VYPR

CVEs

100,082 total · page 70 of 2,002

  • CVE-2026-24712HigMay 14, 2026
    risk 0.47cvss 7.3epss 0.01

    Northern.tech CFEngine Enterprise and Community before 3.21.8, 3.24.3, and 3.27.0 allows Command injection.

  • CVE-2025-62628HigMay 14, 2026
    risk 0.46cvss epss 0.00

    Unsafe OpenSSL initialization within some AMD optional tools may allow a local user-privileged attacker to inject a malicious DLL, potentially resulting in arbitrary code execution.

  • CVE-2026-6637HigMay 14, 2026
    risk 0.57cvss 8.8epss 0.00

    Stack buffer overflow in PostgreSQL module "refint" allows an unprivileged database user to execute arbitrary code as the operating system user running the database. A distinct attack is possible if the application declares a user-controlled column as a "refint" cascade primary…

  • CVE-2026-6479HigMay 14, 2026
    risk 0.42cvss 7.5epss 0.00

    Uncontrolled recursion in PostgreSQL SSL and GSS negotiation allows an attacker able to connect to a PostgreSQL AF_UNIX socket to achieve sustained denial of service. If SSL and GSS are both disabled, an attacker can do the same via access to a PostgreSQL TCP socket. Versions…

  • CVE-2026-6477HigMay 14, 2026
    risk 0.57cvss 8.8epss 0.00

    Use of inherently dangerous function PQfn(..., result_is_int=0, ...) in PostgreSQL libpq lo_export(), lo_read(), lo_lseek64(), and lo_tell64() functions allows the server superuser to overwrite a client stack buffer with an arbitrarily-large response. Like gets(), PQfn(...,…

  • CVE-2026-6476HigMay 14, 2026
    risk 0.40cvss 7.2epss 0.00

    SQL injection in PostgreSQL pg_createsubscriber allows an attacker with pg_create_subscription rights to execute arbitrary SQL as a superuser. The attack takes effect when pg_createsubscriber next runs. Within major versions 17 and 18, minor versions before PostgreSQL 18.4 and…

  • CVE-2026-6475HigMay 14, 2026
    risk 0.50cvss 8.8epss 0.00

    Symlink following in PostgreSQL pg_basebackup plain format and in pg_rewind allows an origin superuser to overwrite local files, e.g. /var/lib/postgres/.bashrc, that hijack the operating system account. It will remain the case that starting the server after these commands…

  • CVE-2026-6473HigMay 14, 2026
    risk 0.57cvss 8.8epss 0.01

    Integer wraparound in multiple PostgreSQL server features allows an unprivileged database user to cause the server to undersize an allocation and write out-of-bounds. This may execute arbitrary code as the operating system user running the database. In applications that pass…

  • CVE-2025-15025HigMay 14, 2026
    risk 0.57cvss 8.8epss 0.00

    Authorization bypass through User-Controlled key vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. Library Automation System allows Exploitation of Trusted Identifiers. This issue affects Library Automation…

  • CVE-2026-5798HigMay 14, 2026
    risk 0.46cvss epss 0.00

    Unsafe object reference (IDOR) in Stel Order v3.25.1 and earlier versions, specifically in the ‘/app/FrontController’ endpoint, through manipulation of the ‘employeeID’ parameter. An authenticated attacker could exploit this vulnerability to access information about any…

  • CVE-2026-4031HigMay 14, 2026
    risk 0.42cvss 7.5epss 0.00

    The Database Backup for WordPress plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.5.2. This is due to the plugin not restricting access to the wp_db_temp_dir parameter, which controls where database backups are written. This…

  • CVE-2026-4030HigMay 14, 2026
    risk 0.46cvss 8.1epss 0.00

    The Database Backup for WordPress plugin for WordPress is vulnerable to unauthorized arbitrary file read and deletion in all versions up to, and including, 2.5.2. This is due to the plugin not properly enforcing the return value of its authorization check combined with a…

  • CVE-2026-4029HigMay 14, 2026
    risk 0.42cvss 7.5epss 0.00

    The Database Backup for WordPress plugin for WordPress is vulnerable to unauthorized database export in all versions up to, and including, 2.5.2. This is due to the plugin not properly enforcing the return value of its authorization check. This makes it possible for…

  • CVE-2025-12008HigMay 14, 2026
    risk 0.57cvss 8.8epss 0.00

    Authorization bypass through User-Controlled key vulnerability in APPYAP Technology and Information Inc. Yaay Social Media App allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Yaay Social Media App: from 3.8.0 through 24102025.

  • CVE-2026-8468HigMay 14, 2026
    risk 0.46cvss epss 0.01

    Allocation of Resources Without Limits or Throttling vulnerability in plug_project plug allows denial of service via unbounded buffer accumulation in multipart header parsing. 'Elixir.Plug.Conn':read_part_headers/2 in lib/plug/conn.ex does not obey its :length parameter. There…

  • CVE-2025-68421HigMay 14, 2026
    risk 0.57cvss epss 0.00

    Comarch ERP Optima client makes use of a hard-coded password for a database user. These credentials cannot be changed. It is possible for a remote attacker to gain an access to the database with elevated privileges including executing system commands on a server. This issue has…

  • CVE-2025-68420HigMay 14, 2026
    risk 0.49cvss epss 0.00

    Comarch ERP Optima client connects to a database using a high privileged account regardless of an application account to which a user logs in. It is possible for a local attacker who controls the client process to dump it's memory, extract credentials and use them to gain a…

  • CVE-2026-6514HigMay 14, 2026
    risk 0.49cvss 7.5epss 0.00

    The InfusedWoo Pro plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 5.1.2 via the popup_submit. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application…

  • CVE-2026-6506HigMay 14, 2026
    risk 0.57cvss 8.8epss 0.00

    The InfusedWoo Pro plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 5.1.2. This is due to the infusedwoo_gdpr_upddata() function missing authorization and capability checks, as well as lacking restrictions on which user meta keys…

  • CVE-2026-5395HigMay 14, 2026
    risk 0.46cvss 8.2epss 0.00

    The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 6.2.0 via the exportEntries function due to missing validation on a user…

  • CVE-2026-3892HigMay 14, 2026
    risk 0.46cvss 8.1epss 0.00

    The Motors – Car Dealership & Classified Listings Plugin plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 1.4.107. This is due to insufficient file path validation in the become-dealer logo upload flow. The plugin allows any…

  • CVE-2026-3718HigMay 14, 2026
    risk 0.40cvss 7.2epss 0.00

    The ManageWP Worker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'MWP-Key-Name' HTTP request header in all versions up to, and including, 4.9.31. This is due to insufficient input sanitization and output escaping of attacker-controlled header values.…

  • CVE-2026-7481HigMay 14, 2026
    risk 0.57cvss 8.7epss 0.00

    GitLab has remediated an issue in GitLab EE affecting all versions from 16.4 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with developer-role permissions to execute arbitrary JavaScript in other users' browsers due…

  • CVE-2026-7377HigMay 14, 2026
    risk 0.57cvss 8.7epss 0.00

    GitLab has remediated an issue in GitLab EE affecting all versions from 18.7 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that, in customizable analytics dashboards, could have allowed an authenticated user to execute arbitrary JavaScript in the context of other…

  • CVE-2026-6073HigMay 14, 2026
    risk 0.57cvss 8.7epss 0.00

    GitLab has remediated an issue in GitLab EE affecting all versions from 18.7 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user to execute arbitrary JavaScript in other users' browsers due to improper input sanitization.

  • CVE-2026-5396HigMay 14, 2026
    risk 0.53cvss 8.2epss 0.00

    The Fluent Forms plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in all versions up to, and including, 6.1.21. This is due to the SubmissionPolicy class authorizing submission-level actions (read, modify, delete, add notes) based on a…

  • CVE-2026-1659HigMay 14, 2026
    risk 0.49cvss 7.5epss 0.00

    GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.0 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an unauthenticated user to cause denial of service by sending specially crafted requests due to insufficient input…

  • CVE-2025-14870HigMay 14, 2026
    risk 0.49cvss 7.5epss 0.00

    GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.5 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an unauthenticated user to cause denial of service by sending specially crafted JSON payloads due to insufficient…

  • CVE-2025-14869HigMay 14, 2026
    risk 0.49cvss 7.5epss 0.00

    GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.5 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an unauthenticated user to cause denial of service by sending specially crafted payloads on certain API endpoints.

  • CVE-2026-46446HigMay 14, 2026
    risk 0.39cvss 7.1epss 0.00

    SOGo before 5.12.7, when PostgreSQL or MariaDB is used, and cleartext passwords are stored, allows SQL injection. This is related to c_password = '%@' in changePasswordForLogin.

  • CVE-2026-46445HigMay 14, 2026
    risk 0.39cvss 7.1epss 0.00

    SOGo before 5.12.7, when PostgreSQL is used, allows SQL injection.

  • CVE-2026-46419HigMay 14, 2026
    risk 0.42cvss 7.5epss 0.00

    Yubico webauthn-server-core (aka java-webauthn-server) 2.8.0 before 2.8.2 incorrectly checks a function's return value in the second factor flow, leading to impersonation.

  • CVE-2026-32991HigMay 13, 2026
    risk 0.46cvss 7.1epss 0.00

    Improper authorization checks of team members privileges allow a team member to escalate privileges to the team owner account.

  • CVE-2026-29206HigMay 13, 2026
    risk 0.53cvss 8.1epss 0.00

    Insufficient sanitization of SQL queries in the `sqloptimizer` utility script allows SQL Injections on behalf of the root user if Slow Query logging is enabled.

