CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.07)
The Form Notify plugin for WordPress is vulnerable to Authentication Bypass in versions up to 1.1.10. The issue arises from the plugin trusting user-controlled cookie data, allowing unauthenticated access to user accounts.
Unrestricted IP address binding in the AMD Device Metrics Exporter (ROCm ecosystem) could allow a remote attacker to perform unauthorized changes to the GPU configuration, potentially resulting in loss of availability.
HRConvert2 prior to version 3.3.8 has a vulnerability in the sanitizeString() function that does not remove backtick (`) and tab ( ) characters. As a result, user input can reach shell_exec(), allowing commands within filenames to be executed.
In PrestaShop, prior to versions 8.2.6 and 9.1.1, there is a Cross-Site Scripting (XSS) vulnerability in the back-office Customer Service view. An unauthenticated attacker can submit a malicious email address through the Contact Us form, leading to session hijacking and full back-office takeover.
Crabbox prior to v0.12.0 contains an environment variable exposure vulnerability that allows attackers with access to a malicious or compromised repository to forward local secrets such as API tokens, cloud credentials, and broker tokens into the remote command environment.
Use after free in Mojo in Google Chrome prior to version 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
Use after free in UI in Google Chrome prior to version 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
In Fleet software, prior to version 4.81.0, a vulnerability in the installation process could allow arbitrary commands to be executed as root (macOS/Linux) or SYSTEM (Windows) on managed endpoints when an uninstall is triggered. A specially crafted software package could lead to unintended command execution.
SiYuan is a knowledge management system that prior to version 3.7.0 did not properly HTML escape names and versions in plugin.json files. As a result, malicious HTML could be executed in the user interface when a user opened the marketplace tab.
SiYuan is an open-source personal knowledge management system. In versions prior to 3.7.0, attribute view names are stored without HTML escape, leading to potential HTML injection and Node.js code execution in the renderer.
Gradient is a nix-based continuous integration system. In version 1.1.0, when GRADIENT_DISCOVERABLE=true, anyone who can reach /proto can register as a worker without any credentials, leading to unauthorized access to jobs from every organization.
SiYuan is a knowledge management system that prior to version 3.7.0 had an issue with handling the aria-label attribute. Due to improper URL decoding, it was possible to inject malicious HTML code, leading to unauthorized script execution.
The Note Mark application prior to version 0.19.4 does not enforce minimum length or entropy for the JWT_SECRET configuration value. It allows any base64-decodable secret, including secrets as short as 1 byte.
mdserver-web versions from 0.18.0 to 0.18.4 have an unauthorized remote command execution vulnerability in the /modify_crond and /start_task interfaces. The lack of authentication allows modification of default scheduled tasks and their execution, leading to RCE.
FileBrowser Quantum prior to versions 1.3.1-stable and 1.3.9-beta has a vulnerability that allows an attacker to use attacker-controlled path input to escape the intended shared directory. As a result, an unauthenticated attacker with a valid public share hash and delete permissions can delete arbitrary files outside this directory.
Microsoft Authenticator has a vulnerability that allows an unauthorized attacker to disclose sensitive information over a network.
Valtimo is a business process automation platform with a vulnerability that allows remote code execution and credential exfiltration. Versions from 12.0.0 to before 12.32.0 for com.ritense.valtimo:document and from 13.0.0 to before 13.23.0 for com.ritense.valtimo:case and com.ritense.valtimo:contract are affected.
CVE-2026-20182 identifies an issue with the authentication mechanism in Cisco Catalyst SD-WAN Controller, Manager, and Validator that allows an unauthenticated attacker to bypass authentication and gain administrative privileges. An attacker could exploit this vulnerability by sending crafted requests to the system.
Gotenberg is an API for PDF files that prior to version 8.31.0 had a vulnerability in the downloadFrom and webhook features. The default deny-lists were bypassable, allowing unauthenticated attackers to access internal HTTP services.
Gotenberg is a PDF file API that, prior to version 8.31.0, did not validate keys in JSON objects sent to the /forms/pdfengines/metadata/write endpoint. Using a newline character in a JSON key allows for the injection of arbitrary ExifTool flags, leading to unauthenticated OS command execution.

