CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST — in English

CISA KEV catalog updated: (v2026.07.07)

CVE-2026-20257
Medium

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user can craft a classic dashboard that exfiltrates sensitive data from the browser of a higher-privileged user who views it. The issue arises from the lack of full validation of style attribute values in classic dashboard panels.

CVE-2026-20256
Medium

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user can cause data exfiltration through classic dashboards by redirecting a victim to an external site using a protocol-relative URL in a drill-down link.

CVE-2026-20255
Medium

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user can craft a malicious classic dashboard that exfiltrates sensitive data to an external server.

CVE-2026-20254
Medium

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user can craft a malicious dashboard that exfiltrates sensitive data to an external server when a higher-privileged user views it, exploiting a validation flaw in the Trusted Domains security check.

CVE-2026-11596
Medium

In ScreenConnect™ versions prior to 26.2, input validation within the Host Pass creation functionality could allow an authenticated user with Host Pass creation privileges to specify a token expiration duration beyond the intended maximum when generating delegated access tokens.

CVE-2026-46616
Medium

Umbraco is an ASP.NET CMS. Prior to versions 13.14.0 and 17.4.0, some Surface Controllers in the CMS fail to validate redirect URLs, making Razor templates that derive 'RedirectUrl' from user-controlled query parameters vulnerable to malicious redirect attacks.

CVE-2026-46609
Medium

Umbraco is an ASP.NET CMS. Authenticated users can inject HTML into an input field, which is rendered in the confirmation dialog without proper output encoding.

CVE-2026-53698
Medium

Silverpeas through 6.4.6 mishandles the 'Personal space' feature when no componentId is set.

CVE-2026-53693
Medium

A stored cross-site scripting (XSS) vulnerability exists in the tag rendering code of MISP BSimVis. Several client-side rendering paths interpolate tag names, collection names, entity identifiers, cluster names, and tag metadata without appropriate context, allowing attackers to inject malicious code.

CVE-2026-49760
Medium

A stack-based buffer overflow vulnerability in Erlang OTP (erl_interface) allows for stack buffer overflow. The issue occurs in the ei_s_print_term function, which uses an internal 2000-character stack buffer to format terms.

CVE-2026-48860
Medium

A vulnerability relying on IP Address for Authentication in the inet_tls_dist module of Erlang/OTP allows unauthenticated bypass of the LAN allowlist for TLS distribution. The inet_tls_dist:check_ip/1 function incorrectly uses inet:sockname/1, leading to always successful subnet mask comparisons.

CVE-2026-48859
Medium

Observable Timing Discrepancy vulnerability in Erlang/OTP ssh allows unauthenticated remote username enumeration via timing side-channel in password authentication. The timing difference in responses for valid and invalid usernames enables an attacker to distinguish them in a single authentication attempt.

CVE-2026-48858
Medium

A Server-Side Request Forgery (SSRF) vulnerability in the Erlang/OTP ftp_internal module allows FTP bounce attacks and SSRF via an unvalidated PASV response IP address. The PASV handler does not validate the IP address, allowing a malicious FTP server to redirect the client's data connection to an arbitrary internal host and port.

CVE-2026-48856
Medium

Sensitive Data Exposure vulnerability in the httpc_response module of Erlang OTP allows retrieving embedded sensitive data. The httpc client forwards the Authorization and Proxy-Authorization request headers to redirect targets without checking whether the redirect crosses an origin boundary.

CVE-2026-48855
Medium

A vulnerability in the ssh_sftpd module of Erlang OTP allows the exposure of sensitive information through file discovery. An authenticated SFTP client can create a symlink that reveals the absolute path to the SFTP root directory.

CVE-2026-48096
Medium

OpenFGA, an authorization engine, prior to version 1.16.0, had an issue with iterator caching where two distinct check requests could produce the same cache key. This led to the reuse of an earlier cached result for a subsequent request.

CVE-2026-45566
Medium

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache, and Keepalived servers. In versions 8.2.6.4 and prior, the login flow improperly handles URLs, allowing for an open redirect attack.

CVE-2026-7516
Medium

A vulnerability was identified in the Lenovo Android Application, distributed exclusively on tablets in the Chinese market, that could allow a website visited by the built-in browser to overwrite system clipboard contents.

CVE-2026-45563
Medium

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache, and Keepalived servers. In versions 8.2.6.4 and prior, the server_ip path parameter in GET /history/<service>/<server_ip> is reused as a user-id when service == 'user', with no authorization check.

CVE-2026-45561
Medium

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache, and Keepalived servers. In versions 8.2.6.4 and prior, the /smon/agent/{version,uptime,status,checks}/<server_ip> family of routes takes the URL path component verbatim, which may lead to unauthorized access.

PreviousPage 123 of 540Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS