CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.01)
CVE-2026-44631 describes a buffer underwrite vulnerability in Apache HTTP Server caused by crafted regular expressions in the configuration. It affects versions from 2.4.0 to 2.4.67.
In Flowise, prior to version 3.1.2, a mass assignment vulnerability exists in the variable update endpoint. This allows authenticated users to modify server-controlled properties, potentially breaking tenant isolation in multi-workspace environments.
A path handling issue in mod_dav_fs in Apache 2.4.67 and earlier allows a WebDAV content author to directly manipulate trusted DAV property databases, potentially causing child process crashes.
A Use After Free vulnerability in Apache HTTP Server with mod_ldap in per-directory configuration may lead to unauthorized memory access. This issue affects Apache HTTP Server versions from 2.4.0 through 2.4.67.
A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password.
A vulnerability was identified in Tenda HG7HG9 and HG10 300001138_en_xpon affecting the function formDOMAINBLK in the file /boaform/formDOMAINBLK. Manipulating the argument blkDomain can lead to stack-based buffer overflow.
The WordPress Theme Travelscape version 1.0.3 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by exploiting insufficient validation in the theme's upload functionality. Attackers can upload arbitrary files to the theme directory and execute them to achieve remote code execution on the affected WordPress installation.
WordPress Background Image Cropper version 1.2 contains a remote code execution vulnerability that allows unauthenticated attackers to upload arbitrary files by accessing the ups.php endpoint. Attackers can upload PHP files through the file upload form in the plugin directory to execute arbitrary code on the server.
WordPress Seotheme contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary PHP code by uploading malicious files to the theme directory. Attackers can access the uploaded PHP shell at /wp-content/themes/seotheme/mar.php to execute system commands and upload additional files for persistent access.
Two endpoints in the Vault Service ScriptsController accept file uploads where a user-supplied filename component is used to construct the destination path without validation. This allows arbitrary files to be written to any location writable by the service account.
A path traversal vulnerability exists in the Altium Enterprise Server Collaboration Service due to improper handling of user-supplied filenames. An authenticated user can submit a collaboration message with a crafted filename, allowing arbitrary files to be read from the server filesystem.
Open XDMoD versions prior to 10.0.3 have an SQL injection vulnerability that allows an unauthenticated remote attacker to execute arbitrary SQL statements. Exploitation does not require authentication or user interaction.
OpenXDMoD, an open framework for collecting and analyzing HPC metrics, has a vulnerability that allows an attacker to remotely execute arbitrary system commands on the web server. This affects versions 9.5.0 through 11.0.2 inclusive.
On May 11, 2026, a malicious version of the `guardrails-ai` package (0.10.1) was published on PyPI, potentially affecting users who installed it. Security researchers identified the malicious package within approximately 2 hours, and PyPI took action to quarantine it.
Two path traversal vulnerabilities in the Network Installation Service (NIS) of Altium Enterprise Server allow an unauthenticated network attacker to write arbitrary files to any writable location on the server filesystem and to read package archive files from the server.
Altium Enterprise Server has a vulnerability related to the use of a hard-coded cryptographic key for signing file download URLs. This key is identical across all installations, allowing unauthenticated attackers to forge signatures and retrieve files from the Vault storage area without authentication.
HAX CMS, który zarządza mikrositami z backendami PHP lub NodeJs, ma podatność na przechowywane ataki XSS w wersjach przed 26.0.0. Problem wynika z niewłaściwego oczyszczania komponentu `<video-player>`, który pozwala na użycie URI `javascript:` w atrybucie `source`.
HAX CMS versions prior to 26.0.0 have an authenticated file overwrite vulnerability. An attacker can exploit this vulnerability to configure malicious Git filter commands, leading to code execution on the HAX CMS server.
HAX CMS, which manages microsites with PHP or NodeJs backends, has a stored XSS vulnerability in versions prior to 26.0.0. The issue arises from improper sanitization of `<iframe>` elements, allowing execution of malicious JavaScript.
HAX CMS, który zarządza mikrositami z backendem PHP lub Node.js, przed wersją 26.0.0 zawierał krytyczne błędy w implementacji kryptograficznej w funkcji `hmacBase64()`. Te błędy pozwalały nieautoryzowanym atakującym na wydobycie prywatnego klucza podpisywania systemu oraz fałszowanie tokenów JWT, co umożliwiało pełny dostęp administracyjny za pomocą jednego żądania HTTP.

