VYPR

CVEs

100,075 total · page 54 of 2,002

  • CVE-2026-43946higMay 26, 2026
    risk 0.39cvss epss 0.00

    ### Summary An authorization bypass in the /api/getTagValue endpoint allows unauthenticated access to tag values when the referenced script does not exist. ### Details The issue is caused by the combination of these code paths: - `server/api/apikeys/verify-api-or-token.j…

  • CVE-2026-43945higMay 26, 2026
    risk 0.38cvss epss 0.01

    **Pre-auth** RCE in FUXA via Logic Bypass Summary A Critical vulnerability chain exists in FUXA (v.1.3.0-2706) that allows an unauthenticated remote attacker to achieve Full Remote Code Execution (RCE) as root. The exploit succeeds even when the platform is configured in its…

  • CVE-2026-9584HigMay 26, 2026
    risk 0.47cvss 7.3epss 0.00

    A security vulnerability has been detected in code-projects Project Management System 1.0. Affected is an unknown function of the file chk.php of the component Login. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been…

  • CVE-2026-5260HigMay 26, 2026
    risk 0.53cvss 8.2epss 0.01

    A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS#11 token, could trigger a short heap overread. This memory corruption vulnerability could lead to information…

  • CVE-2026-45574HigMay 26, 2026
    risk 0.46cvss 8.1epss 0.00

    epa4all-client is the Java Client for epa4all / ePA 3.0 in the Telematik Infrastruktur. Prior to 1.2.2, an attacker on the network path between the ePA service and the Konnektor can present any TLS certificate (self-signed, expired, wrong CN) and intercept all SOAP traffic. This…

  • CVE-2026-45298HigMay 26, 2026
    risk 0.56cvss 8.6epss 0.01

    Dozzle is a realtime log viewer for docker containers. Prior to 10.5.2, in a default dozzle deploy (the documented quickstart, no DOZZLE_AUTH_PROVIDER set), POST /api/notifications/test-webhook is reachable without authentication and forwards an attacker-controlled URL into a…

  • CVE-2026-44983HigMay 26, 2026
    risk 0.40cvss 7.3epss 0.00

    smallbitvec is a growable bit-vector for Rust, optimized for size. From 1.0.1 to 2.6.0, an integer overflow in the internal capacity calculation of smallbitvec can lead to an undersized heap allocation, resulting in a heap buffer overflow through safe APIs only. This allows…

  • CVE-2026-44966HigMay 26, 2026
    risk 0.47cvss 8.3epss 0.01

    Velocity.js is a JavaScript implementation of the Apache Velocity template engine. In 2.1.5 and earlier, a prototype pollution vulnerability was discovered in velocityjs. This issue occurs during the processing of #set directives in Velocity templates. If an application renders…

  • CVE-2026-44905HigMay 26, 2026
    risk 0.42cvss 7.5epss 0.00

    Vanetza is an open-source implementation of the ETSI C-ITS protocol suite. In 26.02 and earlier, a denial-of-service vulnerability was identified in the cryptographic verification pipeline of Vanetza. When processing incoming V2X messages, the ASN.1 decoder accepts the structure…

  • CVE-2026-44900HigMay 26, 2026
    risk 0.46cvss 8.1epss 0.00

    epa4all-client is the Java Client for epa4all / ePA 3.0 in the Telematik Infrastruktur. Prior to 1.2.1, in SignedPublicKeysTrustValidatorImpl.isTrusted(), the ECDSA signature verification at line 45 discards the boolean return value of Signature.verify(). The method performs…

  • CVE-2026-43988HigMay 26, 2026
    risk 0.42cvss 7.5epss 0.00

    Vanetza is an open-source implementation of the ETSI C-ITS protocol suite. In 26.02 and earlier, a denial-of-service vulnerability was identified in the ASN.1/OER parsing pipeline of Vanetza. When processing malformed network packets containing corrupted ASN.1/OER structures…

  • CVE-2026-42013HigMay 26, 2026
    risk 0.46cvss 8.2epss 0.00

    A flaw was found in gnutls. When validating certificates, an oversized Subject Alternative Name (SAN) could cause the validation process to incorrectly fall back to checking the Common Name (CN) field. This could allow a remote attacker to bypass proper certificate validation,…

  • CVE-2026-42012HigMay 26, 2026
    risk 0.39cvss 7.1epss 0.00

    A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted certificate that contains Uniform Resource Identifier (URI) or Service (SRV) Subject Alternative Names (SANs). This could cause the certificate validation process to…

  • CVE-2025-46284HigMay 26, 2026
    risk 0.46cvss 7.0epss 0.00

    A race condition was addressed with additional validation. This issue is fixed in macOS Sequoia 15.7, macOS Tahoe 26. An app may be able to gain root privileges.

  • CVE-2025-43306HigMay 26, 2026
    risk 0.51cvss 7.8epss 0.00

    A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. A malicious app may be able to gain root privileges.

  • CVE-2026-9580HigMay 26, 2026
    risk 0.40cvss 7.3epss 0.00

    A vulnerability was determined in JeecgBoot up to 3.9.1. The affected element is the function LoginController.selectDepart of the file /sys/selectDepart. This manipulation causes improper access controls. Remote exploitation of the attack is possible. The exploit has been…

  • CVE-2026-8676HigMay 26, 2026
    risk 0.57cvss 8.8epss 0.00

    An attacker is able to downgrade the security of a Bluetooth LE connection by deleting an existing bond, spoofing the bonded device and creating a new bond.

  • CVE-2026-45575HigMay 26, 2026
    risk 0.41cvss 7.4epss 0.00

    epa4all-client is the Java Client for epa4all / ePA 3.0 in the Telematik Infrastruktur. Prior to 1.2.2, an attacker who can MITM the TLS connection between the client and the IDP (within the TI network) can substitute a forged discovery document. The forged document redirects…

  • CVE-2026-44847HigMay 26, 2026
    risk 0.42cvss 7.5epss 0.00

    MaxKB is an open-source AI assistant for enterprise. Prior to 2.9.0, MaxKB's webhook trigger endpoint (/api/trigger/v1/webhook/{trigger_id}) is accessible without authentication. The WebhookAuth class unconditionally returns (None, {}), which Django REST Framework interprets as…

  • CVE-2026-44843HigMay 26, 2026
    risk 0.53cvss 8.2epss 0.00

    LangChain is a framework for building agents and LLM-powered applications. Prior to 0.3.85 and 1.3.3, LangChain contains older runtime code paths that deserialize run inputs, run outputs, or other application-controlled payloads using overly broad object allowlists. These paths…

  • CVE-2026-44209HigMay 26, 2026
    risk 0.42cvss 7.5epss 0.01

    Banks generates meaningful LLM prompts using a template language that makes sense. Prior to 2.4.2, banks uses jinja2.Environment() (unsandboxed) to render prompt templates. Applications that pass user-supplied strings as the template argument to Prompt() are vulnerable to…

  • CVE-2025-14361HigMay 26, 2026
    risk 0.46cvss 7.1epss 0.00

    Missing Authorization vulnerability in AA-Team Woocommerce Envato Affiliates allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Woocommerce Envato Affiliates: from n/a through 1.2.1.

  • CVE-2026-48048higMay 26, 2026
    risk 0.39cvss epss 0.00

    ### Impact XWiki discovered that the patch for GHSA-5cf8-vrr8-8hjm was insufficient and with slightly modified parameters to the `LiveTableResults`, it is still possible to discover password hashes one bit at a time, so with 768 requests, the full password salt and hash can be…

  • CVE-2026-9575HigMay 26, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in itsourcecode Student Transcript Processing System 1.0. This issue affects some unknown processing of the file /admin/modules/class/index.php?view=view. The manipulation of the argument ID leads to sql injection. The attack may be initiated…

  • CVE-2026-9574HigMay 26, 2026
    risk 0.47cvss 7.3epss 0.00

    A flaw has been found in itsourcecode Student Transcript Processing System 1.0. This vulnerability affects unknown code of the file /admin/modules/student/trans.php. Executing a manipulation of the argument studentId/cid can lead to sql injection. The attack can be launched…

  • CVE-2026-9573HigMay 26, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was detected in itsourcecode Student Transcript Processing System 1.0. This affects an unknown part of the file /admin/modules/student/index.php?view=view. Performing a manipulation of the argument studentId results in sql injection. The attack can be initiated…

  • CVE-2026-44832HigMay 26, 2026
    risk 0.50cvss 8.8epss 0.00

    Snipe-IT is an IT asset/license management system. Prior to 8.4.1, aAn authenticated user with only users.edit permission can escalate their own privileges to admin by sending a PATCH request to /api/v1/users/{id} with permissions[admin]=1. The API controller only strips the…

  • CVE-2026-8890HigMay 26, 2026
    risk 0.46cvss 8.2epss 0.00

    code100x contains an authentication bypass vulnerability in the Mobile API that allows unauthenticated attackers to impersonate arbitrary users by supplying a crafted JSON payload in the 'g' HTTP header. The middleware in middleware.ts skips identity header generation when an…

  • CVE-2026-4051HigMay 26, 2026
    risk 0.47cvss 7.2epss 0.00

    IBM Engineering Lifecycle Management 7.0.3, 7.1.0, and 7.2.0 could allow an attacker with administrative privileges to execute remote code due to exposed method that is not properly restricted.

  • CVE-2026-3603HigMay 26, 2026
    risk 0.46cvss 7.1epss 0.00

    IBM Engineering Lifecycle Management 7.0.3 Interim Fix 001 through  Interim Fix 021, 7.1.0  Interim Fix 001 through  Interim Fix 009, and 7.2.0 and 7.2.0 Interim Fix 001 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. An authenticated…

  • CVE-2026-9560HigMay 26, 2026
    risk 0.51cvss 7.8epss 0.01

    Privilege escalation via background service of OpenVPN Connect 3.5.1 through 3.8.1 on macOS allows attackers to execute arbitrary commands with elevated privileges via local IPC channel

  • CVE-2026-8856HigMay 26, 2026
    risk 0.50cvss 7.7epss 0.00

    IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service in configurations where an attacker has write access to parts of the server configuration.

  • CVE-2026-8855HigMay 26, 2026
    risk 0.53cvss 8.1epss 0.00

    IBM HTTP Server 8.5, and 9.0 is vulnerable to remote code execution and denial of service in configurations with TLS mutual authentication (client authentication).

  • CVE-2026-8854HigMay 26, 2026
    risk 0.49cvss 7.5epss 0.00

    IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module mod_mem_cache.

  • CVE-2026-8835HigMay 26, 2026
    risk 0.47cvss 7.3epss 0.00

    IBM HTTP Server 8.5, and 9.0 is vulnerable to invalid pointer dereference. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to expose sensitive information or cause a denial of service.

  • CVE-2026-8834HigMay 26, 2026
    risk 0.52cvss 8.0epss 0.00

    IBM HTTP Server 8.5, and 9.0 contains a buffer overflow vulnerability. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to execute remote code or cause a denial of service.

  • CVE-2026-8620HigMay 26, 2026
    risk 0.49cvss 7.5epss 0.00

    IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5, 9.0 IBM WebSphere Application Server and WebSphere Application Server Liberty are vulnerable to HTTP request smuggling in the Web Server Plug-ins through a specially crafted request.

  • CVE-2026-7454HigMay 26, 2026
    risk 0.51cvss 7.8epss 0.00

    A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.

  • CVE-2026-7452HigMay 26, 2026
    risk 0.51cvss 7.8epss 0.00

    A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.

  • CVE-2026-7451HigMay 26, 2026
    risk 0.51cvss 7.8epss 0.00

    A maliciously crafted TIF file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

  • CVE-2026-48695HigMay 26, 2026
    risk 0.53cvss 8.1epss 0.01

    FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the MikroTik router integration plugin. The _log() function in src/mikrotik_plugin/fastnetmon_mikrotik.php (lines 107-108) constructs shell commands by concatenating the $msg parameter…

  • CVE-2026-48694HigMay 26, 2026
    risk 0.53cvss 8.1epss 0.00

    FastNetMon Community Edition through 1.2.9 contains a configuration injection vulnerability in the Juniper router integration plugin. In src/juniper_plugin/fastnetmon_juniper.php, the $IP_ATTACK variable (received from argv[1]) is directly interpolated into Juniper NETCONF…

  • CVE-2026-44730HigMay 26, 2026
    risk 0.40cvss 7.2epss 0.00

    OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to 6.9.7, an organization admin can escalate their privileges by adding a user from a different organization with higher privileges, to their own organization. This is due…

  • CVE-2026-44728HigMay 26, 2026
    risk 0.46cvss 8.2epss 0.00

    Babel is a compiler for writing next generation JavaScript. From 7.12.0 to before 7.29.4 and 8.0.0-alpha.13, using Babel to compile code that was specifically crafted by an attacker can cause Babel to generate output code that executes arbitrary code. This vulnerability is fixed…

  • CVE-2026-44706HigMay 26, 2026
    risk 0.48cvss 8.5epss 0.00

    Chatwoot is a customer engagement suite. From 2.2.0 to before 4.11.2, a SQL injection vulnerability exists in the conversation and contact filter APIs. When filtering by a custom attribute of type date or number using the is_greater_than or is_less_than operators, user-supplied…

  • CVE-2026-44669HigMay 26, 2026
    risk 0.50cvss 8.7epss 0.00

    FACTION is a PenTesting Report Generation and Collaboration Framework. Prior to 1.8.3, Faction is vulnerable to stored cross-site scripting (XSS) via attachment filenames in assessment file preview flows. User-supplied filename values are persisted and later rendered into…

  • CVE-2026-44667HigMay 26, 2026
    risk 0.50cvss 8.7epss 0.00

    FACTION is a PenTesting Report Generation and Collaboration Framework. Prior to 1.8.3, Faction is vulnerable to stored cross-site scripting (XSS) via attachment filenames in remediation verification file preview flows. User-supplied filename values are persisted and then…

  • CVE-2026-24200HigMay 26, 2026
    risk 0.46cvss 7.0epss 0.00

    NVIDIA vGPU software contains a vulnerability in the virtual GPU manager, where an attacker could cause a use-after-free for stack memory. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data…

  • CVE-2026-24196HigMay 26, 2026
    risk 0.46cvss 7.1epss 0.00

    NVIDIA Display Driver for Linux contains a vulnerability where a user could cause an out-of-bounds read. A successful exploit of this vulnerability might lead to denial of service and information disclosure.

  • CVE-2026-24195HigMay 26, 2026
    risk 0.46cvss 7.1epss 0.00

    NVIDIA Display Driver for Linux contains a vulnerability in UVM, where a user could cause improper input validation. A successful exploit of this vulnerability might lead to denial of service.