CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.07)
Nieprawidłowa kontrola dostępu w Azure Managed Instance dla Apache Cassandra umożliwia autoryzowanemu atakującemu wykonanie kodu przez sieć.
Improper authorization in Microsoft Teams allows an authorized attacker to disclose information over a network.
Improper access control in Azure Managed Instance for Apache Cassandra allows an authorized attacker to execute code over a network.
FreeScout prior to version 1.8.217 has a vulnerability in the /user-setup/{hash} endpoint that accepts a 60-character random invite_hash to set a new user's password. The lack of expiration check allows for unauthorized account takeover long after the invite was issued.
The CVE-2026-37709 vulnerability involves insecure permissions in grokability snipe-it version 8.4.0 and earlier, fixed after commit 676a9958 on March 10, 2026. This allows a remote attacker to execute arbitrary code via the app/Http/Controllers/Api/UploadedFilesController.php component.
The MQTT broker in Yarbo firmware version 2.3.9 is configured to allow anonymous connections with no topic-level access control. Any host on the same network can subscribe to sensitive telemetry topics or publish control messages without any authentication.
Yarbo firmware v2.3.9 contains hardcoded administrative credentials. These credentials are identical across all devices running this firmware and cannot be changed or removed by end users.
The NPM package query-parser-string version 1.0.0 is vulnerable to Prototype Pollution. The package does not properly sanitize user supplied query parameters and merges them to the newly created object.
The npm package parse-ini version 1.0.6 is vulnerable to Prototype Pollution in the index.js() function.
ChestnutCMS version 1.5.10 has a SQL injection vulnerability. The content parameter of the cms_content tag can be manipulated in the admin backend and injected into a SQL query when the template is rendered.
The NPM package next-npm-version version 1.0.1 is vulnerable to Command injection, which may allow an attacker to execute unauthorized commands on the system.
CVE-2026-6795 describes a URL redirection to an untrusted site ('open redirect') vulnerability in DivvyDrive. It allows for parameter injection, potentially leading to unauthorized access.
Wish to serwer SSH, który w wersjach od 2.0.0 do przed 2.0.1 jest podatny na ataki typu path traversal w middleware SCP. Złośliwy klient SCP może odczytywać dowolne pliki z serwera, zapisywać pliki oraz tworzyć katalogi poza skonfigurowanym katalogiem głównym, wysyłając odpowiednio skonstruowane nazwy plików zawierające sekwencje ../ przez protokół SCP.
The Optoma CinemaX P2 projector (firmware TVOS-04.24.010.04.01, Android 8.0.0) exposes an HTTP API on TCP port 2345 that allows full unauthenticated remote control of the device. The API supports both reading configuration and writing/modifying settings including volume, mute, brightness, and other projector functions.
An unspecified vulnerability was found in the WebRTC component of Firefox and Thunderbird. The flaw was fixed in Firefox ESR 140.10.2 and Thunderbird 140.10.2.
A vulnerability in the Audio/Video playback component of Firefox and Thunderbird results from incorrect boundary conditions. The flaw was fixed in Firefox 150, Thunderbird 150, Firefox ESR 140.10.1, Thunderbird 140.10.1, and Firefox ESR 115.35.2.
The CVE-2026-6508 vulnerability in Liderahenk software has an origin validation error that allows access to functionality not properly constrained by access control lists (ACLs). This issue affects Liderahenk from version 2.0.1 before 2.0.2.
Lack of user input sanitisation in Open Notebook v1.8.3 allows the application user to execute Python code (and subsequently OS commands) on the docker container via Server-Side Template Injection (SSTI) for user-created transformations.
Hyperledger Fabric versions from 1.0.0 to 2.2.26 contain a vulnerability in the Channel.java class, which implements the readObject() method and exposes deSerializeChannel(). This method calls ObjectInputStream.readObject() on untrusted byte arrays without configuring an ObjectInputFilter, leading to a classic Java deserialization RCE pattern.
OpenEXR versions from 3.0.0 to before 3.2.9, 3.3.0 to before 3.3.11, and 3.4.0 to before 3.4.11 have an issue with the readVariableLengthInteger() function that decodes a variable-length integer from untrusted EXR input without bounding the shift count. After enough continuation bytes, the code executes a left shift by 70 on a 64-bit value, leading to undefined behavior.

