
- CVE-2026-12157Jun 19, 2026risk 0.00cvss —epss 0.00
The BetterDocs - Knowledge Base Docs & FAQ Solution for Elementor & Block Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the blockId attribute of the betterdocs/category-slate-layout Gutenberg block in versions up to, and including, 4.5.3. This is…
- CVE-2026-7547Jun 19, 2026risk 0.00cvss —epss 0.00
The Woosa – Marktplaats for WooCommerce plugin for WordPress is vulnerable to Arbitrary File Read via Path Traversal in versions up to and including 2.0.4. This is due to insufficient path sanitization in the render_logs_ui() function, which accepts a base64-encoded file name…
- CVE-2026-1856Jun 19, 2026risk 0.00cvss —epss 0.00
The Appointment Booking Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom booking field labels in all versions up to, and including, 1.4.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated…
- CVE-2026-10779Jun 19, 2026risk 0.00cvss —epss 0.00
The Classified Listing – Classified ads & Business Directory plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 5.4.2. This is due to a missing capability/ownership check on the gallery_image_update_as_feature AJAX handler…
- CVE-2026-56132Jun 19, 2026risk 0.00cvss —epss 0.00
In libexpat before 2.8.2, there is a heap-based buffer overflow in doProlog in xmlparse.c because scaffold backing array reallocation is mishandled when there is data-structure sharing across parsers.
- CVE-2026-56131Jun 19, 2026risk 0.00cvss —epss 0.00
libexpat before 2.8.2 lacks handler call depth tracking for calls to XML_ResumeParser from within handlers in cases of a policy violation. Thus, a use-after-free can occur (similar to the CVE-2026-50219 situation).
- CVE-2026-11775Jun 19, 2026risk 0.00cvss —epss 0.00
The User Admin Simplifier plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.0.0. This is due to missing or incorrect nonce validation on the useradminsimplifier_options_page function. This makes it possible for…
- CVE-2025-62821Jun 19, 2026risk 0.00cvss —epss 0.01
Microsoft HEIF Image Extensions 1.2.22.0 has an out-of-bounds read because CHEIFItemInfoEntry_GetDataSize can return success while leaving the reported data size as 0. This causes a caller to make a 1-byte allocation. Later, CopyPixels computes copy_size = stride *…
- CVE-2026-51843Jun 19, 2026risk 0.00cvss —epss 0.00
Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the wanMTU parameter.
- CVE-2026-51844Jun 19, 2026risk 0.00cvss —epss 0.00
Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the cloneType parameter.
- CVE-2026-51845Jun 19, 2026risk 0.00cvss —epss 0.00
Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the mac parameter.
- CVE-2026-51846Jun 19, 2026risk 0.00cvss —epss 0.01
In Tenda AC7 v15.03.06.44, the wanSpeed parameter of the route /goform/AdvSetMacMtuWan has a stack buffer overflow vulnerability that can lead to remote arbitrary code execution.
- risk 0.49cvss 7.6epss 0.00
libaom: libaom: heap buffer overflow in AV1 encoder first-pass stats buffer via LAP mode
- risk 0.46cvss 7.1epss 0.00
libaom: libaom: arbitrary address write via SVC layer context OOB and cyclic refresh map pointer hijack
- risk 0.46cvss 7.1epss 0.00
libaom: libaom: heap-buffer-overflow read via missing bounds check in ctrl_set_layer_id
- risk 0.46cvss 7.1epss 0.00
libaom: libaom: remote code execution via SVC layer context handling with attacker-controlled frames
- CVE-2026-50034Jun 18, 2026risk 0.00cvss —epss 0.00
An attacker within BLE communication range can passively intercept wireless traffic and obtain sensitive health-related information, including glucose measurement values.
- CVE-2026-52866Jun 18, 2026risk 0.00cvss —epss 0.00
An attacker within BLE communication range can monopolize the device's only available BLE connection slot, preventing legitimate users or applications from establishing a connection.
- risk 0.16cvss 3.5epss 0.00
pgAdmin 4: pgAdmin 4: Open redirect vulnerability in multi-factor authentication can lead to phishing
- CVE-2026-12048Jun 18, 2026risk 0.00cvss —epss 0.00
Stored cross-site scripting in pgAdmin 4's error-rendering and plan-node-rendering paths. Text returned by a PostgreSQL server (ErrorResponse messages, including object names quoted back inside relation-does-not-exist errors and inside EXPLAIN Recheck Cond / Exact Heap Blocks…
- risk 0.30cvss 4.6epss 0.00
pgadmin4: pgAdmin 4: HTML injection via unsanitized SDK exception messages in cloud deployment module
- risk 0.59cvss 9.0epss 0.01
pgadmin4: pgAdmin 4: Remote Code Execution due to missing authentication on critical functions
- risk 0.59cvss 9.0epss 0.00
pgadmin4: pgAdmin 4: Remote code execution via prompt injection in AI Assistant
- risk 0.21cvss 4.3epss 0.00
pgadmin4: pgAdmin 4: Arbitrary SQL execution via SQL injection in restore point endpoint
- CVE-2026-12044Jun 18, 2026risk 0.00cvss —epss 0.00
SQL injection in pgAdmin 4 across every dialog template that renders ``COMMENT ON ... IS ''`` for a user-supplied description field. The Jinja templates for Domains (and their constraints), Foreign Tables, Languages, and Event Triggers, plus the Views OID-lookup…
- CVE-2026-56078Jun 18, 2026risk 0.00cvss —epss 0.01
PraisonAI before 1.5.115 contains a path traversal vulnerability in MultiAgentMonitor that fails to sanitize agent IDs when building file paths. Attackers can include traversal sequences like ../ in agent IDs to read, write, or overwrite arbitrary files, enabling sensitive…
- CVE-2026-56077Jun 18, 2026risk 0.00cvss —epss 0.00
PraisonAI before 1.5.115 contains an information disclosure vulnerability in the MultiAgentLedger component that allows attackers to access sensitive data by registering agents with duplicate IDs. Attackers can exploit the lack of agent ID uniqueness enforcement to share ledger…
- CVE-2026-56076Jun 18, 2026risk 0.00cvss —epss 0.01
PraisonAI before 1.5.128 contains a cross-origin agent execution vulnerability in the AGUI endpoint that allows remote attackers to trigger arbitrary agent execution. The POST /agui endpoint lacks authentication and hardcodes Access-Control-Allow-Origin: * headers, combined with…
- CVE-2026-56075Jun 18, 2026risk 0.00cvss —epss 0.00
PraisonAI before 4.5.128 contains an arbitrary shell command execution vulnerability where the UI modules hardcode approval_mode to auto, overriding administrator configuration from PRAISON_APPROVAL_MODE environment variable. Authenticated attackers can instruct the LLM agent to…
- CVE-2026-56074Jun 18, 2026risk 0.00cvss —epss 0.00
PraisonAI before 1.5.128 caches tool approval decisions by tool name only, not by invocation arguments, allowing subsequent execute_command calls to bypass approval prompts. Attackers can exploit this by obtaining initial approval for a benign command, then silently exfiltrate…
- CVE-2026-47647Jun 18, 2026risk 0.00cvss —epss 0.00
Improper access control in Microsoft Dynamics 365 allows an authorized attacker to elevate privileges over a network.
- CVE-2026-54130Jun 18, 2026risk 0.00cvss —epss 0.01
Missing authentication for critical function in M365 Copilot allows an unauthorized attacker to disclose information over a network.
- CVE-2026-32174Jun 18, 2026risk 0.00cvss —epss 0.00
Improper authentication in Azure Bot Service allows an authorized attacker to elevate privileges over a network.
- CVE-2026-47633Jun 18, 2026risk 0.00cvss —epss 0.01
Exposure of sensitive information to an unauthorized actor in Cost Management Interactive Experiences allows an unauthorized attacker to disclose information over a network.
- CVE-2026-8668Jun 18, 2026risk 0.00cvss —epss 0.00
A static credential embedded in Chef 360 prior to v1.7.0 permitted unauthenticated access to internal message queues. Queue messages contained tenant-specific identifiers. The credential has been rotated and replaced with per-tenant access in subsequent versions, eliminating…
- CVE-2026-8100Jun 18, 2026risk 0.00cvss —epss 0.00
Impact A security issue has been identified in Chef 360 that could allow unauthorized access to protected API endpoints under specific conditions. This issue is due to improper handling of URL-encoded paths during request processing. In certain scenarios, an authenticated…
- CVE-2026-55591Jun 18, 2026risk 0.00cvss —epss —
### Summary signalk-server versions up to and including 2.27.0 contain a Server-Side Request Forgery (SSRF) vulnerability in three administrative endpoints used for remote Signal K server connection management. The `makeRemoteRequest()` function accepts attacker-controlled…
- CVE-2026-49205Jun 18, 2026risk 0.00cvss —epss 0.00
phpMyFAQ is an open source FAQ web application. Versions prior to 4.1.4 have Missing Authorization in the API CategoryController. CVE-2026-24421 addressed this in the BackupController by adding: $this->userHasPermission(PermissionType::BACKUP). The same fix was not applied to 4…
- CVE-2026-22674Jun 18, 2026risk 0.00cvss —epss 0.00
Hashgraph Guardian through 3.5.0, fixed in commit ba8c566, contains a stored cross-site scripting vulnerability that allows authenticated users with the STANDARD_REGISTRY role to inject malicious scripts by submitting a crafted companyName value via the branding configuration…
- CVE-2026-49257Jun 18, 2026risk 0.00cvss —epss 0.01
mcp-pinot is a Python-based Model Context Protocol (MCP) server for interacting with Apache Pinot. In versions 3.0.1 and below, mcp-pinot defaults to running an HTTP MCP server bound to 0.0.0.0:8080 with no authentication enabled. All MCP tools, including SQL query execution,…
- CVE-2026-49454Jun 18, 2026risk 0.00cvss —epss 0.00
Relyra is a strict-by-default SAML 2.0 Service Provider library for Elixir and Phoenix. Versions 1.0.0 and 1.1.0 accept forged SAML signatures because SignatureValue was not cryptographically verified before the library returned a successful authentication result. The XMLDSig…
- CVE-2026-46699Jun 18, 2026risk 0.00cvss —epss 0.00
conda-smithy is a tool for combining a conda recipe with configurations to build using freely hosted CI services into a single repository. Prior to version 3.61.0, a vulnerability in the conda-forge automated webservices allowed unintended write access to feedstock repositories…
- CVE-2026-45696Jun 18, 2026risk 0.00cvss —epss 0.00
OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11, the HTJ2K (High-Throughput JPEG 2000) decoder, ht_undo_impl() in OpenEXRCore is vulnerable to a heap-buffer-overflow…
- CVE-2026-44663Jun 18, 2026risk 0.00cvss —epss 0.00
OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11, an integer overflow in ht_undo_impl() in src/lib/OpenEXRCore/internal_ht.cpp leads to a heap-buffer overflow when…
- CVE-2025-15661Jun 18, 2026risk 0.00cvss —epss 0.00
libssh2 through 1.11.1, fixed in commit 2dae302, contains an out-of-bounds heap read vulnerability in the sftp_symlink() function in src/sftp.c that allows a malicious SSH server or man-in-the-middle attacker to disclose heap memory contents or cause a crash by sending a crafted…