CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST — in English

CISA KEV catalog updated: (v2026.07.01)

CVE-2026-13331
Medium

The Groundhogg plugin for WordPress (CRM, newsletters, and marketing automation) in versions up to and including 4.5.5 is vulnerable to generic SQL injection via the 'search' parameter. This is due to insufficient escaping of user-supplied input and lack of proper preparation of SQL queries.

CVE-2026-11356
Medium

The Ivory Search WordPress plugin up to version 5.5.15 is vulnerable to stored XSS via the 'menu_title' and 'menu_magnifier_color' settings due to insufficient input sanitization and output escaping.

CVE-2025-59868
Medium

A vulnerability in HCL Traveler for Microsoft Outlook (HTMO) allows unauthorized access to sensitive application data, which could be exploited by an attacker to launch further attacks and cause unexpected application behavior.

CVE-2026-53577
Medium

In Kestra prior to versions 1.0.45 and 1.3.21, the previewFileFromExecution endpoint (GET /api/v1/{tenant}/executions/{executionId}/file/preview) contains an access control bypass that allows any authenticated user to read output files from any other execution within the same tenant, bypassing execution-level and namespace-level isolation.

CVE-2026-50767
Medium

A stored cross-site scripting (XSS) vulnerability in Koha Library Management System versions 0 through 25.11 allows an authenticated remote attacker with admin privileges to inject arbitrary scripts via the item type check-in message field.

CVE-2026-50766
Medium

A stored cross-site scripting (XSS) vulnerability in the OPAC item detail page of Koha Library Management System versions 0 through 25.11 allows an authenticated remote attacker with edit_items permission to inject arbitrary web scripts via the item public notes field (items.itemnotes).

CVE-2026-50765
Medium

A stored cross-site scripting (XSS) vulnerability was discovered in the patron restriction type administration page of Koha Library Management System versions 0 through 25.11. It allows an authenticated remote attacker with administrator privileges to inject arbitrary web scripts via the restriction type label (display_text field).

CVE-2026-38571
Medium

In the unauthenticated UART debug console of the Tenda N300 F3 (V603) router, WPA2 credentials are stored and exposed in cleartext, and the rr/wr memory read/write commands lack authentication. A physically proximate attacker can obtain these credentials and arbitrarily read or write memory via the serial port.

CVE-2026-36908
Medium

A stack overflow vulnerability was found in the AP4_Array<AP4_TrunAtom::Entry>::EnsureCapacity component of Bento4 before version 1.8.9. Attackers can exploit this by providing a crafted MP4 file, causing a Denial of Service (DoS).

CVE-2026-36907
Medium

A stack overflow vulnerability in the AP4_StsdAtom::AP4_StsdAtom component of Bento4 before version 1.8.9 allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file.

CVE-2026-52885
Medium

In Notepad++ prior to 8.9.6.4, a TOCTOU vulnerability exists in handling shortcuts.xml. The HMAC check occurs at command execution time, but the command payload is taken from memory that is not synchronized with the disk file. An attacker can swap the file before launch and restore it afterward, allowing malicious commands to execute.

CVE-2026-48770
Medium

Notepad++ prior to version 8.9.6.1 contains a vulnerability in handling WM_COPYDATA messages. A local process in the same Windows session can send a malformed message that does not enforce data length checking, potentially leading to a buffer overflow.

CVE-2026-39031
Medium

The vulnerability in Lansweeper lsrunase 2.0 and lsencrypt 2.0 uses RC4 encryption with a hardcoded 142-byte static key. An 8-character prefix is stored in cleartext alongside the ciphertext, allowing a local attacker to recover any encrypted password to plaintext without brute force.

CVE-2024-23581
Medium

HCL Traveler for Microsoft Outlook libraries are being falsely flagged as potentially malicious software or an unrecognized application. This may prevent installation or execution of the software by security systems.

CVE-2026-55838
Medium

In RustFS version 1.0.0-beta.7 and earlier, the real-time metrics endpoint /rustfs/admin/v3/metrics is accessible to any valid IAM user regardless of their assigned policy. The validate_admin_request call is missing, allowing restricted users to read sensitive cluster-wide operational data.

CVE-2026-53324
Medium

In the Linux kernel, the MANA network driver (Microsoft Azure Network Adapter) had a vulnerability due to incorrect debugfs directory naming. The previous approach used a hardcoded "0" for Physical Functions (PFs) and pci_slot_name() for Virtual Functions (VFs), leading to race conditions and potential memory leaks. The fix replaces these with the unique BDF identifier returned by pci_name().

CVE-2026-53323
Medium

A vulnerability in the Linux kernel's DSA (Distributed Switch Architecture) drivers causes a deadlock when running ethtool operations on the conduit (master) interface. The issue stems from redundant netdev_lock_ops calls in DSA wrappers, leading to system hang.

CVE-2026-53321
Medium

In the Linux kernel's io_uring/napi subsystem, there was no cap on the maximum NAPI polling time, potentially causing task hangs and kernel preemption complaints. A 10 ms limit was added to prevent these issues.

CVE-2026-53320
Medium

In the Linux kernel, a vulnerability was found in the nilfs2 filesystem where the nilfs_ioctl_mark_blocks_dirty() function fails to reject a zero bd_oblocknr value. An attacker can send a crafted ioctl request with bd_oblocknr set to 0, bypassing the dead block check and calling nilfs_bmap_mark() on a non-existent block, triggering a WARN_ON and potentially causing system disruption.

CVE-2026-53319
Medium

In the Linux kernel, the WARN_ON_ONCE in wbt_init_enable_default() was removed because it triggered false alarms on expected memory allocation or writeback throttling registration failures. The disk simply operates without throttling, which is harmless.

PreviousPage 47 of 536Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS