CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST — in English

CISA KEV catalog updated: (v2026.07.01)

CVE-2026-4967
High

In IMS, a vulnerability allows out-of-bounds read due to missing bounds check. This could lead to remote denial of service without requiring additional execution privileges.

CVE-2026-14352
High

The AR for WooCommerce plugin for WordPress up to version 8.40 is vulnerable to Directory Traversal via the 'file' parameter. Unauthenticated attackers can read arbitrary files on the server, including sensitive information, because three access controls fail: nonces are generated without authentication, the AES-256-CBC encryption key is predictable (derived from 'ar_licence_key' option, which defaults to false), and the Referer check is easily bypassed.

CVE-2026-13040
High

The NEX-Forms plugin for WordPress up to version 9.2.2 is vulnerable to Stored Cross-Site Scripting via the 'real_val__' parameter due to insufficient input sanitization and output escaping. Unauthenticated attackers can inject arbitrary web scripts that execute when users access affected pages.

CVE-2026-8921
High

A vulnerability in ASUS Business Manager allows a local user to execute arbitrary code with SYSTEM privileges via a tampered IPC message. The issue stems from external control of file name or path.

CVE-2022-4990
High

The ASUS AI Suite 3 driver contains a vulnerability due to improper validation of specified quantity in input, allowing a local user to bypass security and access restricted memory blocks via crafted IOCTL requests, leading to privilege escalation.

CVE-2022-4989
High

The ASUS AI Suite 3 driver lacks proper validation of specified quantity in input, allowing a local user to access unintended memory regions via crafted IOCTL requests. This vulnerability leads to privilege escalation.

CVE-2026-14327
High

The AR for WordPress plugin up to version 8.40 is vulnerable to Directory Traversal via the 'file' parameter. An unauthenticated attacker can read arbitrary files on the server, potentially exposing sensitive information.

CVE-2026-8247
High

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS allows an unauthenticated attacker on the same local network segment to execute arbitrary code.

CVE-2026-13722
High

A vulnerability in WatchGuard Fireware OS allows bypassing firmware validation when processing a backup image via the backup/restore feature. An authenticated administrator can exploit this to install a tampered firmware image.

CVE-2026-13384
High

An Out-of-bounds Write vulnerability in the wgagent process of WatchGuard Fireware OS allows an authenticated privileged user to execute arbitrary code via specially crafted requests to the Management Web UI. This affects Fireware OS versions 12.1 through 12.12 and 2025.1 through 2026.2.

CVE-2026-13383
High

An Out-of-bounds Write vulnerability in the WatchGuard Fireware OS ikestubd process allows an authenticated privileged user to execute arbitrary code via specially crafted requests to the Management Web UI.

CVE-2026-13084
High

A null pointer dereference vulnerability in WatchGuard Fireware OS allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition by sending specially crafted IKEv2 messages. This affects both Mobile User VPN with IKEv2 and Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.

CVE-2026-13079
High

A local privilege escalation vulnerability in the WatchGuard Mobile VPN with SSL client for Windows allows a local attacker to escalate their privileges to NT AUTHORITY\SYSTEM on the machine where the client is installed. This issue affects the Mobile VPN with SSL client for Windows up to and including version 2026.2.

CVE-2026-13054
High

A path traversal vulnerability in the WatchGuard Fireware OS Management Web UI allows a privileged authenticated attacker to write arbitrary files on the Firebox's filesystem. Affected versions: Fireware OS 11.0 up to 11.12.4_Update1, 12.0 up to 12.12, and 2025.1 up to 2026.2.

CVE-2026-13053
High

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS's CLI allows an authenticated privileged user to execute arbitrary code via a specially crafted CLI command.

CVE-2026-13050
High

An Out-of-bounds Write vulnerability in the networkd process of WatchGuard Fireware OS allows an authenticated privileged user to execute arbitrary code via specially crafted requests to the Management Web UI. This affects Fireware OS versions 11.8 up to 11.12.4_Update1, 12.0 up to 12.12, and 2025.1 up to 2026.2.

CVE-2026-54998
High

A vulnerability in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network due to incorrect authorization.

CVE-2026-50722
High

In Libreswan, the function RSA_authenticate_hash_signature_pkcs1_1_5_rsa() incorrectly verifies the DER encoding of the ASN.1 digest when processing IKEv2 AUTH payloads using RSASSA-PKCS1-v1_5. A remote attacker can exploit a Bleichenbacher-style attack to forge the AUTH payload when small public exponents (e.g., e=3) are used, leading to impersonation. Additionally, encoding a shorter-than-expected hash in the AUTH payload can trigger an assertion causing denial-of-service.

CVE-2026-50721
High

In Libreswan, the function RSA_authenticate_hash_signature_raw_rsa() did not properly verify the length of the authentication hash when processing IKEv1 packets with PKCS #1 RSA Encryption (RFC 2313). A remote attacker can use a variation of the Bleichenbacher attack to forge the SIG payload when small public exponents are used (e.g., e=3), leading to impersonation. Additionally, sending a shorter-than-expected hash in the SIG payload can trigger an assertion and daemon restart, causing denial of service.

CVE-2026-12413
High

An invalidly formatted IKEv2 fragment causes the Libreswan pluto daemon to crash and restart due to an off-by-one error in the PASSERT assertion. Continued exploitation leads to denial of service. IKEv1 is not affected.

PreviousPage 5 of 3296Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS