VYPR

CVEs

38,009 total · page 9 of 761

  • CVE-2026-34021HigJun 15, 2026
    risk 0.56cvss epss 0.00

    The Wertheim SafeController 5400, Controller 5400 - AssemblyVersion 6.11.8130.22320, uses RS-485 communication between the server and the microcontroller without cryptographic protection. An attacker with access to the communication path between the server and the…

  • CVE-2026-12057HigJun 15, 2026
    risk 0.56cvss 8.6epss 0.00

    When the application executes the JavaScript script embedded in the PDF within the sandbox, it fails to intercept some dangerous interfaces, which allows remote scripts to be loaded, resulting in arbitrary code execution.

  • CVE-2026-50100HigJun 15, 2026
    risk 0.51cvss 7.8epss 0.00

    Multiple printer drivers provided by Ricoh Company, Ltd. and KONICA MINOLTA JAPAN, INC. contain a privilege escalation vulnerability. If this vulnerability is exploited, an attacker who can log in to a computer running an affected printer driver could elevate privileges by using…

  • CVE-2026-11860HigJun 15, 2026
    risk 0.49cvss epss 0.00

    Quick.CMS deserializes user-controlled data received over plaintext HTTP without ensuring integrity or authenticity. This allows attackers to tamper with serialized payloads in transit and inject malicious objects. Because deserialization is performed without proper validation…

  • CVE-2026-12222HigJun 15, 2026
    risk 0.52cvss 8.0epss 0.00

    A vulnerability was determined in Yealink SIP-T46U 108.86.0.118. Affected is the function mod_webd.BlueToothTest of the file /api/inner/bttest of the component Web FastCGI Service. Executing a manipulation of the argument btMac/pin/reserved can lead to stack-based buffer…

  • CVE-2026-12221HigJun 15, 2026
    risk 0.52cvss 8.0epss 0.00

    A vulnerability was found in Yealink SIP-T46U 108.86.0.118. This impacts the function sprintf of the file /api/upgrade/upgrade of the component Firmware Chunk Upload Handler. Performing a manipulation of the argument uid/start_offset results in stack-based buffer overflow. The…

  • CVE-2026-12220HigJun 15, 2026
    risk 0.52cvss 8.0epss 0.00

    A vulnerability has been found in Yealink SIP-T46U 108.86.0.118. This affects the function mod_upgrade.SparePartsUpload of the file /api/upgrade/accupgradebychunk of the component Firmware Chunk Upload handler. Such manipulation of the argument uid leads to stack-based buffer…

  • CVE-2026-12218HigJun 15, 2026
    risk 0.52cvss 8.0epss 0.00

    A vulnerability was detected in Yealink SIP-T46U 108.87.50.1. The affected element is the function StartReportInformation of the file /api/inner/beforewifitest of the component Web FastCGI Service. The manipulation of the argument port results in stack-based buffer overflow.…

  • CVE-2026-12217HigJun 15, 2026
    risk 0.51cvss 7.8epss 0.00

    A security vulnerability has been detected in DVDFab Virtual Drive 2.0.0.5. Impacted is an unknown function in the library dvdfabio.sys of the component Signed Kernel Driver. The manipulation leads to improper privilege management. An attack has to be approached locally. The…

  • CVE-2026-12214HigJun 15, 2026
    risk 0.51cvss 7.8epss 0.00

    A security flaw has been discovered in Qihoo 360 Total Security 6.0. This vulnerability affects the function RpcStringBindingComposeW of the component Nucleus Engine Monitoring Logic. Performing a manipulation of the argument NetworkAddr results in protection mechanism failure.…

  • CVE-2026-12204HigJun 15, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was determined in ShopXO up to 6.7.1. This vulnerability affects the function OrderClose/OrderSuccess/PayLogOrderClose/GoodsGiveIntegral of the file app/api/controller/Crontab.php of the component Scheduled Task Endpoint. Executing a manipulation can lead to…

  • CVE-2026-12200HigJun 15, 2026
    risk 0.47cvss 7.3epss 0.00

    A security vulnerability has been detected in Ritlabs TinyWeb Server up to 1.94 on Win32. This impacts an unknown function in the library libeay32.dll.html of the component Header Handler. The manipulation of the argument Authorization leads to stack-based buffer overflow. The…

  • CVE-2026-12198HigJun 15, 2026
    risk 0.47cvss 7.3epss 0.01

    A weakness has been identified in Microweber up to 2.0.20. This affects the function userfiles_path of the file /api_nosession/thumbnail_img of the component API Endpoint. Executing a manipulation of the argument cache_path_relative can lead to path traversal. It is possible to…

  • CVE-2026-12197HigJun 15, 2026
    risk 0.47cvss 7.2epss 0.02

    A security flaw has been discovered in Ruijie EG105G-P 2.340. The impacted element is the function nslookup of the file /cgi-bin/luci/api/diagnose of the component JSON-RPC Diagnose Endpoint. Performing a manipulation of the argument params.target results in command injection.…

  • CVE-2026-12193HigJun 15, 2026
    risk 0.51cvss 7.8epss 0.00

    A vulnerability was identified in VS Revo RevoUninstaller 2.5.x/2.6.x. The affected element is the function IOCtl_Handler in the library RevoDetector.sys of the component IOCTL Handler. Such manipulation leads to heap-based buffer overflow. The attack must be carried out…

  • CVE-2026-12192HigJun 15, 2026
    risk 0.57cvss 8.8epss 0.00

    A vulnerability was determined in GALAYOU Y4 1.0.0. Impacted is an unknown function of the component Web Server. This manipulation causes buffer overflow. The attack is only possible within the local network. The exploit has been publicly disclosed and may be utilized. The…

  • CVE-2026-12191HigJun 14, 2026
    risk 0.51cvss 7.8epss 0.00

    A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdrive/modeld/modeld.py of the component Pickle Module. The manipulation results in deserialization. The attack is only possible with local access. The…

  • CVE-2026-12187HigJun 14, 2026
    risk 0.57cvss 8.8epss 0.02

    A security vulnerability has been detected in GL.iNet GL-MT3000 up to 4.4.5. Affected by this vulnerability is an unknown functionality of the file /usr/bin/one_click_upgrade of the component Online Firmware Upgrade Handler. Such manipulation leads to command injection. The…

  • CVE-2026-12186HigJun 14, 2026
    risk 0.57cvss 8.8epss 0.02

    A weakness has been identified in GL.iNet GL-MT3000 up to 4.4.5. Affected is the function replace_country in the library /usr/lib/oui-httpd/rpc/tor of the component Tor Proxy Service Configuration Handler. This manipulation causes command injection. The attack can be initiated…

  • CVE-2026-54413HigJun 14, 2026
    risk 0.53cvss 8.2epss 0.00

    driftregion iso14229 through 0.9.0 contains an integer underflow and downstream out-of-bounds read in the Handle_0x27_SecurityAccess() function in iso14229.c that allows a remote unauthenticated attacker to crash a UDS server and potentially read memory past the receive buffer…

  • CVE-2026-54412HigJun 14, 2026
    risk 0.53cvss 8.2epss 0.00

    LiamBindle MQTT-C through version 1.1.6 contains a heap-based out-of-bounds read and integer underflow in the mqtt_unpack_publish_response() function in src/mqtt.c that allows a remote unauthenticated attacker controlling an MQTT broker - or able to inject MQTT traffic into an…

  • CVE-2026-54410HigJun 14, 2026
    risk 0.56cvss 8.6epss 0.01

    nanoMODBUS through v1.23.0 contains an off-by-one buffer overflow in the recv_msg_header() function of the Modbus/TCP server that allows remote unauthenticated attackers to write one attacker-controlled byte past the end of the 260-byte receive buffer by sending a crafted MBAP…

  • CVE-2026-11527HigJun 14, 2026
    risk 0.49cvss 8.6epss 0.01

    Config::IniFiles versions before 3.001000 for Perl allow OS command injection and file overwrite via a 2-arg open() of the -file argument in _make_filehandle. Config::IniFiles::_make_filehandle opens a filename argument with Perl's 2-arg open(), so a filename that begins or…

  • CVE-2026-54420HigKEVJun 14, 2026
    risk 0.67cvss 8.5epss 0.01

    LiteSpeed cPanel plugin before 2.4.8 (as distributed in LiteSpeed WHM PlugIn before 5.3.2.0) mishandles symlinks provided by a user with FTP or web shell access on a shared hosting server running CloudLinux/CageFS, as exploited in the wild in May 2026.

  • CVE-2026-12174HigJun 13, 2026
    risk 0.57cvss 8.8epss 0.01

    A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /web/cgi-bin/greece/rhea of the component HTTP Handler. Such manipulation of the argument data leads to format string. The attack may be launched remotely.…

  • CVE-2026-6428HigJun 13, 2026
    risk 0.49cvss 7.6epss 0.00

    SQL Injection in reports/catalogue_out.pl in Koha Community Koha through 22.11.37, 23.x, 24.x before 24.11.16, 25.05.x before 25.05.11, 25.11.x before 25.11.05, 26.05.x before 26.05.01, and 26.11.x before 26.11.00 allows an authenticated staff user with the Reports module flag…

  • CVE-2026-5513HigJun 13, 2026
    risk 0.40cvss 7.2epss 0.00

    The Online Scheduling and Appointment Booking System – Bookly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bookly-customer-full-name' cookie in versions up to, and including, 27.2 due to insufficient input sanitization and output escaping. This…

  • CVE-2026-9109HigJun 13, 2026
    risk 0.47cvss 7.2epss 0.00

    The GPTranslate – Multilingual AI Translation for WordPress: Automatically Translate Websites plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API Translation Storage in all versions up to, and including, 2.31 due to insufficient input sanitization…

  • CVE-2026-9848HigJun 13, 2026
    risk 0.42cvss 7.5epss 0.01

    The WP Ticket plugin for WordPress is vulnerable to SQL Injection via the WordPress search query parameter (`s`) in versions up to, and including, 6.0.4 The plugin hooks WordPress's `posts_request` filter with `wp_ticket_com_posts_request()`, which calls…

  • CVE-2026-54230HigJun 13, 2026
    risk 0.46cvss 7.0epss 0.00

    A symlink following vulnerability was found in the ABRT post-create event handler scripts in libreport. Event scripts write output files using shell redirections without the O_NOFOLLOW flag. If the target file is replaced with a symlink, the shell process running as root follows…

  • CVE-2026-54229HigJun 13, 2026
    risk 0.46cvss 7.0epss 0.00

    A race condition was found in the abrt-dbus D-Bus service's ChownProblemDir method. ChownProblemDir opens the dump directory with DD_OPEN_READONLY and calls dd_chown to change ownership of all files to the caller's uid, succeeding even while post-create event handlers hold a…

  • CVE-2026-54228HigJun 13, 2026
    risk 0.51cvss 7.8epss 0.00

    A time-of-check time-of-use (TOCTOU) race condition was found in the abrt-dbus D-Bus service's SetElement method. Between dump directory creation and post-create event execution, any local user can call SetElement to write arbitrary text files into the root-owned dump directory,…

  • CVE-2026-6676HigJun 12, 2026
    risk 0.51cvss 7.8epss 0.00

    Heap buffer out-of-bounds write vulnerability in Avira Antivirus engine when scanning a malformed POSIX tar archive may allow Local Execution of Code or Denial-of-Service of the antivirus engine process. This issue affects Avira Antivirus on Windows, macOS, and Linux for engine…

  • CVE-2026-12068HigJun 12, 2026
    risk 0.48cvss 7.4epss 0.00

    Information disclosure vulnerability in Avira Password Manager when used with Mozilla Firefox may allow a remote attacker operating a cross-origin iframe to obtain credentials autofilled for the parent web page via incorrect autofill field selection. This issue affects Avira…

  • CVE-2025-9033HigJun 12, 2026
    risk 0.51cvss 7.8epss 0.00

    Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed PDF file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process. This issue affects Avira Antivirus on Windows, macOS, and Linux for engine builds…

  • CVE-2025-9032HigJun 12, 2026
    risk 0.51cvss 7.8epss 0.00

    Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed Windows PE file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process. This issue affects Avira Antivirus on Windows, macOS, and Linux for engine…

  • CVE-2025-14098HigJun 12, 2026
    risk 0.51cvss 7.8epss 0.00

    Heap buffer out-of-bounds write vulnerability due to integer overflow in Avira Antivirus engine when scanning a malformed MS-DOS executable file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process. This issue affects Avira Antivirus on…

  • CVE-2026-54090higJun 12, 2026
    risk 0.39cvss epss 0.00

    > [!NOTE] > **This feature has been disabled by default for all installations from v2.33.8 onwards, including for existent installations**. To exploit this vulnerability, the instance administrator must turn on a feature and ignore all the warnings about known vulnerabilities.…

  • CVE-2026-53868HigJun 12, 2026
    risk 0.49cvss 7.5epss 0.00

    Capgo before 12.128.2 contains a denial of service vulnerability allowing attackers to register accounts using arbitrary email addresses without verification, then initiate deletion to lock emails in pending deletion state. Attackers can permanently lock legitimate users out of…

  • CVE-2026-53836HigJun 12, 2026
    risk 0.50cvss 8.8epss 0.00

    OpenClaw before 2026.5.12 contains an allowlist bypass vulnerability in PowerShell encoded-command handling that allows attackers to execute encoded commands using abbreviated flag aliases not recognized by the allowlist parser. Remote authenticated operators can bypass…

  • CVE-2026-53834HigJun 12, 2026
    risk 0.42cvss 7.5epss 0.00

    OpenClaw before 2026.4.27 contains an authorization bypass vulnerability in QQBot pre-dispatch slash commands that allows authenticated senders to skip allowFrom policy checks. Attackers can invoke slash commands before configured access control policies are applied, potentially…

  • CVE-2026-53833HigJun 12, 2026
    risk 0.43cvss 7.7epss 0.00

    OpenClaw before 2026.4.29 contains an authorization bypass vulnerability in the QQBot streaming command that allows authenticated senders to mutate configuration without explicit allowFrom restrictions. Attackers can modify QQBot streaming configuration outside intended admin…

  • CVE-2026-53832HigJun 12, 2026
    risk 0.43cvss 7.7epss 0.00

    OpenClaw before 2026.5.18 contains an identity header validation vulnerability allowing local same-host callers to forge trusted-proxy identity headers. Attackers with access to the proxy-facing Gateway port can supply forged identity headers to assume operator identity and…

  • CVE-2026-53831HigJun 12, 2026
    risk 0.47cvss 8.3epss 0.00

    OpenClaw before 2026.5.18 contains a policy enforcement vulnerability in system.run safe-bin allowlist validation that allows shell expansion to modify command interpretation on POSIX nodes. Authenticated operators can exploit shell metacharacters in approved commands to read…

  • CVE-2026-53829HigJun 12, 2026
    risk 0.45cvss 8.0epss 0.00

    OpenClaw before 2026.5.18 contains an approval display truncation vulnerability allowing authenticated users to hide command suffixes from approvers. Attackers can submit oversized exec commands with benign prefixes and malicious suffixes to execute unauthorized operations after…

  • CVE-2026-53828HigJun 12, 2026
    risk 0.50cvss 8.8epss 0.00

    OpenClaw before 2026.5.6 contains an authorization bypass vulnerability in native command handling that allows authenticated senders to execute owner-only commands without proper policy enforcement. Attackers can trigger native command handling to bypass the configured…

  • CVE-2026-53823HigJun 12, 2026
    risk 0.46cvss 8.1epss 0.00

    OpenClaw before 2026.5.3 contains a privilege escalation vulnerability in the allowFrom feature that binds to mutable Slack display names. Attackers with Slack account access can change display name metadata to match policy entries, potentially gaining unauthorized agent access…

  • CVE-2026-53822HigJun 12, 2026
    risk 0.50cvss 8.8epss 0.01

    OpenClaw before 2026.5.18 contains a command injection vulnerability where shell wrapper argv could change between approval and execution. Attackers can rebuild command arguments after allowlist approval to execute unapproved command shapes, potentially bypassing security…

  • CVE-2026-53821HigJun 12, 2026
    risk 0.50cvss 8.8epss 0.00

    OpenClaw before 2026.5.18 accepts WebSocket client-declared operator scopes before binding to server-approved pairing or trusted-proxy authorization baseline. Unpaired or restricted trusted-proxy Control UI clients can obtain cached operator.admin authority on live WebSocket…

  • CVE-2026-53608HigJun 12, 2026
    risk 0.57cvss 8.7epss 0.00

    ApostropheCMS is an open-source Node.js content management system. Versions up to and including 1.4.2 of the `@apostrophecms/seo` package injects the Google Analytics Tracking ID (`seoGoogleTrackingId`) and Google Tag Manager ID (`seoGoogleTagManager`) directly into ``…