VYPR

CVEs

100,082 total · page 87 of 2,002

  • CVE-2025-14341HigMay 7, 2026
    risk 0.54cvss 8.3epss 0.00

    Improperly controlled modification of Dynamically-Determined object attributes, Allocation of resources without limits or throttling vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Excessive Allocation, Flooding. This issue affects DivvyDrive: from…

  • CVE-2026-8093HigMay 7, 2026
    risk 0.53cvss 8.1epss 0.00

    Memory safety bugs present in Firefox 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150.0.2 and Thunderbird 150.0.2.

  • CVE-2026-8092HigMay 7, 2026
    risk 0.53cvss 8.1epss 0.00

    Memory safety bugs present in Firefox ESR 115.35.1, Firefox ESR 140.10.1 and Firefox 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was…

  • CVE-2026-8090HigMay 7, 2026
    risk 0.47cvss 7.3epss 0.00

    Use-after-free in the DOM: Networking component. This vulnerability was fixed in Firefox 150.0.2, Firefox ESR 140.10.2, Firefox ESR 115.35.2, Thunderbird 150.0.2, and Thunderbird 140.10.2.

  • CVE-2026-6002HigMay 7, 2026
    risk 0.57cvss 8.8epss 0.00

    Improper neutralization of Script-Related HTML tags in a web page (basic XSS) vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Cross-Site Scripting (XSS). This issue affects DivvyDrive: from 4.8.2.9 before 4.8.3.2.

  • CVE-2026-5784HigMay 7, 2026
    risk 0.57cvss 8.8epss 0.00

    Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Stored XSS. This issue affects DivvyDrive: from 4.8.2.9 before 4.8.3.2.

  • CVE-2026-42285HigMay 7, 2026
    risk 0.42cvss 7.5epss 0.00

    GoBGP is an open source Border Gateway Protocol (BGP) implementation in the Go Programming Language. In version 4.4.0, an unauthenticated remote BGP peer can trigger a fatal panic in GoBGP by sending a specially crafted BGP UPDATE message. When the server receives a message with…

  • CVE-2026-42010HigMay 7, 2026
    risk 0.39cvss 7.1epss 0.01

    A flaw was found in gnutls. Servers configured with RSA-PSK (Rivest–Shamir–Adleman – Pre-Shared Key) wrongfully matched usernames containing a NUL character with truncated usernames. A remote attacker could exploit this by sending a specially crafted username, leading to…

  • CVE-2026-41644HigMay 7, 2026
    risk 0.39cvss 7.1epss 0.00

    monetr is a budgeting application for recurring expenses. Prior to version 1.12.5, a server-side request forgery (SSRF) vulnerability in monetr's Lunch Flow integration allowed any authenticated user on a self-hosted instance to cause the monetr server to issue HTTP GET requests…

  • CVE-2026-41643HigMay 7, 2026
    risk 0.42cvss 7.5epss 0.01

    GoBGP is an open source Border Gateway Protocol (BGP) implementation in the Go Programming Language. Prior to version 4.3.0, a remote Denial of Service (DoS) vulnerability exists in GoBGP where a malformed BGP UPDATE message can trigger a runtime error: index out of range panic.…

  • CVE-2026-41642HigMay 7, 2026
    risk 0.42cvss 7.5epss 0.01

    GoBGP is an open source Border Gateway Protocol (BGP) implementation in the Go Programming Language. In version 4.3.0, a remote Denial of Service (DoS) vulnerability exists in GoBGP due to a nil pointer dereference. When a malformed BGP UPDATE message contains an unrecognized…

  • CVE-2026-3953HigMay 7, 2026
    risk 0.57cvss 8.8epss 0.00

    Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Gosoft Software Industry and Trade Ltd. Co. Proticaret E-Commerce allows Cross-Site Scripting (XSS), Reflected XSS. This issue affects Proticaret E-Commerce: from v5.0.0 before…

  • CVE-2026-33588HigMay 7, 2026
    risk 0.46cvss 8.1epss 0.00

    Lack of user input validation in the file upload functionality of Open Notebook v1.8.3 allows the application user to create or modify files on the docker container via path traversal.

  • CVE-2026-28201HigMay 7, 2026
    risk 0.44cvss 7.8epss 0.00

    An improper input validation, together with an overly permissive default CORS configuration in Open Notebook v1.8.1 allows remote attacker to trick a legitimate user to alter or delete arbitrary database entries via specially crafted malicious URL. Depending on the deployment,…

  • CVE-2026-6805HigMay 7, 2026
    risk 0.49cvss 7.5epss 0.00

    Vulnerability on the external sharing feature in Cryptobox allows an attacker knowing a sharing link URL to retrieve information from the server allowing an offline brute-force attack of the access code associated to this sharing link.

  • CVE-2025-68060HigMay 7, 2026
    risk 0.49cvss 7.6epss 0.00

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPMart Team Member allows Blind SQL Injection. This issue affects Team Member: from n/a through 8.5.

  • CVE-2025-1978HigMay 7, 2026
    risk 0.54cvss 8.3epss 0.01

    Remote Code Execution Vulnerability in Hitachi Storage Navigator and the maintenance console in Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H,…

  • CVE-2024-43384HigMay 7, 2026
    risk 0.52cvss 8.0epss 0.00

    A low privileged remote attacker can gain the root password due to improper removal of sensitive information before storage or transfer.

  • CVE-2026-4430HigMay 7, 2026
    risk 0.51cvss 7.8epss 0.00

    Out-of-bounds write vulnerability in The Document Foundation LibreOffice via crafted OOXML documents with mismatched encryption salt parameters. This issue affects LibreOffice: from 26.2 before 26.2.3, from 25.8 before 25.8.7.

  • CVE-2025-9661HigMay 7, 2026
    risk 0.53cvss 8.1epss 0.01

    OS command injection vulneravility in the management gui (maintenance utility) of Hitachi Virtual Storage Platform One Block 23, 24, 26 and 28. This issue affects Hitachi Virtual Storage Platform One Block 23/24/26/28: before DKCMAIN A3-04-21-40/00, ESM A3-04-21/00.

  • CVE-2026-7252HigMay 7, 2026
    risk 0.46cvss 8.1epss 0.01

    The WP-Optimize – Cache, Compress images, Minify & Clean database to boost page speed & performance plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the unscheduled_original_file_deletion function in all versions up to,…

  • CVE-2026-6692HigMay 7, 2026
    risk 0.57cvss 8.8epss 0.01

    The Slider Revolution plugin for WordPress is vulnerable to Arbitrary File Upload in versions 7.0.0 to 7.0.10 via the '_get_media_url' and '_check_file_path' function. This is due to insufficient file type validation. This makes it possible for authenticated attackers, with…

  • CVE-2026-4348HigMay 7, 2026
    risk 0.49cvss 7.5epss 0.00

    The BetterDocs Pro plugin for WordPress is vulnerable to SQL Injection via the `get_current_letter_docs` and `docs_sort_by_letter` AJAX actions in all versions up to, and including, 3.7.0. This is due to the `limit` POST parameter being interpolated directly into a SQL query…

  • CVE-2026-41641HigMay 7, 2026
    risk 0.40cvss 7.2epss 0.02

    NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to version 2.0.39, the checkSQL() validation function that blocks dangerous SQL keywords (e.g., pg_read_file, LOAD_FILE, dblink) is applied on the…

  • CVE-2026-41143HigMay 7, 2026
    risk 0.50cvss 8.8epss 0.00

    YesWiki is a wiki system written in PHP. Prior to version 4.6.1, YesWiki bazar module contains a SQL injection vulnerability in tools/bazar/services/EntryManager.php at line 704. The $data['id_fiche'] value (sourced from $_POST['id_fiche']) is concatenated directly into a raw…

  • CVE-2026-41139HigMay 7, 2026
    risk 0.50cvss 8.8epss 0.01

    Math.js is an extensive math library for JavaScript and Node.js. From version 13.1.0 to before version 15.2.0, arbitrary JavaScript can be executed via the expression parser of mathjs. This issue has been patched in version 15.2.0.

  • CVE-2026-41675HigMay 7, 2026
    risk 0.50cvss epss 0.00

    xmldom is a pure JavaScript W3C standard-based (XML DOM Level 2 Core) `DOMParser` and `XMLSerializer` module. In @xmldom/xmldom prior to versions 0.9.10 and 0.8.13 and xmldom version 0.6.0 and prior, the package allows attacker-controlled processing instruction data to be…

  • CVE-2026-41674HigMay 7, 2026
    risk 0.50cvss epss 0.00

    xmldom is a pure JavaScript W3C standard-based (XML DOM Level 2 Core) `DOMParser` and `XMLSerializer` module. In @xmldom/xmldom prior to versions 0.9.10 and 0.8.13 and xmldom version 0.6.0 and prior, the package serializes DocumentType node fields (internalSubset, publicId,…

  • CVE-2026-41673HigMay 7, 2026
    risk 0.50cvss epss 0.01

    xmldom is a pure JavaScript W3C standard-based (XML DOM Level 2 Core) `DOMParser` and `XMLSerializer` module. In @xmldom/xmldom prior to versions 0.9.10 and 0.8.13 and xmldom version 0.6.0 and prior, seven recursive traversals in lib/dom.js operate without a depth limit. A…

  • CVE-2026-41672HigMay 7, 2026
    risk 0.50cvss epss 0.00

    xmldom is a pure JavaScript W3C standard-based (XML DOM Level 2 Core) `DOMParser` and `XMLSerializer` module. In @xmldom/xmldom prior to versions 0.9.10 and 0.8.13 and xmldom version 0.6.0 and prior, the package allows attacker-controlled comment content to be serialized into…

  • CVE-2026-41670HigMay 7, 2026
    risk 0.46cvss 8.2epss 0.00

    Admidio is an open-source user management solution. Prior to version 5.0.9, the SAML IdP implementation in Admidio's SSO module uses the AssertionConsumerServiceURL value directly from incoming SAML AuthnRequest messages as the destination for the SAML response, without…

  • CVE-2026-41669HigMay 7, 2026
    risk 0.46cvss 8.2epss 0.00

    Admidio is an open-source user management solution. Prior to version 5.0.9, the Admidio SAML Identity Provider implementation discards the return value of its validateSignature() method at both call sites (handleSSORequest() line 418 and handleSLORequest() line 613). The method…

  • CVE-2026-41660HigMay 7, 2026
    risk 0.39cvss 7.1epss 0.00

    Admidio is an open-source user management solution. Prior to version 5.0.9, a logic error in Admidio's two-factor authentication reset inverts the authorization check. Non-admin users cannot remove their own TOTP configuration, but they can remove other users' TOTP, including…

  • CVE-2026-41640HigMay 7, 2026
    risk 0.42cvss 7.5epss 0.02

    NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to version 2.0.39, the queryParentSQL() function in the core database package constructs a recursive CTE query by joining nodeIds with string concatenation…

  • CVE-2026-41587HigMay 7, 2026
    risk 0.49cvss epss 0.01

    CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. From version 0.26.0.0 to before version 0.31.7.0, a theme upload feature allows any authenticated backend user with theme-upload…

  • CVE-2026-41142HigMay 7, 2026
    risk 0.50cvss 8.8epss 0.00

    OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3.3.11, and 3.4.0 to before 3.4.11, there is an integer overflow in…

  • CVE-2026-41002HigMay 7, 2026
    risk 0.40cvss 7.2epss 0.00

    The base directory (`spring.cloud.config.server.git.basedir`) used by the Spring Cloud Config Server to clone Git repositories to is susceptible to time-of-check-time-of-use (TOCTOU) attacks. Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13 (inclusive); upgrade to…

  • CVE-2026-40981HigMay 7, 2026
    risk 0.42cvss 7.5epss 0.00

    When using Google Secrets Manager as a backend for the Spring Cloud Config server a client can craft a request to the config server potentially exposing secrets from unintended GCP projects. Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13 (inclusive); upgrade to…

  • CVE-2026-8032HigMay 6, 2026
    risk 0.47cvss 7.3epss 0.00

    A flaw has been found in PicoTronica e-Clinic Healthcare System ECHS 5.7. The impacted element is an unknown function of the file /cdemos/echs/priv/echs.js. This manipulation of the argument ADMIN_KEY causes hard-coded credentials. The attack is possible to be carried out…

  • CVE-2026-44118HigMay 6, 2026
    risk 0.44cvss 7.8epss 0.00

    OpenClaw before 2026.4.22 derives loopback MCP owner context from spoofable server-issued bearer tokens in request headers. Non-owner loopback clients can present themselves as owner to bypass owner-gated operations by manipulating the sender-owner header metadata.

  • CVE-2026-44116HigMay 6, 2026
    risk 0.49cvss 8.6epss 0.00

    OpenClaw before 2026.4.22 contains a server-side request forgery vulnerability in the Zalo plugin's sendPhoto function that fails to validate outbound photo URLs through the SSRF guard. Attackers can bypass SSRF protection by providing malicious photo URLs to the Zalo Bot API,…

  • CVE-2026-44115HigMay 6, 2026
    risk 0.50cvss 8.8epss 0.00

    OpenClaw before 2026.4.22 contains an exec allowlist analysis vulnerability allowing shell expansion hiding in unquoted heredoc bodies. Attackers can bypass allowlist validation by embedding shell expansion tokens in heredoc bodies to execute unapproved commands at runtime.

  • CVE-2026-44114HigMay 6, 2026
    risk 0.44cvss 7.8epss 0.00

    OpenClaw before 2026.4.20 fails to properly reserve the OPENCLAW_ runtime-control environment namespace in workspace dotenv files, allowing attackers to override critical runtime variables. Malicious workspaces can set variables like OPENCLAW_GIT_DIR to manipulate trusted…

  • CVE-2026-44113HigMay 6, 2026
    risk 0.43cvss 7.7epss 0.00

    OpenClaw before 2026.4.22 contains a time-of-check/time-of-use race condition in the OpenShell filesystem bridge that allows attackers to read files outside the intended mount root. Attackers can exploit symlink swaps during filesystem operations to bypass sandbox restrictions…

  • CVE-2026-44110HigMay 6, 2026
    risk 0.50cvss 8.8epss 0.00

    OpenClaw before 2026.4.15 contains an authorization bypass vulnerability in Matrix room control-command authorization that trusts DM pairing-store entries. Attackers with DM-paired sender IDs can execute room control commands without being in configured allowlists by posting in…

  • CVE-2026-43585HigMay 6, 2026
    risk 0.46cvss 8.1epss 0.01

    OpenClaw before 2026.4.15 captures resolved bearer-auth configuration at startup, allowing revoked tokens to remain valid after SecretRef rotation. Gateway HTTP and WebSocket handlers fail to re-resolve authentication per-request, enabling attackers to use rotated-out bearer…

  • CVE-2026-43584HigMay 6, 2026
    risk 0.50cvss 8.8epss 0.00

    OpenClaw before 2026.4.10 contains an insufficient environment variable denylist vulnerability in its exec environment policy that allows operator-supplied overrides of high-risk interpreter startup variables including VIMINIT, EXINIT, LUA_INIT, and HOSTALIASES. Attackers can…

  • CVE-2026-43580HigMay 6, 2026
    risk 0.43cvss 7.7epss 0.00

    OpenClaw before 2026.4.10 contains an incomplete navigation guard vulnerability that allows attackers to trigger navigation without complete SSRF policy enforcement. Browser press/type style interactions, including pressKey and type submit flows, can bypass post-action security…

  • CVE-2026-43576HigMay 6, 2026
    risk 0.43cvss 7.7epss 0.00

    OpenClaw before 2026.4.5 contains a server-side request forgery vulnerability in the CDP /json/version WebSocket endpoint that allows attackers to pivot to untrusted second-hop targets. The webSocketDebuggerUrl response field is not properly validated, enabling attackers to…

  • CVE-2026-40326HigMay 6, 2026
    risk 0.39cvss epss 0.00

    Masa CMS is a content management system forked from Mura CMS. In versions 7.5.2 and earlier, the createBundle method in `csettings.cfc` does not properly validate anti-CSRF tokens for site bundle creation requests. An attacker can craft a malicious webpage or link that, when…