CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST — in English

CISA KEV catalog updated: (v2026.07.07)

CVE-2026-5229
Critical

The Form Notify plugin for WordPress is vulnerable to Authentication Bypass in versions up to 1.1.10. The issue arises from the plugin trusting user-controlled cookie data, allowing unauthenticated access to user accounts.

CVE-2026-0481
Critical

Unrestricted IP address binding in the AMD Device Metrics Exporter (ROCm ecosystem) could allow a remote attacker to perform unauthorized changes to the GPU configuration, potentially resulting in loss of availability.

CVE-2026-44666
Critical

HRConvert2 prior to version 3.3.8 has a vulnerability in the sanitizeString() function that does not remove backtick (`) and tab ( ) characters. As a result, user input can reach shell_exec(), allowing commands within filenames to be executed.

CVE-2026-44212
Critical

In PrestaShop, prior to versions 8.2.6 and 9.1.1, there is a Cross-Site Scripting (XSS) vulnerability in the back-office Customer Service view. An unauthenticated attacker can submit a malicious email address through the Contact Us form, leading to session hijacking and full back-office takeover.

CVE-2026-8634
Critical

Crabbox prior to v0.12.0 contains an environment variable exposure vulnerability that allows attackers with access to a malicious or compromised repository to forward local secrets such as API tokens, cloud credentials, and broker tokens into the remote command environment.

CVE-2026-8580
Critical

Use after free in Mojo in Google Chrome prior to version 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.

CVE-2026-8511
Critical

Use after free in UI in Google Chrome prior to version 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.

CVE-2026-26191
Critical

In Fleet software, prior to version 4.81.0, a vulnerability in the installation process could allow arbitrary commands to be executed as root (macOS/Linux) or SYSTEM (Windows) on managed endpoints when an uninstall is triggered. A specially crafted software package could lead to unintended command execution.

CVE-2026-45375
Critical

SiYuan is a knowledge management system that prior to version 3.7.0 did not properly HTML escape names and versions in plugin.json files. As a result, malicious HTML could be executed in the user interface when a user opened the marketplace tab.

CVE-2026-44670
Critical

SiYuan is an open-source personal knowledge management system. In versions prior to 3.7.0, attribute view names are stored without HTML escape, leading to potential HTML injection and Node.js code execution in the renderer.

CVE-2026-44592
Critical

Gradient is a nix-based continuous integration system. In version 1.1.0, when GRADIENT_DISCOVERABLE=true, anyone who can reach /proto can register as a worker without any credentials, leading to unauthorized access to jobs from every organization.

CVE-2026-44588
Critical

SiYuan is a knowledge management system that prior to version 3.7.0 had an issue with handling the aria-label attribute. Due to improper URL decoding, it was possible to inject malicious HTML code, leading to unauthorized script execution.

CVE-2026-44523
Critical

The Note Mark application prior to version 0.19.4 does not enforce minimum length or entropy for the JWT_SECRET configuration value. It allows any base64-decodable secret, including secrets as short as 1 byte.

CVE-2026-41315
Critical

mdserver-web versions from 0.18.0 to 0.18.4 have an unauthorized remote command execution vulnerability in the /modify_crond and /start_task interfaces. The lack of authentication allows modification of default scheduled tasks and their execution, leading to RCE.

CVE-2026-44542
Critical

FileBrowser Quantum prior to versions 1.3.1-stable and 1.3.9-beta has a vulnerability that allows an attacker to use attacker-controlled path input to escape the intended shared directory. As a result, an unauthenticated attacker with a valid public share hash and delete permissions can delete arbitrary files outside this directory.

CVE-2026-41615
Critical

Microsoft Authenticator has a vulnerability that allows an unauthorized attacker to disclose sensitive information over a network.

CVE-2026-42555
Critical

Valtimo is a business process automation platform with a vulnerability that allows remote code execution and credential exfiltration. Versions from 12.0.0 to before 12.32.0 for com.ritense.valtimo:document and from 13.0.0 to before 13.23.0 for com.ritense.valtimo:case and com.ritense.valtimo:contract are affected.

CVE-2026-20182
CriticalActively exploitedEPSS 100%

CVE-2026-20182 identifies an issue with the authentication mechanism in Cisco Catalyst SD-WAN Controller, Manager, and Validator that allows an unauthenticated attacker to bypass authentication and gain administrative privileges. An attacker could exploit this vulnerability by sending crafted requests to the system.

CVE-2026-42596
Critical

Gotenberg is an API for PDF files that prior to version 8.31.0 had a vulnerability in the downloadFrom and webhook features. The default deny-lists were bypassable, allowing unauthenticated attackers to access internal HTTP services.

CVE-2026-42589
Critical

Gotenberg is a PDF file API that, prior to version 8.31.0, did not validate keys in JSON objects sent to the /forms/pdfengines/metadata/write endpoint. Using a newline character in a JSON key allows for the injection of arbitrary ExifTool flags, leading to unauthenticated OS command execution.

PreviousPage 76 of 560Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS