CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.01)
A critical remote code execution (RCE) vulnerability in PTC Windchill PDMlink and PTC FlexPLM. The flaw can be exploited via deserialization of untrusted data, allowing an attacker to execute arbitrary code remotely.
A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager allows an authenticated, remote attacker to create or overwrite files on the filesystem. Exploiting this vulnerability requires sending a crafted HTTP request to an affected API endpoint.
LiteSpeed cPanel plugin before version 2.4.8 mishandles symlinks provided by users with FTP or web shell access on shared hosting servers running CloudLinux/CageFS.
SimpleHelp versions 5.5.15 and prior and 6.0 pre-release versions contain an authentication bypass vulnerability in the OIDC authentication flow. Identity tokens submitted during login are accepted without verifying their cryptographic signature, allowing a remote, unauthenticated attacker to obtain a fully authenticated technician session.
Vulnerability in the Oracle PeopleSoft PeopleTools product related to Updates Environment Management. Versions 8.61 and 8.62 are susceptible to easily exploitable attacks that can lead to system takeover.
In Splunk Enterprise versions 10.2 below 10.2.4 and 10 below 10.0.7, an unauthenticated user can create or truncate arbitrary files through a PostgreSQL sidecar service endpoint. The vulnerability exists due to a lack of authentication controls at this endpoint.
CVE-2026-10520 is an OS Command Injection vulnerability in Ivanti Sentry before versions R10.5.2, R10.6.2, and R10.7.1 that allows a remote unauthenticated user to achieve root-level remote code execution.
Out of bounds read and write in V8 in Google Chrome prior to version 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password.
On affected platforms running Arista EOS, a tunnel decapsulation configuration, such as VXLAN, decap-groups, or a GRE tunnel interface, may lead to incorrect decapsulation and forwarding of other unexpected tunneled packets. This issue arises from the switch's failure to verify the tunnel protocol type.
A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated users, ultimately resulting in PHP code upload and execution.
A vulnerability in the CLI of Cisco Catalyst SD-WAN Controller, Manager, and Validator could allow an authenticated, local attacker to execute arbitrary commands as root by supplying a crafted file to the affected system.
SolarWinds Serv-U jest podatny na specjalnie przygotowane żądania POST, które mogą spowodować awarię usługi Serv-U bez potrzeby uwierzytelnienia, wykorzystując Content-Encoding: deflate. W przypadku braku możliwości wdrożenia aktualizacji, dostępne są kroki łagodzące w Centrum Zaufania SolarWinds.
A vulnerability in Cisco Unified Communications Manager and Unified CM SME allows an unauthenticated, remote attacker to perform SSRF attacks. The flaw is due to improper input validation for specific HTTP requests, enabling file writes to the OS and potential privilege escalation to root.
W wielu miejscach istnieje możliwość wykonania kodu z powodu przepełnienia całkowitego. Może to prowadzić do lokalnego podniesienia uprawnień bez potrzeby dodatkowych uprawnień wykonawczych. Wykorzystanie tej podatności nie wymaga interakcji użytkownika.
Mirasvit Full Page Cache Warmer dla Magento 2 przed wersją 1.11.12 zawiera podatność na wstrzykiwanie obiektów PHP, która pozwala nieautoryzowanym atakującym na zdalne wykonanie kodu poprzez dostarczenie spreparowanego zserializowanego obiektu PHP w ciasteczku CacheWarmer. Wykorzystanie nieograniczonego wywołania funkcji PHP unserialize() w połączeniu z łańcuchami gadżetów dostępnymi w Magento i jego zależnościach umożliwia wykonanie dowolnego kodu na serwerze.
A deserialization of untrusted data vulnerability in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
UniFi OS devices have a vulnerability due to improper input validation that can be exploited by a malicious actor with network access to perform Command Injection.
A Path Traversal vulnerability in UniFi OS devices can be exploited by a malicious actor with network access. This allows access to files on the underlying system, which could be manipulated to access an underlying account.
There is an Improper Access Control vulnerability in UniFi OS devices that can be exploited by a malicious actor with network access to make unauthorized changes to the system.