  • CVE-2026-44478HigMay 13, 2026
    risk 0.42cvss 7.5epss 0.00

    hoppscotch is an open source API development ecosystem. The fix for CVE-2026-28215 in version 2026.2.0 addresses the unauthenticated POST /v1/onboarding/config endpoint by checking onboardingCompleted and canReRunOnboarding before allowing config overwrites. However, GET…

  • CVE-2026-44471HigMay 13, 2026
    risk 0.51cvss 7.8epss 0.00

    gitoxide is an implementation of git written in Rust. Prior to 0.21.1, a malicious tree can be constructed that will, when checked out with gitoxide, permit writing an attacker-controlled symlink into any existing directory the user has write access to. During checkout, all…

  • CVE-2026-44447HigMay 13, 2026
    risk 0.50cvss 8.8epss 0.00

    ERPNext is a free and open source Enterprise Resource Planning tool. Prior to 16.9.0, some endpoints were vulnerable to SQL injection through specially crafted requests, which would allow a malicious actor to extract sensitive information. This vulnerability is fixed in 16.9.0.

  • CVE-2026-44446HigMay 13, 2026
    risk 0.50cvss 8.8epss 0.00

    ERPNext is a free and open source Enterprise Resource Planning tool. Prior to 15.104.3 and 16.14.0, some endpoints were vulnerable to SQL injection through specially crafted requests, which would allow a malicious actor to extract sensitive information. This vulnerability is…

  • CVE-2026-44439HigMay 13, 2026
    risk 0.42cvss 7.5epss 0.00

    PlaywrightCapture is a simple replacement for splash using playwright. Prior to 1.39.6, PlaywrightCapture did not sufficiently restrict navigations and resource requests initiated by rendered pages. An attacker-controlled page could abuse browser-side redirection mechanisms,…

  • CVE-2026-44369HigMay 13, 2026
    risk 0.48cvss epss 0.00

    CVAT is an open source interactive video and image annotation tool for computer vision. From 2.5.0 to 2.63.0, an attacker who is able to create or edit an annotation guide on a task is able to add malicious JavaScript code, which will then run in the browser of anyone who opens…

  • CVE-2026-42463HigMay 13, 2026
    risk 0.53cvss 8.1epss 0.00

    SQLBot is an intelligent Text-to-SQL system based on large language models and RAG. Prior to 1.8.0, SQLBot contains a Cross-Workspace IDOR (Insecure Direct Object Reference) and Authorization Bypass vulnerability in the /api/v1/datasource/exportDsSchema and…

  • CVE-2026-32993HigMay 13, 2026
    risk 0.54cvss 8.3epss 0.00

    Improper sanitization of the `status` query parameter of the `/unprotected/nova_error` endpoint allows unauthenticated attacker to inject arbitrary HTTP header to the response.

  • CVE-2026-32992HigMay 13, 2026
    risk 0.53cvss 8.2epss 0.00

    SSL verification is disabled in the DNS Cluster system. This could allow for a malicious server to man-in-the-middle the request and capture credentials.

  • CVE-2026-29205HigMay 13, 2026
    risk 0.56cvss 8.6epss 0.07

    Incorrect privileges management and insufficient path filtering allow to read arbitrary file on the server via the cpdavd attachment download endpoints.

  • CVE-2026-45708HigMay 13, 2026
    risk 0.40cvss 7.2epss 0.00

    CubeCart is an ecommerce software solution. Prior to 6.7.3, an admin with documents edit permission can save raw <?php … ?> into the Invoice Editor. The next time any admin clicks Print on any order, the rendered template is written to files/print..php. files/.htaccess…

  • CVE-2026-45229HigMay 13, 2026
    risk 0.50cvss 8.8epss 0.00

    Quark Drive before 0.8.5 contains a mass assignment vulnerability in the POST /update endpoint that allows authenticated attackers to overwrite administrator credentials by posting an arbitrary webui object to the config_data dictionary. Attackers can exploit insufficient…

  • CVE-2026-45055HigMay 13, 2026
    risk 0.46cvss 8.1epss 0.00

    CubeCart is an ecommerce software solution. Prior to 6.7.2, CubeCart 6.6.x – 6.7.1 builds CC_STORE_URL directly from the Host request header at bootstrap, with no allowlist. The constant is embedded verbatim into transactional email links, most critically the password-reset…

  • CVE-2026-44418HigMay 13, 2026
    risk 0.50cvss epss 0.00

    EcclesiaCRM is CRM Software for church management. In 8.0.0 and earlier, the ValidateInput() function's default case in EcclesiaCRM's query view passes user-supplied POST parameters directly into SQL queries via str_replace without any sanitization, enabling SQL injection…

  • CVE-2026-44380HigMay 13, 2026
    risk 0.40cvss 7.2epss 0.00

    MISP is an open source threat intelligence and sharing platform. Prior to 2.5.37, an improper access control vulnerability in the authentication key reset functionality allowed an authenticated organization administrator to reset authentication keys belonging to site…

  • CVE-2026-42602HigMay 13, 2026
    risk 0.46cvss 8.1epss 0.00

    azureauthextension is the Azure Authenticator Extension. From 0.124.0 to 0.150.0, a server-side authentication bypass in azureauthextension allows any party who holds a single valid Azure access token for any scope the collector's configured identity can mint for to authenticate…