CVE alerts
60 alerts in this category.
Threat alerts that map to a registered CVE entry. Each carries severity, exploitation status, affected products, and a direct path to the vendor patch.
Critical Vulnerability: CVE-2026-46716
Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. From version 1.4.0 to before version 2.0.8, a RoleMember user can create a scheduled cron task with Cove
CVE-2026-46716Critical Vulnerability: CVE-2026-53609
ApostropheCMS is an open-source Node.js content management system. In versions up to and including 4.30.0, `apos.util.set()` traverses dot-notation paths without sanitizing `__proto__`, allowing an au
CVE-2026-53609Critical Vulnerability: CVE-2026-53519
Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. Prior to version 2.0.13, fallbackToFrontend in the dashboard's NoRoute handler treats any URL whose raw
CVE-2026-53519Critical Vulnerability: CVE-2026-53838
OpenClaw before 2026.5.27 contains a state mutation vulnerability in node pairing reconnection that allows paired nodes to confuse approval scope decisions. Attackers can exploit reconnection logic to
CVE-2026-53838Critical Vulnerability: CVE-2026-44990
ApostropheCMS is an open-source Node.js content management system, and sanitize-html provides a simple HTML sanitizer with a clear API. Under the default configuration, versions of `sanitize-html` pri
CVE-2026-44990Critical Vulnerability: CVE-2025-66276 — qnap — qts
QuTS hero is not affected. We have already fixed the vulnerability in the following version: QTS 5.2.7.3256 build 20250913 and later
qnapCVE-2025-66276Critical Vulnerability: CVE-2026-48558
SimpleHelp versions 5.5.15 and prior and 6.0 pre-release versions contain an authentication bypass vulnerability in the OIDC authentication flow. When OIDC authentication is configured, identity token
CVE-2026-48558Critical Vulnerability: CVE-2026-50090
The Aqara Cloud OAuth Authorization Endpoint (open-cn.aqara.com/oauth/authorize) is vulnerable to a redirect bypass due to lax controls on domain matching, which is an instance of "CWE-1289: Improper
CVE-2026-50090Critical Vulnerability: CVE-2026-50086
The Aqara IAM/SSO gateway (gw-builder.aqara.com) exposes bidirectional AES round-trups against the platform's signing key without authentication. This is an instance of "CWE-306: Missing Authenticatio
CVE-2026-50086Critical Vulnerability: CVE-2026-50083
The Aqara IAM/SSO Gateway (gw-builder.aqara.com) used a hardcoded OAuth client credential, which is an instance of "CWE-798: Use of Hard-coded Credentials." This issue has an estimated CVSS of CVSS:3.
CVE-2026-50083Critical Vulnerability: CVE-2026-50091
Aqara Home Android (com.lumiunited.aqarahome) 6.0.0 (and white-label clients embedding the same liblumidevsdk.so) uses hard-coded cryptographic keys, which is an instance of "CWE-321: Use of Hard-code
CVE-2026-50091Critical Vulnerability: CVE-2026-50084
The Aqara Cloud Production API (open-cn.aqara.com/v3.0/open/api) would authorize any valid developer token for access to any account. This is an instance of "CWE-862: Missing Authorization" with an es
CVE-2026-50084Critical Vulnerability: CVE-2023-34575 — store-opart — op\'art_save_cart
SQL injection vulnerability in PrestaShop opartsavecart through 2.0.7 allows remote attackers to run arbitrary SQL commands via OpartSaveCartDefaultModuleFrontController::initContent() and OpartSaveCa
store-opartCVE-2023-34575Critical Vulnerability: CVE-2023-34576 — store-opart — op\'art_product_faq
SQL injection vulnerability in updatepos.php in PrestaShop opartfaq through 1.0.3 allows remote attackers to run arbitrary SQL commands via unspedified vector.
store-opartCVE-2023-34576Critical Vulnerability: CVE-2026-50632
A further incomplete fix for a previous advisory CVE-2026-44417 (Untrusted JMS configuration can lead to RCE) for Apache CXF has been identified, which can allow code execution capabilities, if untrus
CVE-2026-50632Critical Vulnerability: CVE-2026-50633
A JNDI Injection vulnerability has been discovered in Apache CXF's JCA integration module, which can allow for code execution, if an attacker is able to manipulate the JCA deployment descriptor (ra.xm
CVE-2026-50633Critical Vulnerability: CVE-2026-47137
vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, the fix for GHSA-8hg8-63c5-gwmx (CVE-2023-37903) introduced a check in nodevm.js line 263 that blocks the combination nesting: tr
CVE-2026-47137Critical Vulnerability: CVE-2026-47208
vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, VM2 suffers from a sandbox breakout vulnerability. This allows attackers to write code which can escape from the VM2 sandbox and
CVE-2026-47208Critical Vulnerability: CVE-2026-6853
Improper restriction of excessive authentication attempts vulnerability in Başbelen Group Food Cafe Businesses Industry and Trade Ltd. Co. Pause+ Mobile App allows Authentication Bypass. This issue a
CVE-2026-6853Critical Vulnerability: CVE-2026-54133
jmespath.php allows users to use JMESPath, software for declaratively specifying how to extract elements from a JSON document, in PHP applications with PHP data structures. Versions prior to 2.9.1 can
CVE-2026-54133Critical Vulnerability: CVE-2026-47210
vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, a sandbox escape vulnerability in vm2 allows arbitrary code execution in the host process when untrusted code is executed with as
CVE-2026-47210Critical Vulnerability: CVE-2026-47131
vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, by combining Buffer.call.call({}.__lookupGetter__, Buffer, "__proto__"), Buffer.call.call({}.__lookupSetter__, Buffer, "__proto__
CVE-2026-47131Critical Vulnerability: CVE-2026-53787
Amasty Order Attributes for Magento 2 before version 4.0.0 contains an unauthenticated arbitrary file upload vulnerability that allows unauthenticated attackers to write arbitrary files to the store's
CVE-2026-53787Critical Vulnerability: CVE-2026-47140
vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, NodeVM blocks several dangerous Node.js builtins such as module, worker_threads, cluster, vm, repl, and inspector. However, the d
CVE-2026-47140Critical Vulnerability: CVE-2023-36263 — store-opart — op\'art_limit_quantity
Prestashop opartlimitquantity 1.4.5 and before is vulnerable to SQL Injection. OpartlimitquantityAlertlimitModuleFrontController::displayAjaxPushAlertMessage()` has sensitive SQL calls that can be exe
store-opartCVE-2023-36263Critical Vulnerability: CVE-2026-26240 — qnap — file_station
A buffer overflow vulnerability has been reported to affect File Station 5. The remote attackers can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vuln
qnapCVE-2026-26240Critical Vulnerability: CVE-2026-26241 — qnap — file_station
A buffer overflow vulnerability has been reported to affect File Station 5. The remote attackers can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vuln
qnapCVE-2026-26241Critical Vulnerability: CVE-2026-11849
The iRM-IEI Remote Management developed by IEI Integration Corp has a Hardcoded Credentials vulnerability, allowing unauthenticated remote attackers to exploit hard-coded credentials to gain administ
CVE-2026-11849Critical Vulnerability: CVE-2026-11561
Improper neutralization of special elements used in an expression language statement ('expression language injection') vulnerability in Soagen Informatics Technologies Software and Consulting Inc. Api
CVE-2026-11561Critical Vulnerability: CVE-2026-47369
A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in certain devices running UniFi OS to escalate privileges within such Un
CVE-2026-47369Critical Vulnerability: CVE-2026-47367
A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in UID Enterprise Agent to execute a Command Injection on the host device
CVE-2026-47367Critical Vulnerability: CVE-2026-48611
Improper authentication checks in the OAuth implementation allow account hijacking even when OAuth is not configured or enabled leading to unauthorized access in default installations.
CVE-2026-48611Critical Vulnerability: CVE-2026-47365
Argument injection vulnerability in WordPress Toolkit before 6.11.0 as used in cPanel & WHM, allows remote authenticated users to bypass cross-tenant authorization and execute arbitrary wp-toolkit CLI
CVE-2026-47365Critical Vulnerability: CVE-2026-47370
A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in certain devices running UniFi OS to execute a Command Injection within
CVE-2026-47370Critical Vulnerability: CVE-2026-45060
ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - #129, the actions/progress_video.php endpoint is vulnerable to blind SQL injection. Any unauthenticated user can exploi
CVE-2026-45060Critical Vulnerability: CVE-2026-42846
ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - #140, ClipBucket's Remote Play feature allows any authenticated user to add a video by importing an external URL as the
CVE-2026-42846Critical Vulnerability: CVE-2026-49060
Incorrect Privilege Assignment vulnerability in Hippoo Mobile App for WooCommerce allows Privilege Escalation. This issue affects Hippoo Mobile App for WooCommerce: from n/a through 1.9.4.
CVE-2026-49060Critical Vulnerability: CVE-2026-42647
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Beardev JoomSport allows Blind SQL Injection. This issue affects JoomSport: from n/a through 5.7.
CVE-2026-42647Critical Vulnerability: CVE-2026-39494
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WBW Plugins Product Filter by WBW allows Blind SQL Injection. This issue affects Product Filter b
CVE-2026-39494Critical Vulnerability: CVE-2026-41005
Cloud Foundry UAA incorrectly treated XML encryption to the Service Provider (confidentiality) as a substitute for XML signatures from the Identity Provider (authenticity) in two SAML flows: the OAuth
CVE-2026-41005Critical Vulnerability: CVE-2026-50638
Metrics::Any::Adapter::DogStatsd versions before 0.04 for Perl does not protect against metric injections. The statsd protocol (and extensions such as dogstatsd) allow mutiple metrics,separated by ne
CVE-2026-50638Critical Vulnerability: CVE-2026-49973
Hermes WebUI before version 0.51.358 contains an improper access control vulnerability that allows unauthenticated remote attackers to hijack initial setup by submitting the _set_password parameter to
CVE-2026-49973Critical Vulnerability: CVE-2026-49261
MariaDB server is a community developed fork of MySQL server. Versions 10.6.1 through 10.6.26, 10.11.1 through 10.11.17, 11.4.1 through 11.4.11, 11.8.1 through 11.8.7, and 12.3.1 with `wsrep_notify_c
CVE-2026-49261Critical Vulnerability: CVE-2026-38581
SQL Injection vulnerability in damasac thaipalliative_lte through version 3.0 allows remote attackers to execute arbitrary SQL commands via the idFormMain parameter to /substudy/ezform.php (line 14) a
CVE-2026-38581Critical Vulnerability: CVE-2026-11839
Unrestricted upload of file with dangerous type vulnerability in Başarsoft Information Technologies Inc. Rotaban allows Upload a Web Shell to a Web Server. This issue affects Rotaban: from V2026.06.0
CVE-2026-11839Critical Vulnerability: CVE-2026-7852
Unrestricted upload of file with dangerous type vulnerability in Limatek System Inc. LimRAD NAC allows Remote Code Inclusion. This issue affects LimRAD NAC: before 5.5.7.3.9.
CVE-2026-7852Critical Vulnerability: CVE-2026-42861 — flowiseai — flowise
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, a mass assignment vulnerability exists in the variable update endpoint of FlowiseAI. Th
flowiseaiCVE-2026-42861Critical Vulnerability: CVE-2026-46440 — flowiseai — flowise
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, the checkBasicAuth endpoint validates credentials in plaintext without rate limiting an
flowiseaiCVE-2026-46440Critical Vulnerability: CVE-2026-46441 — flowiseai — flowise
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, a mass assignment vulnerability exists in the assistant update endpoint of FlowiseAI. T
flowiseaiCVE-2026-46441Critical Vulnerability: CVE-2026-46442 — flowiseai — flowise
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, POST /api/v1/node-custom-function lacks route-level authorization, allowing any authent
flowiseaiCVE-2026-46442Critical Vulnerability: CVE-2026-35273
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Updates Environment Management). Supported versions that are affected are 8.61 and 8.62. Easily exploita
CVE-2026-35273Critical Vulnerability: CVE-2026-46703
Boxlite is a sandbox service that allows users to create lightweight virtual machines (Boxes) and launch OCI containers within them to run untrusted code. Prior to version 0.9.0, Boxlite allows users
CVE-2026-46703Critical Vulnerability: CVE-2026-46695
Boxlite is a sandbox service that allows users to create lightweight virtual machines (Boxes) and launch OCI containers within them to run untrusted code. Prior to version 0.9.0, Boxlite does not rest
CVE-2026-46695Critical Vulnerability: CVE-2026-45777 — buffalo — open_xdmod
OpenXDMoD is an open framework for collecting and analyzing HPC metrics. Starting in version 9.5.0 and prior to version 11.0.3, an attacker can remotely execute arbitrary system commands on the web se
buffaloCVE-2026-45777Critical Vulnerability: CVE-2026-45779 — buffalo — open_xdmod
OpenXDMoD is an open framework for collecting and analyzing HPC metrics. An SQL injection vulnerability exists in Open XDMoD versions prior to 10.0.3 that allows an unauthenticated remote attacker to
buffaloCVE-2026-45779Critical Vulnerability: CVE-2026-36727
An insecure authentication vulnerability in the /api/social-sign-in endpoint of bookcars v8.3 allows attackers to bypass authentication via a forged JWT token.
CVE-2026-36727Critical Vulnerability: CVE-2026-50545
Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, the Environment.spec.runtime.podS
CVE-2026-50545Critical Vulnerability: CVE-2026-50566
Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, a tenant with environments.fissio
CVE-2026-50566Critical Vulnerability: CVE-2026-20253
In Splunk Enterprise versions below 10.2.4 and 10.0.7, and Splunk Cloud Platform versions below 10.4.2604.3 and 10.2.2510.14, an unauthenticated user could create or truncate arbitrary files through a
CVE-2026-20253Critical Vulnerability: CVE-2026-50563
Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, Fission's Container Executor path
CVE-2026-50563
Get alerts that match YOUR environment
This page shows everything in the category. Vulnios narrows it down to alerts that affect your actual asset inventory — only the CVEs you need to act on.
Start a free scan