VYPR

CVEs

100,075 total · page 53 of 2,002

  • CVE-2026-40834HigMay 27, 2026
    risk 0.46cvss 7.1epss 0.00

    An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the dash_layout.php files saveDashboardLayout function due to improper neutralization of special elements in a SQL INSERT command allowing for reading the whole database and inserting…

  • CVE-2026-40833HigMay 27, 2026
    risk 0.46cvss 7.1epss 0.00

    An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the dash.php files saveDashboardLayout function due to improper neutralization of special elements in a SQL INSERT command allowing for reading the whole database and inserting…

  • CVE-2025-52747HigMay 27, 2026
    risk 0.46cvss 7.1epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jthemes Themebox - Digital Products Ecommerce allows Reflected XSS. This issue affects Themebox - Digital Products Ecommerce: from n/a through 1.4.2.

  • CVE-2025-30028HigMay 27, 2026
    risk 0.56cvss 8.6epss 0.00

    A vulnerability in Active Backup for Business allows unauthorized remote attackers to read arbitrary files.

  • CVE-2025-22741HigMay 27, 2026
    risk 0.46cvss 7.1epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RiceTheme Felan Framework allows Reflected XSS. This issue affects Felan Framework: from n/a through 1.1.3.

  • CVE-2025-14713HigMay 27, 2026
    risk 0.49cvss 7.5epss 0.00

    An Exposed Dangerous Method or Function vulnerability in Synology C2 Identity Edge Server package in DSM before 1.76.0-0307 allows remote attackers to obtain user credentials from the edge server.

  • CVE-2025-13392HigMay 27, 2026
    risk 0.53cvss 8.1epss 0.01

    Improper check for unusual or exceptional conditions vulnerability in SSO in Synology DiskStation Manager (DSM) before 7.2.2-72806-5 and 7.3.1-86003-1 (7.2.1-69057 is not affected) allows remote attackers to bypass authentication with prior knowledge of the distinguished name…

  • CVE-2023-52945HigMay 27, 2026
    risk 0.51cvss 7.8epss 0.00

    Uncontrolled search path element vulnerability in OpenSSL DLL component in Synology BeeDrive for desktop before 1.3.2-13814 allows local users to execute arbitrary code via unspecified vectors.

  • CVE-2026-8832HigMay 27, 2026
    risk 0.50cvss 8.8epss 0.01

    The WPCode - Insert Headers and Footers + Custom Code Snippets - WordPress Code Manager plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 2.3.5 This is due to the 'wpcode' custom post type being registered without a custom…

  • CVE-2026-8143HigMay 27, 2026
    risk 0.47cvss 7.2epss 0.00

    The HBook plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'hb_country_iso', 'hb_usa_state_iso', and 'hb_canada_province_iso' parameters in all versions up to, and including, 2.1.6 due to insufficient input sanitization and output escaping. This makes it…

  • CVE-2026-6169HigMay 27, 2026
    risk 0.47cvss 7.2epss 0.01

    The affiliate-toolkit plugin for WordPress is vulnerable to remote code execution in all versions up to, and including, 3.8.5. This is due to the plugin using the BladeOne templating engine's runString() method which compiles user-supplied template content into PHP code and…

  • CVE-2026-40819HigMay 27, 2026
    risk 0.49cvss 7.5epss 0.00

    An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the sync_data24 task due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

  • CVE-2026-40818HigMay 27, 2026
    risk 0.49cvss 7.5epss 0.00

    An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the _mb24confi_getDevice function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

  • CVE-2026-40817HigMay 27, 2026
    risk 0.49cvss 7.5epss 0.00

    An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getAlarmProfiles function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

  • CVE-2026-40816HigMay 27, 2026
    risk 0.49cvss 7.5epss 0.00

    An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the mb24alarm.php files _mb24confi_getTagAlarm function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

  • CVE-2026-40815HigMay 27, 2026
    risk 0.49cvss 7.5epss 0.00

    An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the _mb24api_getUserAccount function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

  • CVE-2026-40814HigMay 27, 2026
    risk 0.49cvss 7.5epss 0.00

    An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the dataapi.php files _mb24confi_getTagAlarm function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

  • CVE-2026-40813HigMay 27, 2026
    risk 0.49cvss 7.5epss 0.00

    An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getLiveValues functions tagid parameter due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

  • CVE-2026-40812HigMay 27, 2026
    risk 0.49cvss 7.5epss 0.00

    An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getLiveValues functions sn parameter due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

  • CVE-2026-40811HigMay 27, 2026
    risk 0.49cvss 7.5epss 0.00

    An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the ssoabstractservice due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

  • CVE-2026-40810HigMay 27, 2026
    risk 0.49cvss 7.5epss 0.00

    An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the userinfo endpoint due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

  • CVE-2026-3375HigMay 27, 2026
    risk 0.40cvss 7.2epss 0.00

    The LiteSpeed Cache plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the /wp-json/litespeed/v1/notify_ccss and /wp-json/litespeed/v1/notify_ucss REST API endpoints in all versions up to, and including, 7.7. These endpoints accept CSS content from QUIC.cloud…

  • CVE-2025-41670HigMay 27, 2026
    risk 0.51cvss 7.8epss 0.00

    A local user with low privileges may be able to influence the behavior of a privileged system service by manipulating configuration or application-related files located in user-writable areas of the filesystem. The affected service processes data from locations that are not…

  • CVE-2025-41669HigMay 27, 2026
    risk 0.57cvss 8.8epss 0.00

    The Web-based Management allows a remote low privileged Engineer user to install additional APPs on the device downloaded from the PLCnext Store without implementing any data verification mechanism, leading to the capability for an Engineer user to reach arbitrary code execution…

  • CVE-2026-9200HigMay 27, 2026
    risk 0.49cvss 7.5epss 0.01

    The Query Shortcode plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 0.2.1 via the shortcode function. This makes it possible for authenticated attackers, with contributor-level access and above, to include and execute arbitrary…

  • CVE-2026-8994HigMay 27, 2026
    risk 0.53cvss 8.1epss 0.00

    The Login with NEAR plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 0.3.3. The `ajaxLoginWithNear()` function — registered as a `wp_ajax_nopriv` action and therefore reachable by unauthenticated users — accepts an…

  • CVE-2026-8787HigMay 27, 2026
    risk 0.57cvss 8.8epss 0.00

    The Firebase Support & Chat Management plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.1.1. This is due to the `firebase_auth()` function authenticating the request as the WordPress user whose email is supplied in the…

  • CVE-2026-6268HigMay 27, 2026
    risk 0.46cvss 7.1epss 0.00

    The EventPress WordPress theme before 22.2 does not sanitize or escape the 'id' parameter in the eventpress_customizer_notify_dismiss_action AJAX handler before outputting it back in the response, allowing unauthenticated attackers to perform Reflected Cross-Site Scripting…

  • CVE-2026-49000HigMay 27, 2026
    risk 0.46cvss 7.0epss 0.00

    An insecure password scheme refers to vulnerabilities arising from improper selection of encryption algorithms, inadequate key management, or flawed code implementation, which may lead to data leakage or tampering, such as hard-coded keys or the use of weak encryption algorithms.

  • CVE-2026-48962HigMay 27, 2026
    risk 0.40cvss 7.3epss 0.00

    IO::Compress versions before 2.220 for Perl can execute arbitrary code in File::GlobMapper via an attacker-controlled output glob. _parseOutputGlob() wraps the caller-supplied output glob string in double quotes and stores it in the parser state; _getFiles() then runs the…

  • CVE-2026-48961HigMay 27, 2026
    risk 0.40cvss 7.3epss 0.00

    IO::Compress versions from 2.207 before 2.220 for Perl ship a zipdetails CLI tool that crashes with undefined subroutine on Info-ZIP Unix Extra Field with 8-byte UID or GID. When decode_ux() in bin/zipdetails handles an Info-ZIP Unix Extra Field (tag 0x7875) with UID Size or…

  • CVE-2026-48959HigMay 27, 2026
    risk 0.42cvss 7.5epss 0.00

    IO::Uncompress::Unzip versions before 2.220 for Perl allow CPU exhaustion via per-byte read loop in fastForward. fastForward() compares length $offset (the digit count of the offset, 1 to 19) against the chunk size $c instead of $offset itself, so $c shrinks from 16 KiB to 1-19…

  • CVE-2026-2253HigMay 27, 2026
    risk 0.50cvss 7.7epss 0.00

    Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.7 and 11.0.0.0, including 9.3.x and 8.3.x, does not prevent certain XML parsers from resolving external entities.

  • CVE-2026-9632HigMay 27, 2026
    risk 0.57cvss 8.8epss 0.00

    A flaw has been found in UTT HiPER 1250GW up to 3.2.7-210907-180535. Affected by this issue is the function strcpy of the file /goform/formGroupConfig of the component Web Management Interface. Executing a manipulation of the argument Profile can lead to stack-based buffer…

  • CVE-2026-9631HigMay 27, 2026
    risk 0.57cvss 8.8epss 0.00

    A vulnerability was detected in UTT HiPER 1250GW up to 3.2.7-210907-180535. Affected by this vulnerability is the function strcpy of the file /goform/formConfigFastDirectionW of the component Web Management Interface. Performing a manipulation of the argument Profile results in…

  • CVE-2026-9628HigMay 27, 2026
    risk 0.57cvss 8.8epss 0.00

    A weakness has been identified in UTT HiPER 1200GW up to 2.5.3-170306. Affected is an unknown function of the file /goform/formPptpClientConfig of the component Web Management Interface. This manipulation of the argument PPTP server address/username/password/tunnel name causes…

  • CVE-2026-9627HigMay 27, 2026
    risk 0.57cvss 8.8epss 0.01

    A security flaw has been discovered in UTT HiPER 1200GW up to 2.5.3-170306. This impacts the function strcpy of the file /goform/setSysAdm of the component Web Management Interface. The manipulation of the argument sysAdmUser/sysAdmPass results in buffer overflow. The attack can…

  • CVE-2026-9207HigMay 27, 2026
    risk 0.57cvss 8.8epss 0.00

    Tanium addressed an unauthorized code execution vulnerability in Connect.

  • CVE-2026-49017HigMay 27, 2026
    risk 0.46cvss epss 0.00

    In OpenStack Swift before 2.36.2 and 2.37.2, s3api middleware enters an infinite loop when processing a truncated aws-chunked PUT request body. The StreamingInput class repeatedly appends an empty buffer and re-reads, causing the proxy-server worker handling the request to…

  • CVE-2026-49014HigMay 27, 2026
    risk 0.48cvss 7.4epss 0.00

    In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer without validating the attribute length. The attacker embeds the exploit as an…

  • CVE-2026-44974higMay 27, 2026
    risk 0.39cvss epss 0.00

    ### Impact The two parsers resolved duplicates inconsistently and silently: - `Content.disposition()` retained the last occurrence of each parameter. - `Content.type()` retained the first occurrence of charset and boundary. Either behavior creates a parameter-smuggling…

  • CVE-2026-44741higMay 27, 2026
    risk 0.39cvss epss 0.00

    # GM-369 ## Summary SQL injection in Pimcore's translation grid date filter — the user-supplied `property` field from the filter JSON is interpolated directly into a `UNIX_TIMESTAMP(DATE(FROM_UNIXTIME(...)))` SQL expression without parameterization or allowlist validation. …

  • CVE-2026-44739higMay 27, 2026
    risk 0.39cvss epss 0.00

    ### Summary The columnConfigAction endpoint in the CustomReportsBundle is vulnerable to SQL injection. An attacker with the reports_config permission can supply a malicious SQL configuration that is concatenated into a query and executed. Although the application attempts to…

  • CVE-2026-9606HigMay 27, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in itsourcecode Courier Management System 1.0. Impacted is an unknown function of the file /manage_user.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the…

  • CVE-2026-9605HigMay 27, 2026
    risk 0.40cvss 7.3epss 0.00

    A flaw has been found in GNU libredwg up to 0.13.4.8160. This issue affects the function bit_read_RC of the file bits.c of the component Dwgbmp Utility. This manipulation causes heap-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been…

  • CVE-2026-9312HigMay 27, 2026
    risk 0.53cvss 8.2epss 0.07

    A server-side request forgery (SSRF) vulnerability was identified in GitHub Enterprise Server that allowed an unauthenticated attacker to send crafted requests to internal services by exploiting insufficient input validation in an upload endpoint. By injecting path traversal…

  • CVE-2026-44177higMay 26, 2026
    risk 0.38cvss epss 0.00

    ### TL;DR This vulnerability affects all Kirby sites on Kirby 5.3.0-5.4.0 and is independent from setup conditions and authentication. **This vulnerability is of high severity for all Kirby sites**. ---- ### Introduction Path traversal is a type of attack that allows to…

  • CVE-2026-44175higMay 26, 2026
    risk 0.38cvss epss 0.00

    ### TL;DR This vulnerability affects all Kirby sites that use the list field or list block, when content is authored by users who may not be fully trusted. The attack requires an authenticated Panel user with update permission to any list field or list block. **This…

  • CVE-2026-44174higMay 26, 2026
    risk 0.38cvss epss 0.00

    ### TL;DR This vulnerability affects all Kirby sites that might have potential attackers in the group of authenticated Panel users. **This vulnerability is of high severity for affected sites and has a high real-world impact.** ---- ### Introduction Arbitrary method call is…

  • CVE-2026-43947higMay 26, 2026
    risk 0.39cvss epss 0.01

    ### Summary An unauthenticated Remote Code Execution vulnerability exists in FUXA when `secureEnabled` is set to `true`. The `POST /api/runscript` endpoint checks authorization against the stored script's permission by ID, but when `test: true` is set in the request, it…