CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST — in English

CISA KEV catalog updated: (v2026.07.07)

CVE-2026-56310
Medium

Cap-go before version 12.128.2 contains an authorization bypass vulnerability in the GET /organization/members endpoint that allows org-limited API keys to bypass limited_to_orgs restrictions. Attackers with such keys can access membership data from organizations outside their assigned scope.

CVE-2026-56302
Medium

Capgo before version 12.128.2 contains an unsecured images bucket lacking any row level security controls, allowing unauthenticated attackers to read, insert, and delete stored app icons.

CVE-2026-56272
Medium

Flowise before version 3.0.13 uses bcrypt with default salt rounds of 5, providing only 32 iterations instead of the OWASP-recommended minimum of 10 rounds. Attackers can crack password hashes approximately 30 times faster with modern GPU hardware, potentially compromising all user accounts in a database breach scenario.

CVE-2026-56269
Medium

Flowise before version 3.1.0 (npm package flowise, versions 3.0.13 and earlier) uses a weak hardcoded default value 'Secre$t' for the TOKEN_HASH_SECRET environment variable in packages/server/src/enterprise/utils/tempTokenUtils.ts when the variable is not configured. This secret derives the AES-256-CBC key used to encrypt user IDs and workspace IDs in the 'meta' field of JWT tokens. An attacker who knows the default secret can decrypt this metadata to extract internal user and workspace identifiers, and re-encrypt manipulated values such as altered user or workspace IDs.

CVE-2026-56262
Medium

Crawl4AI before version 0.8.7 contains an authentication bypass vulnerability in the monitor router endpoints that allows unauthenticated attackers to access destructive operations. Remote attackers can invoke the /monitor/actions/cleanup endpoint and manipulate monitoring state without authentication, causing service disruption.

CVE-2026-13163
Medium

CVE-2026-13163 describes an open redirect vulnerability in the _safe_redirect function of the click-tracking endpoint in Mailerup versions before 1.0.0. This allows remote unauthenticated attackers to redirect victims to arbitrary external sites, potentially leading to phishing attacks.

CVE-2025-71332
Medium

Flowise through version 2.2.7 contains a SQL injection vulnerability in the importChatflows API. Due to insufficient validation of the chatflow.id value, an authenticated user can supply a crafted JSON import file whose id field is concatenated unsanitized into a SQL IN clause, allowing arbitrary SQL to be executed, including blind and error-based extraction of data from the credential table.

CVE-2026-13150
Medium

In ccyl13 Pentestify version 1.0.0 and lower, there is a Server-Side Request Forgery (SSRF) vulnerability in the PDF generation endpoint. An attacker can exploit this flaw to send requests to arbitrary internal or external URLs, potentially leading to the exposure of sensitive data.

CVE-2026-11968
Medium

TortoiseGitBlame is vulnerable to argument injection via malicious Git history filenames, leading to arbitrary file write in TortoiseGit.

CVE-2026-52930
Medium

In the Linux kernel, a vulnerability was found in the IPC SHM subsystem where shm_destroy_orphaned() does not properly synchronize access to the shm_nattch field. Missing locking can lead to a race condition when cleaning up unused shared memory segments.

CVE-2026-52928
Medium

A vulnerability was found in the Linux kernel's AF_UNIX socket implementation. The SIOCATMARK ioctl, which reports the urgent mark position for MSG_OOB, was accessible for all socket types, even though MSG_OOB is only supported for SOCK_STREAM. Now, for SOCK_DGRAM and SOCK_SEQPACKET sockets, it returns -EOPNOTSUPP.

CVE-2026-52926
Medium

In the Linux kernel, the batman-adv module fails to clear the currently selected gateway pointer during mesh teardown, leaving stale state that can break subsequent mesh recreation.

CVE-2026-52925
Medium

A vulnerability was found in the Linux kernel's VRF (Virtual Routing and Forwarding) mechanism. Lack of RCU synchronization when removing a port from a VRF can cause a race condition where an RCU reader sees a new master device (e.g., a bridge) without l3mdev operations, leading to a NULL pointer dereference (NPD).

CVE-2026-52921
Medium

In the Linux kernel netfilter/ipset subsystem, a vulnerability was found in several hash:* variants. The 32-bit iterator used for scanning IPv4 address ranges may advance past the requested range after completion, causing retries to start from an unintended position.

CVE-2026-52916
Medium

In the Linux kernel, the batman-adv module is vulnerable to recursive processing of BATADV_UNICAST_FRAG packets. A malicious sender can craft a packet whose reassembled payload is itself a BATADV_UNICAST_FRAG packet, leading to unbounded recursion and kernel stack exhaustion.

CVE-2026-52913
Medium

In the Linux kernel's batman-adv module, a NULL pointer dereference vulnerability exists. When a network interface is disabled, its mesh_iface pointer is set to NULL, but batadv_v_ogm_send_meshif() may still dispatch OGMv2 packets through the disabled interface, causing a crash when trying to read from address NULL.

CVE-2026-9724
Medium

The MotorDesk plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to and including 1.1.2. This is due to missing or incorrect nonce validation on the motordesk_admin_home function.

CVE-2026-9721
Medium

The Book a Room Event Calendar plugin for WordPress is vulnerable to Cross-Site Request Forgery (CSRF) in all versions up to and including 1.9. This is due to missing or incorrect nonce validation in the settings_form()/update_settings() functionality.

CVE-2026-9620
Medium

The WP Latest Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting (XSS) via crafted image src attributes in post content in versions up to and including 5.0.11. This is due to insufficient output escaping in the field() and loop() functions.

CVE-2026-9619
Medium

The Reviews and Rating – Docplanner plugin for WordPress is vulnerable to authorization bypass in all versions up to and including 1.1.4. This is due to the plugin not properly verifying that a user is authorized to perform an action.

PreviousPage 76 of 548Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS