CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.07)
An undocumented configuration export port is accessible on some models of ZKTeco CCTV cameras. This port does not require authentication and exposes critical information about the camera such as open services and camera account credentials.
CVE-2026-8467 allows unauthenticated remote code execution in the phenixdigital phoenix_storybook application due to unsanitized attribute value interpolation in HEEx template generation.
CVE-2026-22314 describes an improper control of code generation vulnerability that allows code execution on other users' systems in the Mesalvo Meona Client Launcher and Meona Server components.
In Unbound 1.19.1 up to 1.25.0, a vulnerability in the DNSSEC validator allows denial of service and potential remote code execution. The bug occurs due to improper deep copying of a data structure, overwriting the destination pointer with the source pointer. After sub-query memory is freed, the resumed validator dereferences a dangling pointer, causing a crash or potentially enabling arbitrary code execution.
SureCart versions prior to 4.2.1 are vulnerable to authenticated SQL injection via multiple parameters on the REST API endpoint '/surecart/v1/integrations/{id}'. The issue stems from a flawed escaping bypass in the query builder.
NextGEN Gallery versions prior to 4.2.1 are vulnerable to authenticated SQL injection via the 'orderby' parameter on the REST API endpoints '/imagely/v1/galleries' and '/imagely/v1/albums'. The issue stems from an insufficient sanitization function in the data mapper layer.
The Boost plugin for WordPress is vulnerable to PHP Object Injection in versions up to and including 2.0.3 via deserialization of untrusted input in the STYXKEY-BOOST_USER_LOCATION cookie. This allows unauthenticated attackers to inject a PHP Object.
NVIDIA Triton Inference Server contains a vulnerability that allows an attacker to bypass authentication. A successful exploit may lead to code execution, privilege escalation, data tampering, denial of service, or information disclosure.
The Easy Elements for Elementor – Addons & Website Templates plugin for WordPress is vulnerable to privilege escalation via user registration in all versions up to and including 1.4.4. The 'easyel_handle_register' function does not restrict user roles, allowing unauthenticated attackers to assign the 'administrator' role during registration.
The ProSolution WP Client plugin for WordPress is vulnerable to Arbitrary File Upload in versions up to and including 2.0.0. This is due to an array validation mismatch where only the first file in the upload array undergoes extension and MIME type validation, while all files are processed and uploaded to a web-accessible directory.
A missing authorization vulnerability in Drupal Date iCal allows for forceful browsing.
CtrlPanel is open-source billing software for hosting providers, which in versions 1.1.1 and prior is vulnerable to unauthenticated Remote Code Execution (RCE) due to improper install.lock checking. This allows an attacker to execute arbitrary commands on the server.
In versions 0.46.2 and below, the handle_compose_command() function in kitty/graphics.c performs bounds validation on composition offsets, potentially leading to Heap Buffer Over-Read/Write. An attacker can exploit this by supplying crafted x_offset/y_offset values that pass the bounds check after wrapping but cause massive out-of-bounds heap memory access.
In ScadaBR version 1.2.0, a Use of Hard-Coded Credentials vulnerability could allow an attacker to access the SCADA system as admin.
In ScadaBR version 1.2.0, an OS Command Injection vulnerability could allow an attacker to execute commands as root on the SCADA system.
In ScadaBR version 1.2.0, a Missing Authentication for Critical Function vulnerability could allow an unauthenticated attacker to send HTTP GET requests to the SCADA system and inject arbitrary sensor readings.
CVE-2026-36829 describes an authentication bypass vulnerability in the embedded HTTP server of the Panabit PAP-XM320 device up to and including version 7.7. The server validates session cookies based on a user-controlled value, allowing for directory traversal and bypassing authentication.
CVE-2026-37281 describes an OS command injection vulnerability in the /stream-to-vlc Express route in hitarth-gg Zenshin before version 2.7.0, allowing remote attackers to execute arbitrary commands via the url parameter.
The vulnerability in APScheduler allows Remote Code Execution (RCE) via insecure deserialization in JSONSerializer and CBORSerializer classes. The unmarshal_object function enables arbitrary class instantiation and state injection by dynamically importing modules and calling __setstate__ on any class available in the Python environment.
The API endpoints in LalanaChami Pharmacy Management System (commit 5c3d028) lack authentication middleware. This allows unauthenticated remote attackers to leak all user records and modify drug inventory.

