CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST — in English

CISA KEV catalog updated: (v2026.07.01)

CVE-2026-9265
Critical

Crypt::OpenSSL::PKCS12 versions before 1.96 for Perl allow a heap OOB read in print_attribute for UTF8STRING attributes. The print_attribute() function copies an ASN.1 attribute value into a memory buffer without adding a NUL terminator, leading to unsafe reads of adjacent bytes.

CVE-2026-11551
Critical

The Branda plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to and including 3.4.29. This is due to the plugin not properly validating a user's identity prior to updating their password.

CVE-2026-56081
Critical

Cap-go before version 12.128.2 contains an authentication logic flaw that allows an attacker to register and control an account bound to a victim's email address before that email is verified. By enabling two-factor authentication on the pre-registered account, the attacker can take control of the account claimed under the victim's identity.

CVE-2026-56073
Critical

Cap-go before version 12.128.2 contains an authentication bypass vulnerability in OTP verification that allows attackers to bypass email verification by modifying server responses. Attackers can intercept OTP verification requests and manipulate HTTP responses to falsely mark verification successful.

CVE-2026-48584
Critical

A vulnerability in Azure Synapse allows execution with unnecessary privileges. An authorized attacker can remotely elevate privileges over a network.

CVE-2026-48582
Critical

Missing authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network.

CVE-2026-45480
Critical

Improper authentication in Azure Active Directory allows an unauthorized attacker to elevate privileges over a network.

CVE-2026-48773
Critical

ProxySQL, a proxy for MySQL and PostgreSQL, has a pre-authentication heap memory corruption vulnerability in versions 2.0.18 through 3.0.8. A remote unauthenticated client can declare an oversized first packet length, potentially leading to exploitation of this vulnerability.

CVE-2026-48772
Critical

ProxySQL in versions 2.0.0 through 3.0.8 incorrectly accepts a malformed PROXY protocol header, allowing attackers to spoof source addresses. This leads to a bypass of routing and access control rules, enabling attackers to manipulate queries as if they were trusted users.

CVE-2026-51846
Critical

In Tenda AC7 v15.03.06.44, there is a stack buffer overflow vulnerability in the wanSpeed parameter of the route /goform/AdvSetMacMtuWan, which can lead to remote arbitrary code execution.

CVE-2026-51845
Critical

Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the mac parameter.

CVE-2026-51844
Critical

Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the cloneType parameter.

CVE-2026-51843
Critical

Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the wanMTU parameter.

CVE-2026-9142
Critical

There is an insecure default credentials vulnerability in NI grpc-device when TLS configuration is not present and the server is bound beyond loopback. This may allow an unauthenticated user access to the server on the local network.

CVE-2026-49871
Critical

The CSRF vulnerability in the cas-auth plugin under default configurations allows a remote attacker to authenticate the victim's browser as a different identity. Actions taken by the victim are then attributed to the attacker's identity.

CVE-2026-49230
Critical

The vulnerability related to improper validation of integrity check value in Apache APISIX allows authentication bypass in the jwe-decrypt plugin under default configuration. This issue affects versions from 3.8.0 to 3.16.0.

CVE-2026-48137
Critical

There is an untrusted pointer dereference vulnerability in the NI grpc-device sideband streaming API that may allow an attacker to cause an arbitrary memory dereference, potentially resulting in remote code execution. Successful exploitation requires an attacker to supply a specially crafted Moniker protobuf message.

CVE-2026-44087
Critical

CVE-2026-44087 in Apache APISIX has insufficient verification of data authenticity in the openid-connect plugin, allowing an attacker to spoof identity headers.

CVE-2026-39999
Critical

Authentication Bypass by Spoofing vulnerability in Apache APISIX allows an attacker to completely bypass the authentication process by capitalizing on certain configurations of the jwt-auth plugin. This issue affects Apache APISIX from v2.2 through v3.16.0.

CVE-2025-62821
CriticalEPSS 53%

A vulnerability in Microsoft HEIF Image Extensions version 1.2.22.0 is caused by an out-of-bounds read. The CHEIFItemInfoEntry_GetDataSize function can return success while leaving the data size as 0, resulting in a 1-byte allocation. Subsequently, CopyPixels calculates copy size based on stride and height but does not check the source buffer length before calling memmove.

PreviousPage 21 of 554Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS