CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST — in English

CISA KEV catalog updated: (v2026.07.01)

CVE-2026-58580
Medium

A vulnerability in LobeChat through version 2.2.9 server-database deployments allows broken object-level authorization in MessageModel. The updateMessagePlugin, updatePluginState, updatePluginError, updateTTS, and updateTranslate methods filter target rows by message ID only, omitting the userId scope applied by sibling methods, and findMessagePlugin reads back by ID alone. An authenticated user who knows another user's message identifier can overwrite that victim's plugin tool-call metadata, plugin state/error, text-to-speech, and translation records on the same instance, with tampered content served back to the victim.

CVE-2026-58579
Medium

An XSS vulnerability in RAGFlow before 0.26.3 allows an authenticated user to inject arbitrary JavaScript via the agent pipeline (DSL) node name. The code executes in the session of another workspace member who opens the dataflow result and clicks the rerun button.

CVE-2026-58578
Medium

LobeChat before version 2.2.10-canary.15 contains a ReDoS vulnerability allowing authenticated attackers to block the Node.js event loop by supplying a catastrophic-backtracking pattern in a GitHub repository URL path during skill import. The malicious basePath value is injected into a dynamically constructed regex in the findSkillMd function, causing service denial for tens of seconds per request.

CVE-2026-58381
Medium

A double-free vulnerability was found in GIMP's PSP file format parser in the read_layer_block() function. Processing a specially crafted PSP file can cause memory corruption.

CVE-2025-71385
Medium

Reflected XSS vulnerability in Netdata before 2.3.1 in api/v2/ilove.svg and api/v3/ilove.svg endpoints. An attacker can inject malicious JavaScript via the love parameter, which is reflected in the SVG response without proper encoding. The endpoints are accessible without authentication, allowing remote script execution in the victim's browser.

CVE-2026-54891
Medium

A vulnerability in the Erlang/OTP SSL library (tls_gen_connection module) involves improper enforcement of message integrity during transmission. A network attacker can inject unauthenticated plaintext to a TLS client during the handshake, which after completion is treated by the application as authenticated server data.

CVE-2026-54887
Medium

A vulnerability in the SSL library of the DTLS server in Erlang/OTP uses a default empty cryptographic key for DTLS cookie generation during server startup. This makes cookies predictable, allowing an attacker to bypass source address verification.

CVE-2026-54886
Medium

An infinite loop vulnerability in the ssh_sftpd module of Erlang OTP allows an authenticated SFTP user to permanently block an SFTP channel. By sending extended data (SSH_MSG_CHANNEL_EXTENDED_DATA) with a non-zero type code, the attacker causes the handle_data/4 function to loop indefinitely, preventing further communication on that channel.

CVE-2026-50282
Medium

Craft CMS versions 5.0.0-RC1 through 5.9.21 and 4.0.0-RC1 through 4.17.14 contain an authorization issue where a forced folder move can delete a conflicting destination folder without the required delete permission. The vulnerability is in the actionMoveFolder() function of the AssetsController.

CVE-2026-12166
Medium

A NULL pointer dereference vulnerability in the `GFAC_Sys_x64.sys` driver of Little Orbit GFAC allows a local attacker to cause a denial of service via crafted requests that trigger a system crash.

CVE-2026-58653
Medium

PraisonAI before version 0.1.7 fails to validate that the project_id in issue create and update request bodies belongs to the URL workspace. An attacker can create issues referencing projects from other workspaces, causing cross-tenant data pollution in project statistics aggregation without workspace constraints.

CVE-2026-4772
Medium

A stored Cross-Site Scripting (XSS) vulnerability has been found in TR7 Cyber Defense Inc. WAF-ASP due to improper input neutralization during web page generation. The issue affects versions from v1.0.324.900 before v1.4.0.117.

CVE-2026-4770
Medium

A DOM-Based XSS vulnerability was found in TR7 Cyber Defense Inc. Web Application Firewall due to improper input neutralization during page generation. It affects versions from 1.0.42.239 before 1.4.0.117.

CVE-2026-57764
Medium

The Surbma | Yoast SEO Breadcrumb Shortcode plugin version 1.2 and earlier contains a Contributor Cross Site Scripting (XSS) vulnerability. It allows an attacker to inject malicious JavaScript code into the page.

CVE-2026-57763
Medium

The Structured Content plugin version 1.7.0 and earlier contains a Cross Site Scripting (XSS) vulnerability in the Contributor function. This allows an attacker to inject malicious JavaScript code into the page.

CVE-2026-57762
Medium

The Simple URLs plugin for WordPress version 151 and earlier contains a Stored Cross Site Scripting (XSS) vulnerability. An author can inject a malicious script that will be executed in the browser of an administrator or other user.

CVE-2026-57760
Medium

The Sendcloud Shipping plugin for WordPress has a missing authorization vulnerability, allowing exploitation of incorrectly configured access control security levels. This issue affects versions from n/a through 1.0.29.

CVE-2026-57755
Medium

The Mosaic Gallery – Advanced Gallery plugin version 1.2.0 and earlier contains a Cross Site Scripting (XSS) vulnerability in the Contributor function. It allows an attacker to inject malicious JavaScript code into the page.

CVE-2026-57754
Medium

The Livemesh Addons for WPBakery Page Builder plugin version 3.9.4 and earlier contains a Cross Site Scripting (XSS) vulnerability in the Contributor functionality. This allows an attacker to inject malicious JavaScript code into the page.

CVE-2026-57753
Medium

The Kit (formerly ConvertKit) plugin for WooCommerce versions 2.1.5 and earlier allows unauthenticated attackers to access sensitive data. This vulnerability stems from a lack of proper access controls on data stored by the plugin.

PreviousPage 5 of 489Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS