CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST — in English

CISA KEV catalog updated: (v2026.07.01)

CVE-2026-53691
High

An unrestricted file upload vulnerability in Redeight CMS 1.0 allows authenticated attackers to achieve remote code execution (RCE) via the POST /admin/index.php?module=pages&mode=FileAdd endpoint. The application fails to validate file extensions and MIME types, permitting arbitrary PHP scripts to be uploaded to the /uploads/files/ directory where they are executed by the web server.

CVE-2026-41053
High

Incorrect authentication caching in the team membership expansion of the Rancher Github authentication provider caused granting principal access to any logged in user, in 2.13 before 2.13.6 and 2.14 before 2.14.2.

CVE-2026-14161
High

Hospital Quening Management by Advantech has a Sensitive Data Exposure vulnerability, allowing unauthenticated remote attackers to access a specific URL to obtain API documentation.

CVE-2026-54475
High

A missing authorization vulnerability was found in Apache ActiveMQ for temporary destinations. Temporary destinations are expected to be isolated to the connection that created them, but the isolation is only checked on the client side, allowing a different connection to consume from another connection's temporary destination.

CVE-2026-53917
HighEPSS 52%

A vulnerability in Apache ActiveMQ allows an authenticated user to cause a DoS attack on the broker by sending a crafted OpenWire message with an excessive map size value. The lack of size validation during deserialization of message property maps can trigger OOM and crash the broker.

CVE-2026-53916
HighEPSS 52%

A vulnerability in Apache ActiveMQ allows an unauthenticated client to send non-terminating header bytes via STOMP NIO, causing unlimited buffering and JVM heap exhaustion.

CVE-2026-50750
High

A vulnerability in Apache ActiveMQ allows an unauthenticated attacker to cause Out of Memory (OOM) by sending repeated BrokerInfo commands without ConnectionInfo, leading to broker crash.

CVE-2026-50734
HighEPSS 52%

A vulnerability in Apache ActiveMQ allows an unauthenticated attacker to remotely cause a Denial of Service (DoS) of the broker by sending a crafted WireFormatInfo frame with a maliciously large size value. The lack of validation leads to memory allocation attempts during pre-auth negotiation, potentially causing an Out-of-Memory (OOM) condition and broker crash.

CVE-2026-49877
High

An improper authorization vulnerability was found in Apache ActiveMQ. By default, an authenticated low-privilege Web Console user can access /admin/* paths, which should be restricted to admins. The issue is caused by incorrect default Jetty settings.

CVE-2026-49434
High

An improper input validation vulnerability in Apache ActiveMQ allows an attacker with LDAP access to instantiate denied transports within the broker JVM. This can be exploited to fetch a malicious URL and spawn a second BrokerService in the same JVM.

CVE-2026-49432
HighEPSS 53%

An improper input validation vulnerability exists in Apache ActiveMQ's STOMP protocol. A remote unauthenticated attacker can send a negative content-length header, causing denial-of-service (DoS). For NIO STOMP transport, this leads to out-of-memory (OOM), while for blocking STOMP it causes connection errors and closure.

CVE-2026-8141
High

The Ajax Load More - Filters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'taxonomy_include_children' parameter in all versions up to and including 3.4.1 due to insufficient input sanitization and output escaping.

CVE-2026-13149
High

A vulnerability in the brace-expansion library up to version 5.0.6 allows a DoS attack via a crafted string. The expand() function has exponential-time complexity when processing many consecutive non-expanding '{}' brace groups. An attacker can cause significant CPU consumption and event-loop blocking.

CVE-2026-10763
High

The vulnerability in PROMOD V is due to the use of insecure HTTP instead of HTTPS. The issue originates from the Digipede server lacking HTTPS support.

CVE-2025-7406
High

A vulnerability in Nokia MantaRay NM allows a local attacker with local admin privileges to escalate to full root privileges on the host. Successful exploitation results in root-level filesystem access and the ability to execute actions as root.

CVE-2025-24815
High

Nokia MantaRay NM is subject to an unrestricted file upload vulnerability due to insufficient file type validation. Successful exploitation could allow an authenticated attacker to upload malicious files onto the system.

CVE-2026-12578
High

The vulnerability allows deserialization of untrusted data, which may enable an attacker to execute arbitrary code.

CVE-2026-56808
HighEPSS 72%

The DGM3103SCT device from AVTECH Security Corporation contains an OS command injection vulnerability. A user who can log in to the web management console can execute arbitrary commands with root privileges.

CVE-2026-56137
High

RPG MAKER MV and MZ from Gotcha Gotcha Games Inc. contain an OS command injection vulnerability. Loading a specially crafted save file may execute arbitrary OS commands.

CVE-2026-14164
High

A double free vulnerability has been found in libarchive's RAR5 reader. During processing of a specially crafted RAR5 archive, the filtered_buf pointer may become stale after being freed during unpacking state reinitialization. Subsequent processing of another archive entry can trigger a second free of the same memory region, resulting in a double-free condition.

PreviousPage 31 of 3336Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS