CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST - in English
CISA KEV catalog updated: (v2026.07.15)
Mbed TLS w wersjach od 3.3.0 do 3.6.5 oraz w wersji 4.0.0 umożliwia obniżenie poziomu algorytmu. Atakujący może wykorzystać tę podatność do wymuszenia użycia słabszych algorytmów kryptograficznych.
A vulnerability in the Metadata update feature of Cisco Nexus Dashboard Insights allows an authenticated, remote attacker to write arbitrary files to the system. The issue is due to insufficient validation of the metadata update file.
A vulnerability in the configuration backup feature of Cisco Nexus Dashboard could allow an attacker who has the encryption password and access to Full or Config-only backup files to access sensitive information. This issue exists because authentication details are included in the encrypted backup files.
Multiple stored cross-site scripting (XSS) vulnerabilities were discovered in the submit_add_user.asp endpoint of DDSN Interactive Acora CMS v10.7.1. Attackers can inject malicious JavaScript or HTML payloads into the First Name and Last Name parameters, leading to script execution in other users' browsers.
OpenViking versions 0.2.5 through 0.2.13 contain a missing authentication vulnerability in the bot proxy router that allows remote unauthenticated attackers to access protected bot proxy functionality by sending requests to the POST /bot/v1/chat and POST /bot/v1/chat/stream endpoints. Attackers can bypass authentication checks and interact directly with the upstream bot backend through the OpenViking proxy without providing valid credentials.
In the Linux kernel KVM subsystem for x86, a vulnerability was found where an existing shadow-present SPTE is not dropped before installing an emulated MMIO SPTE. This can cause a warning and potential misbehavior when host userspace modifies guest memory.
Wykorzystanie po zwolnieniu pamięci w CSS w Google Chrome przed wersją 146.0.7680.178 umożliwia zdalnemu atakującemu wykonanie dowolnego kodu wewnątrz piaskownicy za pomocą spreparowanej strony HTML.
Buffer Over-read vulnerability in RTI Connext Professional (Core Libraries) allows Overread Buffers. This issue affects Connext Professional from 7.4.0 before 7.7.0, from 7.0.0 before 7.3.1.1, from 6.1.0 before 6.1.2.34, from 6.0.0 before 6.0.*, from 5.3.0 before 5.3.*, and from 4.3x before 5.2.*.
MCP Java SDK, the official Java SDK for Model Context Protocol servers and clients, had a hardcoded wildcard CORS vulnerability prior to versions 0.83.0, 1.0.1, and 1.1.1. This issue has been patched in the mentioned versions.
In the Moby (Docker) framework prior to version 29.3.1, a vulnerability allows bypassing plugin privilege validation during installation. An error in the daemon's privilege comparison logic may cause it to accept a privilege set different from the one approved by the user, and for plugins requesting exactly one privilege, no comparison is performed at all.
In FreeRDP before version 3.24.2, a vulnerability in progressive_decompress_tile_upgrade() does not halt execution after detecting a mismatch, only logging a warning. Using a wrapped value (247) as a shift exponent causes undefined behavior and an approximately 80 billion iteration loop, resulting in CPU denial of service (DoS).
DDSN Interactive cm3 Acora CMS version 10.7.1 contains an improper access control vulnerability. An editor-privileged user can access sensitive configuration files by force browsing the “/Admin/file_manager/file_details.asp” endpoint and manipulating the “file” parameter. By referencing specific files (e.g., cm3.xml), the attacker can retrieve system administrator credentials, SMTP settings, database credentials, and other confidential information.
Multiple stored cross-site scripting (XSS) vulnerabilities were found in the Edit feature of the Software Package List page in IngEstate Server v11.14.0. Attackers can inject malicious payloads into the About application, What's news, or Release note parameters, leading to arbitrary script or HTML execution.
A vulnerability in BTstack prior to version 1.8.1 allows an out-of-bounds read in the AVRCP Browsing Target GET_FOLDER_ITEMS handler due to missing packet boundary and attribute count validation. A paired Bluetooth Classic attacker can trigger crashes and corrupt attribute bitmap state.
A flaw was found in libsoup that allows sensitive session cookies to be transmitted in cleartext during the establishment of HTTPS tunnels through a configured HTTP proxy. Attackers can intercept these cookies, leading to potential session hijacking or user impersonation.
W jądrze systemu Linux zidentyfikowano podatność, która została naprawiona. Problem dotyczy możliwego wycieku pamięci w wyrażeniu stanowym w ścieżce błędu, gdy klonowanie drugiego wyrażenia stanowego nie powiedzie się.
A vulnerability in Appsmith versions prior to 1.98 exposes sensitive instance management API endpoints without authentication. Unauthenticated attackers can query endpoints like /api/v1/consolidated-api/view and /api/v1/tenants/current to retrieve configuration metadata, license information, and unsalted SHA-256 hashes of admin email domains.
OpenBao versions prior to 2.5.2 with OIDC/JWT authentication enabled and a role configured with `callback_mode=direct` are vulnerable to XSS via the `error_description` parameter on the failed authentication page. An attacker can steal the token used in the Web UI by a victim.
In Blog.Core up to version bcb4d17, the getinfobytoken API interface has improper access control leading to sensitive data exposure. Unauthorized parties can obtain sensitive administrator account information via a valid token, threatening system security.
A testdata data-source can be used to trigger out-of-memory crashes in Grafana.

