CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST — in English

CISA KEV catalog updated: (v2026.07.07)

CVE-2026-12797
Medium

A security flaw has been discovered in BerriAI litellm up to version 1.82.5 in the async_pre_call_hook function of the enterprise/enterprise_hooks/banned_keywords.py file. Manipulation of the prompt argument results in incorrect authorization, which can be exploited in remote attacks.

CVE-2026-12796
Medium

A vulnerability was identified in BerriAI litellm up to version 1.82.2, impacting the function get_redirect_response_from_openid in the file litellm/proxy/management_endpoints/ui_sso.py of the SSO Authentication Flow component. Manipulation leads to session expiration.

CVE-2026-12789
Medium

A vulnerability was identified in ILIAS Learning Management System 11.0 affecting the function ilTrQuery::executeQueries in the file components/ILIAS/Tracking/classes/class.ilTrQuery.php. Manipulation of the argument troup_table_nav leads to SQL injection.

CVE-2026-12788
Medium

A vulnerability was identified in the ADP platform by zhilink (深圳)科技有限公司 version 1.0.0, affecting unknown code in the file /adpweb/a/base/barcodeDetail/import related to the XML parser. This manipulation leads to the exploitation of XML external entity references, allowing for remote attacks.

CVE-2026-12787
Medium

A vulnerability was found in the ADP Application Developer Platform version 1.0.0, affecting an unknown part of the testConnection Endpoint component. Manipulation of the jdbcUrl argument results in deserialization.

CVE-2026-12776
Medium

A flaw has been found in Montodel House-Rental-Management that allows SQL injection via manipulation of the ID argument in the /index.php?page=houses file. The attack can be carried out remotely.

CVE-2026-12774
Medium

A vulnerability has been detected in BerriAI litellm up to version 1.82.2, affecting the function _execute_with_mcp_client in the file litellm/proxy/_experimental/mcp_server/rest_endpoints.py. The manipulation leads to server-side request forgery.

CVE-2026-12772
Medium

A security flaw has been discovered in BerriAI litellm up to version 1.82.2, impacting the function authenticate_user in the file litellm/proxy/auth/login_utils.py of the PROXY_ADMIN database API Key Generator. Manipulating this function results in session expiration.

CVE-2026-12771
Medium

A vulnerability was identified in BerriAI litellm up to version 1.82.2, affecting an unknown function of the file litellm/proxy/auth/user_api_key_auth.py of the M2M JWT Handler component. This manipulation leads to improper authorization.

CVE-2026-12770
Medium

A vulnerability was identified in BerriAI litellm up to version 1.63.1, concerning an unknown function in the file litellm/proxy/management_endpoints/key_management_endpoints.py of the Admin Key Handler component. This manipulation leads to improper authorization.

CVE-2026-56347
Medium

The AVideo TopMenu plugin through version 26.0 contains a stored cross-site scripting (XSS) vulnerability in menu item rendering due to missing output encoding of icon classes, URLs, and text labels. Attackers can inject malicious JavaScript through unescaped menu item fields, potentially stealing session cookies or performing unauthorized actions.

CVE-2026-56342
Medium

AVideo through version 27.0 contains a server-side request forgery vulnerability in plugin/Live/test.php that allows authenticated administrators to read arbitrary URLs via the statsURL parameter. The lack of isSSRFSafeURL() validation enables requests to private IP ranges and cloud metadata endpoints.

CVE-2025-71379
Medium

ReDoS vulnerability in vLLM versions 0.6.3 through 0.9.0. Regular expression patterns in several components (vllm/lora/utils.py, phi4mini parser, OpenAI chat endpoint) are susceptible to catastrophic backtracking, allowing an attacker to cause CPU exhaustion and performance degradation.

CVE-2026-56332
Medium

Capgo before 12.128.2 contains an open redirect vulnerability in the confirm-signup endpoint that allows attackers to redirect users to arbitrary external websites. The confirmation_url parameter is not validated, enabling attackers to craft malicious links for phishing and credential harvesting attacks.

CVE-2026-56319
Medium

Capgo before 12.128.2 contains an information disclosure vulnerability in the GET /statistics/app/:app_id endpoint that allows app-limited API keys to distinguish existing sibling app IDs through differential error responses. Attackers can enumerate real app IDs outside their allowed scope by observing 500 PGRST116 errors for inaccessible apps versus 401 errors for nonexistent apps.

CVE-2026-56317
Medium

Nuxt before 4.4.7 (and the 3.x branch before 3.21.7) contains a cross-site scripting vulnerability in the NoScript component that writes slot content to innerHTML without escaping. Attackers can inject malicious scripts through untrusted data in NoScript slots, such as route.query parameters.

CVE-2026-56307
Medium

Cap-go before version 12.128.12 contains a broken cursor pagination vulnerability in the /private/devices endpoint, allowing authenticated attackers to cause duplicate-page loops and make later rows unreachable.

CVE-2026-56304
Medium

Picklescan before 1.0.1 contains an unsafe pickle deserialization vulnerability allowing unauthenticated attackers to create arbitrary zero-byte files via logging.FileHandler class instantiation. Attackers can exploit this by crafting malicious pickle payloads to bypass RCE blocklists and create lock files or other filesystem artifacts.

CVE-2026-56295
Medium

Capgo before 12.128.2 contains an authorization bypass vulnerability in webhook management endpoints that allows non-expiring API keys to bypass the require_apikey_expiration organization policy. The checkWebhookPermission function fails to call apikeyHasOrgRightWithPolicy, enabling attackers with legacy non-expiring keys to list, create, and delete webhooks.

CVE-2026-56294
Medium

Versions of capacitor-native-biometric before 12.128.2 contain an authentication bypass vulnerability where the onAuthenticationSucceeded() method fails to validate CryptoObject parameters. Attackers can hook the onAuthenticationSucceeded() function using dynamic instrumentation to bypass biometric authentication without valid credentials.

PreviousPage 80 of 535Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS