CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.07)
In Wagtail, an open source CMS built on Django, versions prior to 7.0.8, 7.3.3, and 7.4.2 allow an authenticated admin user to trigger expensive rendition processing with crafted filter specs, potentially causing service degradation. The vulnerability is not exploitable by ordinary site visitors without Wagtail admin access.
In Wagtail, an open source CMS built on Django, versions prior to 7.0.8, 7.3.3, and 7.4.2, the Documents and Images chooser's chosen endpoint incorrectly listed items for which the user has not been granted choose permission. A user with access to the Wagtail admin could see the filename, name, and URLs of documents and images in those collections.
A buffer overflow vulnerability in the UTT nv518G router running firmware version nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service (DoS) via the gohead/sub_448384 component.
SQL Injection vulnerability in UTT nv518G firmware version nv518GV3v3.2.7-210919-161313 allows a remote attacker to execute arbitrary code via the gohead/sub_463bbc component.
An improper input validation in the gazebo_ros_diff_drive.cpp component of gazebo_plugins v3.9.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted geometry_msgs::Twist message.
A NULL pointer dereference vulnerability was found in the AP4_AtomSampleTable::GetSample() function of MPC-BE before commit 4341cb3. An attacker can exploit a crafted MP4 file to cause a Denial of Service (DoS) by crashing the application.
A division-by-zero vulnerability in the CStreamSwitcherOutputPin::DecideBufferSize function of MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file.
An access violation in the BaseSplitterFile::Read function of MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file.
A NULL pointer dereference in the AP4_TkhdAtom::GetTrackId() function of MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file.
In Jodit Editor prior to version 4.12.28, a vulnerability allows bypassing the built-in clean-html sanitizer using a MathML/<style> carrier that hides a dangerous element from the sanitizer's element walk. This results in a no-interaction event handler surviving into the editor value, potentially causing Mutation XSS.
Jodit Editor versions prior to 4.12.26 are vulnerable to Prototype Pollution via the Jodit.modules.Helpers.set() function. An attacker can pass a crafted key chain containing __proto__, constructor, or prototype, leading to Object.prototype modification and injection of unexpected properties.
A stored XSS vulnerability exists in the Tina CMS rich-text component. The URL field in Slate link/image nodes is not sanitized, allowing injection of javascript: or data:text/html URLs. An attacker with content editing privileges can achieve stored XSS that executes when content is viewed by editors or site visitors.
A vulnerability in the Tina headless CMS allows stored XSS and session takeover via unverified postMessage handlers and insufficient URL sanitization in rich-text content. An attacker can forge messages to hijack an authenticated editing session.
The mchange-commons-java library prior to version 0.6.0 has a vulnerability in its JNDI ObjectFactory implementation (JavaBeanObjectFactory) that allows constructing objects of arbitrary classes and initializing their JavaBean-style properties. For certain classes like Swing JEditorPane, this enables HTTP requests to arbitrary URLs, which can be exploited for JNDI injection and deserialization attacks.
Wasmtime prior to versions 24.0.10, 36.0.11, 44.0.3, and 45.0.2 contains a vulnerability in the native WASIp1 implementation where the fd_renumber function fails to properly close the target file descriptor. This causes resource leaks in the host system, potentially leading to exhaustion of file descriptors and resources.
In Jodit Editor prior to version 4.12.18, the Jodit.configure() function and internal ConfigMerge/ConfigProto helpers merged user-supplied options without filtering prototype-mutating keys, leading to a Prototype Pollution vulnerability.
In Silverstripe Framework prior to version 6.2.2, the 'Insert media from web' functionality in the CMS is vulnerable to XSS from a specially crafted embed. This issue was fixed in version 6.2.2.
A Remote Code Execution vulnerability exists in @tinacms/cli prior to version 2.4.3 during the Forestry-to-Tina migration. The addVariablesToCode helper unsafely processes user-supplied label and name fields from .forestry/**/*.yml, allowing arbitrary JavaScript injection into the generated tina/templates.{ts,js} file.
A Use-After-Free vulnerability in Microsoft Edge (Chromium-based) allows an authorized attacker to execute code remotely over a network.
An incorrect authorization vulnerability in GitHub Enterprise Server allowed a user-to-server token scoped to a GitHub App installation to perform write operations on public repositories outside its intended scope. An attacker with a stolen token could create issues, comments, and private vulnerability reports, impersonating the victim without app involvement.

