CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST - in English

CISA KEV catalog updated: (v2026.07.13)

CVE-2026-34912
Medium

A missing access control check when linking banners or campaigns to a zone through the zone-include.php script of Revive Adserver 6.0.6 and earlier allows a low-privileged user to link their zones to banners or campaigns owned by other managers on the same instance.

CVE-2026-33760
High

Langflow before version 1.9.0 contains an IDOR/BOLA vulnerability in the /api/v1/monitor router. Seven endpoints allow reading, modifying, renaming, or permanently deleting other users' data (messages, sessions, build artifacts, LLM transaction logs) without verifying resource ownership. An attacker only needs to supply the target's resource ID or flow_id.

CVE-2026-13007
High

Tenable Identity Exposure contains multiple unauthenticated API endpoints under /w/api/* that expose sensitive application configuration data including cleartext LDAP credentials, SAML configuration, user accounts, and directory settings. Affected responses are served with Cache-Control: public headers and without Vary: Cookie, allowing reverse proxies and CDNs to cache and serve sensitive data to unauthenticated users.

CVE-2026-12958
High

Missing symlink validation in Language Servers for AWS may allow an arbitrary file write outside of the workspace trust boundary. This may occur when a local user opens a workspace with a maliciously crafted symlink that resolves to a file path outside the workspace trust boundary.

CVE-2026-12957
High

Improper trust boundary enforcement in Language Servers for AWS before version 1.65.0 may allow arbitrary code execution. If a local user opens a maliciously crafted workspace, any commands within the project configuration files may be automatically executed.

CVE-2026-11940
High

A vulnerability in tarfile.extractall() with the 'data' or 'tar' filter can be bypassed by a crafted archive where a hardlink references a symlink stored at a deeper name. The validation checks the symlink at its archived location but recreates it at the hardlink's shallower path, allowing escape from the destination directory.

CVE-2025-61028
High

An issue in the time_t_to_dt component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

CVE-2025-61027
High

An issue in the t_set_push component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

CVE-2025-61025
High

An issue in the sslr_qst_get component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

CVE-2025-61023
High

An issue in the st_compare component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

CVE-2025-61022
High

An issue in the sqlo_tb_col_preds component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

CVE-2025-61021
High

An issue in the sqlo_natural_join_cond component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

CVE-2025-61020
High

An issue in the sqlo_strip_in_join component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

CVE-2025-61019
High

An issue in the sqlo_key_part_best component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

CVE-2025-61018
High

An issue in the sqlo_place_dt_set component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

CVE-2025-13162
Medium

Uncontrolled Search Path Element vulnerability in ABB Control Builder A and ABB 800xA for Advant Master. This affects Control Builder A through 1.4/4 and 800xA for Advant Master through versions 6.0.3-1, 6.1.1-1, 6.1.1-3, 6.2.0-1.

CVE-2026-56696
Medium

The /issue and /pr_comments slash commands in OpenHarness lack remote_invocable=False protection, allowing remote senders to inject attacker-controlled Markdown into project context files.

CVE-2026-56695
Medium

In the OpenHarness ohmo gateway, the /resume and /summary commands have the default remote_invocable set to True, allowing admitted remote senders to enumerate and load arbitrary session snapshots by ID. Attackers can exploit this to access victim snapshots containing private data such as prompts, credentials, and file paths.

CVE-2026-56694
Medium

NanoClaw before version 2.1.0 contains a privilege escalation vulnerability in the channel-registration approval flow where handleChannelApprovalResponse fails to validate admin privileges over target agent groups.

CVE-2026-56693
Medium

NanoClaw before version 2.1.17 contains a privilege escalation vulnerability in the create_agent delivery-action handler that performs privileged central-database writes without host-side authorization checks. Confined agent containers can invoke create_agent to create arbitrary agent groups, container configurations, and destinations, escalating beyond their intended confinement boundary.

PreviousPage 218 of 4549Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS