CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST - in English

CISA KEV catalog updated: (v2026.07.15)

CVE-2026-35016
Medium

Open ISES Tickets before version 3.44.2 contains a reflected cross-site scripting vulnerability in search.php. It allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the frm_query POST parameter directly into an HTML input field VALUE attribute.

CVE-2026-35015
Medium

Open ISES Tickets before version 3.44.2 contains a reflected cross-site scripting vulnerability in do_unit_mail.php. It allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the the_ticket GET parameter directly into a JavaScript variable assignment.

CVE-2026-35014
Medium

Open ISES Tickets before version 3.44.2 contains a reflected cross-site scripting vulnerability in routes_nm.php. It allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the ticket_id GET parameter directly into a hidden input field VALUE attribute.

CVE-2026-35013
Medium

Open ISES Tickets before version 3.44.2 contains a reflected cross-site scripting vulnerability in street_view.php. It allows authenticated attackers to inject arbitrary JavaScript by passing unsanitized values through the thelat and thelng GET parameters directly into JavaScript variable assignments.

CVE-2026-35012
Medium

Open ISES Tickets before version 3.44.2 contains a reflected cross-site scripting vulnerability in add_facnote.php. It allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the ticket_id GET parameter directly into a hidden input field VALUE attribute.

CVE-2026-35011
Medium

Open ISES Tickets before version 3.44.2 contains a reflected cross-site scripting vulnerability in opena.php. It allows authenticated attackers to inject arbitrary JavaScript via an unsanitized frm_call GET parameter that is directly output to the page.

CVE-2026-35010
Medium

Open ISES Tickets before version 3.44.2 contains a reflected cross-site scripting vulnerability in patient_JF.php. It allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the ticket_id GET parameter directly into a JavaScript variable assignment.

CVE-2026-35009
Medium

Open ISES Tickets before version 3.44.2 contains a reflected cross-site scripting vulnerability in add_note.php. It allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the ticket_id GET parameter directly into a hidden input field VALUE attribute.

CVE-2026-35008
Medium

Open ISES Tickets before version 3.44.2 contains a reflected cross-site scripting vulnerability in single.php. An authenticated attacker can inject arbitrary JavaScript by passing an unsanitized value through the ticket_id GET parameter directly into an HTML attribute.

CVE-2026-35007
Medium

Open ISES Tickets before version 3.44.2 contains a reflected cross-site scripting vulnerability in single_unit.php. An authenticated attacker can inject arbitrary JavaScript by passing an unsanitized value through the id GET parameter directly into an HTML attribute.

CVE-2026-9087
Medium

A flaw was found in Keycloak where the cross-session verification proof is keyed only by (local userId, idpAlias) and is not bound to the upstream identity that was actually verified, allowing a second upstream account on the same IdP to consume it and get linked to the victim's local account.

CVE-2026-20199
Medium

A vulnerability in SSL certificate handling of Cisco ThousandEyes Virtual Appliance allows an authenticated remote attacker to execute code as root on the underlying OS. The issue is due to insufficient input validation.

CVE-2026-4293
Medium

The affected Kieback & Peter DDC building controllers are vulnerable to cross-site scripting, allowing JavaScript to be executed by the victim's browser, enabling the attacker to control the browser.

CVE-2026-44390
Medium

A vulnerability in Unbound DNS server up to version 1.25.0 allows an attacker to perform a DoS attack by querying for records with very large RRsets that do not share a suffix above the root. Unbound may lock the CPU during name compression for such responses, leading to performance degradation and denial of service.

CVE-2026-42534
Medium

In Unbound up to version 1.25.0 inclusive, a vulnerability in the jostle logic can degrade resolution performance. Retransmitted queries renew the age of slow queries, preventing their replacement with new ones. An adversary querying a vulnerable Unbound and controlling a slow/malicious DNS server can exploit this to degrade performance.

CVE-2026-43620
Medium

A vulnerability in rsync 3.4.2 and earlier allows a malicious server to intentionally trigger a SIGSEGV crash in the rsync client. The issue is in recv_files() in receiver.c, where an out-of-bounds array read leads to dereferencing an invalid pointer.

CVE-2026-43619
Medium

A vulnerability in rsync 3.4.2 and earlier allows local attacks via symlink race conditions. An attacker can swap symlinks in the timing window between path resolution and syscall execution, enabling operations on files outside the exported rsync module.

CVE-2026-43617
Medium

A vulnerability in rsync 3.4.2 and prior allows bypassing hostname-based access control in the rsync daemon when chroot is configured. Attackers can control the PTR record of their source IP to connect from a hostname that administrators intended to deny when reverse DNS fails and defaults to UNKNOWN.

CVE-2026-42526
Medium

In the AWS Secrets Manager and SSM Parameter Store secrets backends of `apache-airflow-providers-amazon` prior to 9.28.0, the team-scoping logic could resolve a `conn_id` containing a `/` (e.g. `"my_team/conn"`) to the same path as another team's team-scoped secret when the caller had no team context. A privileged caller without team context could therefore retrieve another team's secret by crafting a colliding `conn_id`.

CVE-2026-34154
Medium

Discourse to otwartoźródłowa platforma dyskusyjna. W wersjach przed 2026.1.4, 2026.3.1, 2026.4.1 i 2026.5.0-latest.1, występowała podatność w wtyczce discourse-subscriptions, która pozwalała użytkownikom uzyskać dostęp do grup objętych subskrypcją bez dokonania płatności. Problem został naprawiony w wymienionych wersjach.

PreviousPage 265 of 603Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS