VYPR

CVEs

100,075 total · page 59 of 2,002

  • CVE-2026-37470HigMay 22, 2026
    risk 0.47cvss 7.3epss 0.00

    An issue in ClipBucket v5 v.5.5.2 allows an attacker to execute arbitrary code via the Authentication interface, login page endpoint and HTTP response security headers components

  • CVE-2026-36228HigMay 22, 2026
    risk 0.47cvss 7.3epss 0.00

    Buffer Overflow vulnerability in Easy Chat Server 3.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via the chat message functionality

  • CVE-2026-34207HigMay 22, 2026
    risk 0.42cvss 7.6epss 0.00

    TypeBot is a chatbot builder tool. In versions prior to 3.16.0, SSRF protection for Webhook / HTTP Request blocks validates only the URL string, blocked hostname literals, and literal IP formats. It does not resolve DNS before allowing the request. As a result, a hostname such…

  • CVE-2026-28445HigMay 22, 2026
    risk 0.50cvss 8.7epss 0.00

    Typebot is a chatbot builder tool. In versions 3.15.2 and prior, the RatingButton component in the embed package renders the user-controlled customIcon.svg field directly via Solid's innerHTML directive without any sanitization, even though DOMPurify is already a dependency and…

  • CVE-2026-9047HigMay 22, 2026
    risk 0.49cvss 7.6epss 0.00

    Improper handling of factor key state in the multi-factor authentication management feature in Devolutions Server allows an attacker with knowledge of a user's password to bypass the user's multi-factor authentication after the user reconfigures their factors. This issue…

  • CVE-2026-7325HigMay 22, 2026
    risk 0.46cvss 7.1epss 0.00

    Improper authorization in the Active Directory browsing feature in Devolutions Server allows a low-privileged authenticated user to obtain authentication material associated with a stored PAM provider service account via authentication relay to an attacker-controlled server. …

  • CVE-2026-9256HigMay 22, 2026
    risk 0.53cvss 8.1epss 0.04

    NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_rewrite_module module. This vulnerability exists when a rewrite directive uses a regex pattern with distinct, overlapping Perl-Compatible Regular Expression (PCRE) captures (for example, ^/((.*))$) and a…

  • CVE-2026-8992HigMay 22, 2026
    risk 0.57cvss 8.8epss 0.01

    An improper certificate validation vulnerability in Ivanti Secure Access Client before 22.8R6 allows a remote unauthenticated attacker to execute arbitrary code.

  • CVE-2025-45145HigMay 22, 2026
    risk 0.49cvss 7.5epss 0.01

    Directory traversal in Follett Software's Destiny Library Manager 22_0_2_rc1 and fixed in v.22.5 AU1 allows remote attackers to read arbitrary system and application files via the image parameter

  • CVE-2026-9277HigMay 22, 2026
    risk 0.46cvss 8.1epss 0.01

    shell-quote's `quote()` function did not validate object-token inputs against the operator model used by `parse()`. The `.op` field was backslash-escaped character by character using `/(.)/g`, which in JavaScript does not match line terminators (\n, \r, U+2028, U+2029). A line…

  • CVE-2026-8671HigMay 22, 2026
    risk 0.49cvss 7.5epss 0.00

    Insertion of sensitive information into log file vulnerability in syslink software AG Avantra on Linux, Windows allows Resource Leak Exposure. This issue affects Avantra: before 25.3.0.

  • CVE-2026-44417HigMay 22, 2026
    risk 0.49cvss 7.5epss 0.01

    The fix for CVE-2025-48913: Apache CXF: Untrusted JMS configuration can lead to RCE was not complete, meaning that another path in the code might lead to code execution capabilities, if untrusted users are allowed to configure JMS for Apache CXF. Users are recommended to…

  • CVE-2026-5740HigMay 22, 2026
    risk 0.42cvss 7.5epss 0.00

    Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.x <= 10.11.14 fail to properly validate msgpack-encoded WebSocket frames before memory allocation which allows an unauthenticated remote attacker to crash the server process and cause a full service…

  • CVE-2026-25606HigMay 22, 2026
    risk 0.57cvss epss 0.00

    A SQL injection vulnerability has been identified in STER. Improper neutralization of input provided by user into multiple Search Filters allows for SQL Injection attacks. It allows an authenticated attacker to view sensitive data such as data belonging to other users, or any…

  • CVE-2026-9011HigMay 22, 2026
    risk 0.49cvss 7.5epss 0.00

    The Ditty – Responsive News Tickers, Sliders, and Lists plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.1.65. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it…

  • CVE-2026-8679HigMay 22, 2026
    risk 0.44cvss 7.5epss 0.02

    The AudioIgniter plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 2.0.2. This is due to the handle_playlist_endpoint() function (hooked to template_redirect) accepting a user-controlled playlist ID via the…

  • CVE-2026-9018HigMay 22, 2026
    risk 0.57cvss 8.8epss 0.01

    The Easy Elements for Elementor – Addons & Website Templates plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.4.5 via the `easyel_handle_register()` function. This is due to the `wp_ajax_nopriv_eel_register` AJAX handler…

  • CVE-2026-4834HigMay 22, 2026
    risk 0.49cvss 7.5epss 0.00

    The WP ERP Pro plugin for WordPress is vulnerable to SQL Injection via the 'search_key' parameter in all versions up to, and including, 1.5.1. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This…

  • CVE-2026-46597HigMay 22, 2026
    risk 0.42cvss 7.5epss 0.00

    An incorrectly placed cast from bytes to int allowed for server-side panic in the AES-GCM packet decoder for well-crafted inputs.

  • CVE-2026-39829HigMay 22, 2026
    risk 0.42cvss 7.5epss 0.00

    The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with an excessively large modulus or DSA parameter could cause several minutes of CPU consumption during signature verification. This could be triggered by unauthenticated…

  • CVE-2026-34911HigMay 22, 2026
    risk 0.50cvss 7.7epss 0.01

    A malicious actor with access to the network and low privileges could exploit a Path Traversal vulnerability found in UniFi OS devices to access files on the underlying system that could be manipulated to obtain sensitive information.

  • CVE-2026-46701higMay 21, 2026
    risk 0.38cvss epss 0.00

    # Unauthenticated Cross-Origin MCP Tool Invocation via Empty Default Secret | Field | Value | | ---------------- | ----- | | Repository | Jovancoding/Network-AI | | Affected version | v5.4.4 (commit c12686e181f231cf8d7bcf836a96d78f0f0877ac) | ## Summary The…

  • CVE-2026-8434HigMay 21, 2026
    risk 0.50cvss 8.8epss 0.00

    Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file rescanMultiple(). The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 2.3 with vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:L/VA:N/SC:…

  • CVE-2026-8433HigMay 21, 2026
    risk 0.50cvss 8.8epss 0.00

    Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file rescan(). The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 2.3 with vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/S…

  • CVE-2026-8432HigMay 21, 2026
    risk 0.50cvss 8.8epss 0.00

    Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file star(). The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 2.3 with vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:…

  • CVE-2026-8427HigMay 21, 2026
    risk 0.50cvss 8.8epss 0.00

    Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file removeFavoriteFolder($id). The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 2.3 with vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:L…

  • CVE-2026-8416HigMay 21, 2026
    risk 0.50cvss 8.8epss 0.00

    Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file addFavoriteFolder($id). The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 2.3 with vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:L/VA…

  • CVE-2026-8415HigMay 21, 2026
    risk 0.50cvss 8.8epss 0.00

    Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/express/association/reorder. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 2.3 with vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:L/VA:…

  • CVE-2026-8414HigMay 21, 2026
    risk 0.50cvss 8.8epss 0.00

    Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/event/duplicate. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 2.3 with vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/…

  • CVE-2026-8413HigMay 21, 2026
    risk 0.50cvss 8.8epss 0.00

    Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/page/bulk/design. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 2.3 with vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N…

  • CVE-2026-8412HigMay 21, 2026
    risk 0.50cvss 8.8epss 0.00

    Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/page/bulk/cache. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 2.3 with vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N…

  • CVE-2026-8411HigMay 21, 2026
    risk 0.50cvss 8.8epss 0.00

    Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/page/bulk/delete. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 2.3 with vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N…

  • CVE-2026-8410HigMay 21, 2026
    risk 0.50cvss 8.8epss 0.00

    Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/logs/bulk/delete.  The The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 2.3 with vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:L/VA:N/SC:…

  • CVE-2026-8409HigMay 21, 2026
    risk 0.50cvss 8.8epss 0.00

    Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/logs/delete.  The The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 2.3 with vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:…

  • CVE-2026-46681higMay 21, 2026
    risk 0.38cvss epss 0.00

    ## Summary The _copyProps function in lib/src/object/copy.ts uses for...in to iterate over source object properties without an Object.hasOwnProperty check, and does not filter dangerous keys (__proto__, constructor, prototype). This allows an attacker to pollute the prototype…

  • CVE-2026-46680higMay 21, 2026
    risk 0.38cvss epss 0.00

    ### Impact A bug was found in containerd where containers launched with a numeric `User` directive that cannot be parsed as a 32-bit integer are incorrectly treated as a username. If a crafted image provides an `/etc/passwd` file mapping this large numeric string to root, the…

  • CVE-2026-8428HigMay 21, 2026
    risk 0.50cvss 8.8epss 0.00

    Concrete CMS 9.5.0 and below emits a CSRF token in the local_available_update.php view ($token->output('do_update')) but the corresponding do_update() method in concrete/controllers/single_page/dashboard/system/update/update.php never calls $this->token->validate('do_update').…

  • CVE-2026-8426HigMay 21, 2026
    risk 0.50cvss 8.8epss 0.00

    Concrete CMS 9.5.0 and below does not validate a CSRF token before processing requests to /dashboard/extend/update/prepare_remote_upgrade/. An attacker who controls the remote package returned for a known marketplace item ID can overwrite the package PHP on disk and…

  • CVE-2026-8421HigMay 21, 2026
    risk 0.50cvss 8.8epss 0.00

    Concrete CMS 9.5.0 and below contains a CSRF vulnerability in the install_package() method of concrete/controllers/single_page/dashboard/extend/install.php.  An attacker who can cause an authenticated administrator to visit a crafted page,  and who has placed or caused a…

  • CVE-2026-8417HigMay 21, 2026
    risk 0.50cvss 8.8epss 0.00

    Concrete CMS 9.5.0 and below does not validate a CSRF token before processing requests to /dashboard/extend/update/do_update/. The do_update() method in concrete/controllers/single_page/dashboard/extend/update.php checks only canInstallPackages() before executing…

  • CVE-2026-8350HigMay 21, 2026
    risk 0.50cvss 8.8epss 0.00

    Concrete CMS 9.5.0 and below is vulnerable to missing authorization in the bulk_user_assignment.php which can lead to privilege escalation to Administrative Group. Any authenticated user with access to the bulk user assignment dashboard page can add any user email to any group…

  • CVE-2026-8135HigMay 21, 2026
    risk 0.40cvss 7.2epss 0.00

    Concrete CMS 9.5.0 and below is vulnerable to Remote Code Execution due to insecure deserialization occurring in the ExpressEntryList block controller. An rogue administrator with privileges to add blocks to an area can bypass the intended protection mechanism (_fromCIF ===…

  • CVE-2026-8134HigMay 21, 2026
    risk 0.40cvss 7.2epss 0.01

    Concrete CMS 9.5.0 and below fails to sanitize path traversal sequences in the ptComposerFormLayoutSetControlCustomTemplate field when saving page type composer form layouts. An authenticated rogue administrator with composer form editing rights can exploit this to include…

  • CVE-2026-47102HigMay 21, 2026
    risk 0.50cvss 8.8epss 0.01

    LiteLLM prior to 1.83.10 allows a user to modify their own user_role via the /user/update endpoint. While the endpoint correctly restricts users to updating only their own account, it does not restrict which fields may be changed. A user who can reach this endpoint can set their…

  • CVE-2026-47101HigMay 21, 2026
    risk 0.50cvss 8.8epss 0.01

    LiteLLM prior to 1.83.14 allows an authenticated internal_user to create API keys with access to routes that their role does not permit. When generating a key, the allowed_routes field is stored without verifying that the specified routes fall within the user's own permissions.…

  • CVE-2026-47114HigMay 21, 2026
    risk 0.50cvss 8.8epss 0.01

    IINA before 1.4.3 contains a user-assisted command execution vulnerability that allows remote attackers to execute arbitrary commands by supplying malicious mpv_-prefixed query parameters through the iina://open custom URL scheme handler. Attackers can deliver a crafted URL via…

  • CVE-2026-46473HigMay 21, 2026
    risk 0.42cvss 7.5epss 0.00

    Authen::TOTP versions before 0.1.1 for Perl generate secrets using rand. Secrets were generated using Perl's built-in rand function, which is predictable and unsuitable for security usage.

  • CVE-2026-48242HigMay 21, 2026
    risk 0.46cvss 8.1epss 0.00

    Open ISES Tickets before 3.44.2 contains hardcoded MySQL database connection credentials (host, username, password, database name) in import_mdb.php. The credentials are embedded in source code committed to the public repository, allowing any reader of the source to obtain valid…

  • CVE-2026-48241HigMay 21, 2026
    risk 0.46cvss 8.1epss 0.00

    Open ISES Tickets before 3.44.2 contains hardcoded MySQL database credentials in loader.php (a public-facing database utility) that are committed to the source repository. Any actor with access to the public source tree (or an unauthenticated attacker with read access to the…

  • CVE-2026-48240HigMay 21, 2026
    risk 0.39cvss 7.1epss 0.00

    Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/statistics.php where the tick_id and f_tick_id POST parameters are concatenated into WHERE clauses of SELECT statements in the statistics rollup queries without sanitization. Authenticated attackers…