CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST - in English

CISA KEV catalog updated: (v2026.07.16)

CVE-2026-13474
High

The vulnerability allows a DoS attack via malformed HTTP/2 requests to NetScaler ADC and NetScaler Gateway. It occurs when HTTP/2 is enabled in the HTTP profile and associated with a virtual server (LB, CS, VPN) or a service configured on the device.

CVE-2026-12388
Medium

A flaw in the Identity Provider (IdP) mapper component of Keycloak allows an administrator with limited permissions to assign high-level administrative roles (e.g., realm-admin) to themselves or others by creating a 'Hardcoded Role' mapper. This bypasses security checks and grants full control over the entire realm.

CVE-2026-10817
High

Insufficient input validation in NetScaler ADC and NetScaler Gateway leads to memory overread if the TCP Timestamp is enabled in the TCP Profile and associated with a virtual server (type LB, CS, VPN) or a configured service.

CVE-2026-10816
High

An unauthenticated attacker can read arbitrary files on NetScaler ADC and NetScaler Gateway if access to NSIP, Cluster Management IP, or SNIP with management access is enabled.

CVE-2026-8402
Critical

A Blind SQL Injection vulnerability was found in Eksagate SYSGUARD 6001 due to improper neutralization of special elements in SQL commands. The issue affects versions from 2.0.2 before 6.1.16.0, and the vendor no longer supports the product.

CVE-2026-57082
Medium

The vulnerability in the Net::BitTorrent library for Perl (versions up to 2.0.1) generates the 160-bit Diffie-Hellman private key for the MSE handshake using a non-cryptographic PRNG (rand()). Since random padding is sent in cleartext from the same generator, a passive observer can recover the PRNG state, then the private key and RC4 keys, allowing decryption of the connection.

CVE-2026-57081
High

A vulnerability in the Net::BitTorrent library for Perl (up to version 2.0.1) allows remote memory exhaustion via deeply nested bencoded input. The decoder has no recursion depth limit, causing O(N^2) memory consumption.

CVE-2026-57080
High

A vulnerability in the Net::BitTorrent library for Perl (up to version 2.0.1) allows remote memory exhaustion via an uncapped peer-wire message-length prefix. An attacker peer can send a length prefix up to 4 GiB followed by a byte stream, causing uncontrolled growth of the input buffer.

CVE-2026-57079
Medium

A vulnerability in the Net::BitTorrent library for Perl (up to version 2.0.1) allows writing files outside the download directory via path traversal in peer-supplied metadata. An attacker can exploit the ut_metadata extension (BEP09) to supply file names containing ".." sequences that are not properly validated.

CVE-2026-53692
Medium

Redeight CMS version 1.0 stores user passwords using the MD5 algorithm without a salt. MD5 is a cryptographically broken algorithm and the lack of salting allows attackers to easily reverse the hashes using rainbow tables.

CVE-2026-53691
High

An unrestricted file upload vulnerability in Redeight CMS 1.0 allows authenticated attackers to achieve remote code execution (RCE) via the POST /admin/index.php?module=pages&mode=FileAdd endpoint. The application fails to validate file extensions and MIME types, permitting arbitrary PHP scripts to be uploaded to the /uploads/files/ directory where they are executed by the web server.

CVE-2026-53690
Critical

An SQL Injection vulnerability exists in Redeight CMS version 1.0 via the "userEmail" parameter in the POST "/admin/index.php" login endpoint. The application fails to sanitize user input and directly interpolates it into SQL queries without using prepared statements, allowing unauthenticated remote attackers to execute arbitrary SQL commands and extract sensitive database information.

CVE-2026-41053
High

Incorrect authentication caching in the team membership expansion of the Rancher Github authentication provider caused granting principal access to any logged in user, in 2.13 before 2.13.6 and 2.14 before 2.14.2.

CVE-2026-14162
Critical

A vulnerability in Advantech's Hospital Queuing Management allows unauthenticated remote attackers to access API documentation via a specific URL, leading to sensitive data exposure.

CVE-2026-14161
High

Hospital Quening Management by Advantech has a Sensitive Data Exposure vulnerability, allowing unauthenticated remote attackers to access a specific URL to obtain API documentation.

CVE-2026-13766
Critical

DBIx::QuickORM before version 0.000026 for Perl is vulnerable to SQL injection via unquoted SQL identifiers. The default SQL builder does not set quote_char, causing identifiers to be emitted verbatim into SQL queries.

CVE-2026-54475
High

A missing authorization vulnerability was found in Apache ActiveMQ for temporary destinations. Temporary destinations are expected to be isolated to the connection that created them, but the isolation is only checked on the client side, allowing a different connection to consume from another connection's temporary destination.

CVE-2026-53917
HighEPSS 52%

A vulnerability in Apache ActiveMQ allows an authenticated user to cause a DoS attack on the broker by sending a crafted OpenWire message with an excessive map size value. The lack of size validation during deserialization of message property maps can trigger OOM and crash the broker.

CVE-2026-53916
HighEPSS 52%

A vulnerability in Apache ActiveMQ allows an unauthenticated client to send non-terminating header bytes via STOMP NIO, causing unlimited buffering and JVM heap exhaustion.

CVE-2026-52760
Medium

A Cross-site Scripting (XSS) vulnerability was found in Apache ActiveMQ and its Web Console. The browse page renders a message ID without sanitization, allowing an authenticated producer to send a crafted JMS message ID containing HTML/JavaScript. When an administrator browses the queue, the payload executes in their browser.

PreviousPage 243 of 4691Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS