CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.07)
The torch-checkpoint-shrink.py script in the ml-engineering project contains an insecure deserialization vulnerability. The use of torch.load() to process PyTorch checkpoint files (.pt) without enabling the weights_only=True parameter allows for the deserialization of arbitrary Python objects.
Insecure Default Initialization of Resource vulnerability allows Authentication Bypass via API access. This issue affects Pandora FMS from versions 777 through 800.
A sandbox escape vulnerability exists in the Profile Backup component of Firefox and Thunderbird. It is fixed in Firefox 150.0.3, Firefox ESR 115.36, Firefox ESR 140.11, and Thunderbird 140.11.
In Ivanti Xtraction before version 2026.2, external control of a file name allows a remote authenticated attacker to read sensitive files and write arbitrary HTML files to a web directory, leading to information disclosure and possible client-side attacks.
In enterprise mode of the sealed-env library for Node.js and Java/Spring Boot, versions 0.1.0-alpha.1 through 0.1.0-alpha.3 embedded the operator's literal TOTP secret in the JWS payload of every minted unseal token. The JWS payload is base64-encoded JSON, but not encrypted.
In the local SAT (Technical Support) access functionality of the Ingecon Sun EMS Board, there is insecure generation of credentials. The vulnerability arises because the secret access credentials are not based on a secure cryptographic scheme, but rather on a weak hashing algorithm.
Prior to 2025-11-03, users of Terraform or the REST API for Google Cloud AlloyDB for PostgreSQL could create clusters with an insecure default password, which could be exploited by a remote attacker to gain full administrative access to the database.
A vulnerability has been identified in ROS# (All versions < V2.2.2) related to path traversal due to improper sanitization of user input. This could allow a remote attacker to access arbitrary files on the device.
Affected devices do not properly validate and sanitize Technology Object (TO) name rendered on the 'Motion Control Diagnostics' page of the web interface. This could allow an authenticated attacker who is authorized to download a TIA project into the product, to inject malicious scripts into the page.
Affected devices do not properly validate and sanitize PLC/station name rendered on the 'communication' parameters page of the web interface. This could allow an authenticated attacker who is authorized to download a TIA project into the product, to inject malicious scripts into the page.
A vulnerability in SIMATIC CN 4100 (versions prior to V5.0) allows unauthenticated attackers to exhaust resources via unrestricted connections. This can disrupt normal device operations.
CVE-2025-6577 describes an improper neutralization of special elements used in SQL commands, leading to SQL injection vulnerability in Akilli Commerce Software. This issue affects the E-Commerce Website versions before 4.5.001.
A vulnerability in RUGGEDCOM ROX allows an authenticated remote attacker to inject commands into the task scheduler via the Web UI. Lack of proper input sanitization enables arbitrary command execution with root privileges.
Due to improper Spring Security configuration, SAP Commerce Cloud allows an unauthenticated user to perform malicious input injection, resulting in arbitrary server-side code execution.
SAP S/4HANA (SAP Enterprise Search for ABAP) contains a SQL injection vulnerability that allows an authenticated attacker to inject malicious SQL statements through user-controlled input. The application directly concatenates this malicious user input into SQL queries, which are then passed to the underlying database without proper validation or sanitization.
W dniu 11 maja 2026 roku opublikowano 84 złośliwe wersje w 42 pakietach @tanstack/* w rejestrze npm. Atakujący wykorzystał trzy znane klasy podatności, aby opublikować złośliwe oprogramowanie kradnące dane uwierzytelniające pod zaufaną tożsamością.
In DeepChat, prior to version 1.0.4-beta.1, a Cross-Site Scripting (XSS) vulnerability exists due to a discrepancy between the backend validation layer and the frontend browser rendering engine. An attacker can exploit this vulnerability to execute arbitrary JavaScript by manipulating SVG elements.
DeepChat prior to version 1.0.4-beta.1 is vulnerable to an arbitrary protocol execution bypass, potentially leading to remote code execution (RCE). The issue arises from improper sanitization of Electron pop-up window handlers, allowing an attacker to intercept a malicious URL.
In versions prior to 5.0.0, s3-proxy contains an authentication bypass due to inconsistent URL path interpretation between the authentication middleware and the bucket handler. This vulnerability allows unauthenticated attackers to access protected S3 namespaces.
In versions prior to 0.1.57, SOCFortress CoPilot contained a hardcoded JWT signing secret, allowing attackers to forge admin-scoped tokens. If JWT_SECRET is not set, all authentication tokens are signed with this publicly known key.

