VYPR

CVEs

345,060 total · page 52 of 6,902

  • CVE-2026-8713Jun 19, 2026
    risk 0.00cvss epss 0.01

    The Avada (Fusion) Builder plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the maybe_delete_files function in all versions up to, and including, 3.15.3. This makes it possible for unauthenticated attackers to delete…

  • CVE-2026-8118Jun 19, 2026
    risk 0.00cvss epss 0.00

    The Royal Addons for Elementor – Addons and Templates Kit for Elementor plugin for WordPress is vulnerable to Arbitrary File Read in versions 1.7.1058 through 1.7.1059. This is due to the wpr_get_csv_handle() helper (introduced in version 1.7.1058 as part of the patch for…

  • CVE-2026-11989Jun 19, 2026
    risk 0.00cvss epss 0.00

    The Bit integrations – Form Integration, Webhook, Spreadsheets, CRM, LMS & Email Automation plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.8.7 via the upload_attachment. This makes it possible for unauthenticated…

  • CVE-2026-4328Jun 19, 2026
    risk 0.00cvss epss 0.00

    The Advanced Import plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.4.6. This is due to the plugin using wp_remote_get() to fetch a user-supplied URL without validating that the URL does not point to internal or private…

  • CVE-2026-9013Jun 19, 2026
    risk 0.00cvss epss 0.00

    The Bogo plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.9.1 via the bogo_rest_create_post_translation. This makes it possible for authenticated attackers, with subscriber-level access and above, to extract the raw…

  • CVE-2026-12157Jun 19, 2026
    risk 0.00cvss epss 0.00

    The BetterDocs - Knowledge Base Docs & FAQ Solution for Elementor & Block Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the blockId attribute of the betterdocs/category-slate-layout Gutenberg block in versions up to, and including, 4.5.3. This is…

  • CVE-2026-7547Jun 19, 2026
    risk 0.00cvss epss 0.00

    The Woosa – Marktplaats for WooCommerce plugin for WordPress is vulnerable to Arbitrary File Read via Path Traversal in versions up to and including 2.0.4. This is due to insufficient path sanitization in the render_logs_ui() function, which accepts a base64-encoded file name…

  • CVE-2026-1856Jun 19, 2026
    risk 0.00cvss epss 0.00

    The Appointment Booking Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom booking field labels in all versions up to, and including, 1.4.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated…

  • CVE-2026-10779Jun 19, 2026
    risk 0.00cvss epss 0.00

    The Classified Listing – Classified ads & Business Directory plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 5.4.2. This is due to a missing capability/ownership check on the gallery_image_update_as_feature AJAX handler…

  • CVE-2026-56132Jun 19, 2026
    risk 0.00cvss epss 0.00

    In libexpat before 2.8.2, there is a heap-based buffer overflow in doProlog in xmlparse.c because scaffold backing array reallocation is mishandled when there is data-structure sharing across parsers.

  • CVE-2026-56131Jun 19, 2026
    risk 0.00cvss epss 0.00

    libexpat before 2.8.2 lacks handler call depth tracking for calls to XML_ResumeParser from within handlers in cases of a policy violation. Thus, a use-after-free can occur (similar to the CVE-2026-50219 situation).

  • CVE-2026-11775Jun 19, 2026
    risk 0.00cvss epss 0.00

    The User Admin Simplifier plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.0.0. This is due to missing or incorrect nonce validation on the useradminsimplifier_options_page function. This makes it possible for…

  • CVE-2025-62821Jun 19, 2026
    risk 0.00cvss epss 0.01

    Microsoft HEIF Image Extensions 1.2.22.0 has an out-of-bounds read because CHEIFItemInfoEntry_GetDataSize can return success while leaving the reported data size as 0. This causes a caller to make a 1-byte allocation. Later, CopyPixels computes copy_size = stride *…

  • CVE-2026-51843Jun 19, 2026
    risk 0.00cvss epss 0.00

    Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the wanMTU parameter.

  • CVE-2026-51844Jun 19, 2026
    risk 0.00cvss epss 0.00

    Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the cloneType parameter.

  • CVE-2026-51845Jun 19, 2026
    risk 0.00cvss epss 0.00

    Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the mac parameter.

  • CVE-2026-51846Jun 19, 2026
    risk 0.00cvss epss 0.01

    In Tenda AC7 v15.03.06.44, the wanSpeed parameter of the route /goform/AdvSetMacMtuWan has a stack buffer overflow vulnerability that can lead to remote arbitrary code execution.

  • CVE-2026-56208impJun 19, 2026
    risk 0.49cvss 7.6epss 0.00

    libaom: libaom: heap buffer overflow in AV1 encoder first-pass stats buffer via LAP mode

  • CVE-2026-56209impJun 19, 2026
    risk 0.46cvss 7.1epss 0.00

    libaom: libaom: arbitrary address write via SVC layer context OOB and cyclic refresh map pointer hijack

  • CVE-2026-56210impJun 19, 2026
    risk 0.46cvss 7.1epss 0.00

    libaom: libaom: heap-buffer-overflow read via missing bounds check in ctrl_set_layer_id

  • CVE-2026-56211impJun 19, 2026
    risk 0.46cvss 7.1epss 0.00

    libaom: libaom: remote code execution via SVC layer context handling with attacker-controlled frames

  • CVE-2026-50034Jun 18, 2026
    risk 0.00cvss epss 0.00

    An attacker within BLE communication range can passively intercept wireless traffic and obtain sensitive health-related information, including glucose measurement values.

  • CVE-2026-52866Jun 18, 2026
    risk 0.00cvss epss 0.00

    An attacker within BLE communication range can monopolize the device's only available BLE connection slot, preventing legitimate users or applications from establishing a connection.

  • CVE-2026-12049lowJun 18, 2026
    risk 0.16cvss 3.5epss 0.00

    pgAdmin 4: pgAdmin 4: Open redirect vulnerability in multi-factor authentication can lead to phishing

  • CVE-2026-12048Jun 18, 2026
    risk 0.00cvss epss 0.00

    Stored cross-site scripting in pgAdmin 4's error-rendering and plan-node-rendering paths. Text returned by a PostgreSQL server (ErrorResponse messages, including object names quoted back inside relation-does-not-exist errors and inside EXPLAIN Recheck Cond / Exact Heap Blocks…

  • CVE-2026-12047modJun 18, 2026
    risk 0.30cvss 4.6epss 0.00

    pgadmin4: pgAdmin 4: HTML injection via unsanitized SDK exception messages in cloud deployment module

  • CVE-2026-12046impJun 18, 2026
    risk 0.59cvss 9.0epss 0.01

    pgadmin4: pgAdmin 4: Remote Code Execution due to missing authentication on critical functions

  • CVE-2026-12045impJun 18, 2026
    risk 0.59cvss 9.0epss 0.00

    pgadmin4: pgAdmin 4: Remote code execution via prompt injection in AI Assistant

  • CVE-2026-12050modJun 18, 2026
    risk 0.21cvss 4.3epss 0.00

    pgadmin4: pgAdmin 4: Arbitrary SQL execution via SQL injection in restore point endpoint

  • CVE-2026-12044Jun 18, 2026
    risk 0.00cvss epss 0.00

    SQL injection in pgAdmin 4 across every dialog template that renders ``COMMENT ON ... IS ''`` for a user-supplied description field. The Jinja templates for Domains (and their constraints), Foreign Tables, Languages, and Event Triggers, plus the Views OID-lookup…

  • CVE-2026-56078Jun 18, 2026
    risk 0.00cvss epss 0.01

    PraisonAI before 1.5.115 contains a path traversal vulnerability in MultiAgentMonitor that fails to sanitize agent IDs when building file paths. Attackers can include traversal sequences like ../ in agent IDs to read, write, or overwrite arbitrary files, enabling sensitive…

  • CVE-2026-56077Jun 18, 2026
    risk 0.00cvss epss 0.00

    PraisonAI before 1.5.115 contains an information disclosure vulnerability in the MultiAgentLedger component that allows attackers to access sensitive data by registering agents with duplicate IDs. Attackers can exploit the lack of agent ID uniqueness enforcement to share ledger…

  • CVE-2026-56076Jun 18, 2026
    risk 0.00cvss epss 0.01

    PraisonAI before 1.5.128 contains a cross-origin agent execution vulnerability in the AGUI endpoint that allows remote attackers to trigger arbitrary agent execution. The POST /agui endpoint lacks authentication and hardcodes Access-Control-Allow-Origin: * headers, combined with…

  • CVE-2026-56075Jun 18, 2026
    risk 0.00cvss epss 0.00

    PraisonAI before 4.5.128 contains an arbitrary shell command execution vulnerability where the UI modules hardcode approval_mode to auto, overriding administrator configuration from PRAISON_APPROVAL_MODE environment variable. Authenticated attackers can instruct the LLM agent to…

  • CVE-2026-56074Jun 18, 2026
    risk 0.00cvss epss 0.00

    PraisonAI before 1.5.128 caches tool approval decisions by tool name only, not by invocation arguments, allowing subsequent execute_command calls to bypass approval prompts. Attackers can exploit this by obtaining initial approval for a benign command, then silently exfiltrate…

  • CVE-2026-47647Jun 18, 2026
    risk 0.00cvss epss 0.00

    Improper access control in Microsoft Dynamics 365 allows an authorized attacker to elevate privileges over a network.

  • CVE-2026-54130Jun 18, 2026
    risk 0.00cvss epss 0.01

    Missing authentication for critical function in M365 Copilot allows an unauthorized attacker to disclose information over a network.

  • CVE-2026-32174Jun 18, 2026
    risk 0.00cvss epss 0.00

    Improper authentication in Azure Bot Service allows an authorized attacker to elevate privileges over a network.

  • CVE-2026-47633Jun 18, 2026
    risk 0.00cvss epss 0.01

    Exposure of sensitive information to an unauthorized actor in Cost Management Interactive Experiences allows an unauthorized attacker to disclose information over a network.

  • CVE-2026-8668Jun 18, 2026
    risk 0.00cvss epss 0.00

    A static credential embedded in Chef 360 prior to v1.7.0 permitted unauthenticated access to internal message queues.  Queue messages contained tenant-specific identifiers.  The credential has been rotated and replaced with per-tenant access in subsequent versions, eliminating…

  • CVE-2026-8100Jun 18, 2026
    risk 0.00cvss epss 0.00

    Impact A security issue has been identified in Chef 360 that could allow unauthorized access to protected API endpoints under specific conditions. This issue is due to improper handling of URL-encoded paths during request processing. In certain scenarios, an authenticated…

  • CVE-2026-55591Jun 18, 2026
    risk 0.00cvss epss

    ### Summary signalk-server versions up to and including 2.27.0 contain a Server-Side Request Forgery (SSRF) vulnerability in three administrative endpoints used for remote Signal K server connection management. The `makeRemoteRequest()` function accepts attacker-controlled…

  • CVE-2026-49205Jun 18, 2026
    risk 0.00cvss epss 0.00

    phpMyFAQ is an open source FAQ web application. Versions prior to 4.1.4 have Missing Authorization in the API CategoryController. CVE-2026-24421 addressed this in the BackupController by adding: $this->userHasPermission(PermissionType::BACKUP). The same fix was not applied to 4…

  • CVE-2026-22674Jun 18, 2026
    risk 0.00cvss epss 0.00

    Hashgraph Guardian through 3.5.0, fixed in commit ba8c566, contains a stored cross-site scripting vulnerability that allows authenticated users with the STANDARD_REGISTRY role to inject malicious scripts by submitting a crafted companyName value via the branding configuration…

  • CVE-2026-49257Jun 18, 2026
    risk 0.00cvss epss 0.01

    mcp-pinot is a Python-based Model Context Protocol (MCP) server for interacting with Apache Pinot. In versions 3.0.1 and below, mcp-pinot defaults to running an HTTP MCP server bound to 0.0.0.0:8080 with no authentication enabled. All MCP tools, including SQL query execution,…

  • CVE-2026-49454Jun 18, 2026
    risk 0.00cvss epss 0.00

    Relyra is a strict-by-default SAML 2.0 Service Provider library for Elixir and Phoenix. Versions 1.0.0 and 1.1.0 accept forged SAML signatures because SignatureValue was not cryptographically verified before the library returned a successful authentication result. The XMLDSig…

  • CVE-2026-46699Jun 18, 2026
    risk 0.00cvss epss 0.00

    conda-smithy is a tool for combining a conda recipe with configurations to build using freely hosted CI services into a single repository. Prior to version 3.61.0, a vulnerability in the conda-forge automated webservices allowed unintended write access to feedstock repositories…

  • CVE-2026-45696Jun 18, 2026
    risk 0.00cvss epss 0.00

    OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11, the HTJ2K (High-Throughput JPEG 2000) decoder, ht_undo_impl() in OpenEXRCore is vulnerable to a heap-buffer-overflow…

  • CVE-2026-44663Jun 18, 2026
    risk 0.00cvss epss 0.00

    OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11, an integer overflow in ht_undo_impl() in src/lib/OpenEXRCore/internal_ht.cpp leads to a heap-buffer overflow when…

  • CVE-2025-15661Jun 18, 2026
    risk 0.00cvss epss 0.00

    libssh2 through 1.11.1, fixed in commit 2dae302, contains an out-of-bounds heap read vulnerability in the sftp_symlink() function in src/sftp.c that allows a malicious SSH server or man-in-the-middle attacker to disclose heap memory contents or cause a crash by sending a crafted…