CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST - in English
CISA KEV catalog updated: (v2026.07.07)
The vulnerability in Avast Antivirus involves the use of stack memory after it has been freed when scanning a malformed Windows PE file, which may lead to a denial-of-service of the antivirus process.
There is an uncontrolled recursion vulnerability in Avast Antivirus when scanning a malformed Windows PE file, which may lead to a Denial-of-Service of the antivirus process.
A vulnerability in MISP allows an authenticated user with event edit permissions to manipulate form data and assign an event to a sharing group they are not authorized to use. The issue occurs in the event editing path that does not enforce proper authorization checks.
An information disclosure vulnerability exists in the MISP AuthKey edit functionality. When a validation error occurs during an AuthKey edit request, the user dropdown was populated using the attacker-controlled AuthKey.user_id value from the submitted request data, allowing enumeration of user email addresses.
MISP contains a reflected cross-site scripting vulnerability in the UiBeta event index view. The urlparams value is inserted into an inline JavaScript handler, allowing an attacker to execute arbitrary JavaScript in the victim's browser.
MISP contains a path traversal vulnerability in OrganisationsController::getOrgLogo. The vulnerable code builds organisation logo file paths using organisation-controlled fields, allowing an attacker to access files outside the intended directory.
A stored XSS vulnerability exists in MISP when the Overmind theme is used. An authenticated user can store an arbitrary homepage value, including an XSS payload, leading to the execution of malicious JavaScript in the browser context.
A flaw in the visibility conditions in the MISP event template builder allowed authenticated non-site-admin users to view galaxies that should not have been visible to their organisation. The use of a PHP comparison expression instead of a query condition resulted in enabled galaxies, including organisation-only custom galaxies, being exposed.
ApostropheCMS, an open-source Node.js content management system, has a vulnerability in sanitize-html that allows dangerous URI schemes like 'javascript:' to pass through in HTML attributes. Versions prior to 2.17.5 do not block these schemes, leading to potential XSS attacks.
Discourse is an open-source discussion platform with a vulnerability in versions from 2026.1.0 to before 2026.1.4, from 2026.3.0 to before 2026.3.1, and from 2026.4.0 to before 2026.4.1. The DetailedTagSerializer#tag_group_names function returned all tag groups a tag belonged to without considering the user's visibility, allowing anonymous and unprivileged users to access the names of tag groups restricted to specific user groups.
Discourse is an open-source discussion platform that has a vulnerability in versions from 2026.1.0 to before 2026.1.4, from 2026.3.0 to before 2026.3.1, and from 2026.4.0 to before 2026.4.1. The MessageBus.publish call for /web_hook_events/<id> in Jobs::RedeliverWebHookEvents did not pass group_ids, allowing any authenticated user (or anonymous user when login_required is disabled) to access the channel.
Discourse, a discussion platform, has a path traversal vulnerability in backup handling that allows an authenticated administrator on one site in a multisite deployment to access backup files of another site. This issue affects versions from 2026.1.0 to before 2026.1.4, from 2026.3.0 to before 2026.3.1, and from 2026.4.0 to before 2026.4.1.
Discourse is an open-source discussion platform that had four authorization/disclosure issues in the chat plugin. Read-only category users could create chat threads, and self-deleted messages could be restored by their authors after channel access was revoked.
ApostropheCMS is an open-source Node.js content management system. Versions up to and including 4.29.0 are vulnerable to stored cross-site scripting via unsanitized user display name in draft version tooltip.
There is a vulnerability in the Discourse discussion platform that allows authenticated users to access hidden parent post content by using the AI 'explain' function on a reply to that post. This issue affects versions from 2026.1.0 to before 2026.1.4, from 2026.3.0 to before 2026.3.1, and from 2026.4.0 to before 2026.4.1.
Discourse is an open-source discussion platform where group owners, who are not necessarily admins or moderators, can view SMTP credentials in plaintext. This affects versions from 2026.1.0 to before 2026.1.4, from 2026.3.0 to before 2026.3.1, and from 2026.4.0 to before 2026.4.1.
A vulnerability in the Discourse discussion platform allows authenticated users outside the configured groups to post into staff-only whisper channels. This issue affects versions from 2026.1.0 to before 2026.1.4, from 2026.3.0 to before 2026.3.1, and from 2026.4.0 to before 2026.4.1.
Discourse is an open-source discussion platform that has a bug in the serialization of the :name attribute in GroupPostSerializer. The issue is that the incorrectly named predicate include_user_long_name? was never called, resulting in object.user.name always being serialized regardless of SiteSetting.enable_names.
Discourse is an open-source discussion platform with a vulnerability in versions from 2026.1.0 to before 2026.1.4, from 2026.3.0 to before 2026.3.1, and from 2026.4.0 to before 2026.4.1. The ReviewableQueuedPostSerializer unconditionally included payload["raw_email"] for posts arriving via email, allowing moderation group members to access the full email source without proper permissions.
Discourse is an open-source discussion platform that, in versions from 2026.1.0 to before 2026.1.4, from 2026.3.0 to before 2026.3.1, and from 2026.4.0 to before 2026.4.1, discloses whisper translation audit logs through bot debug endpoints. This issue has been patched in versions 2026.1.4, 2026.3.1, 2026.4.1, and 2026.5.0-latest.1.

