CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.07)
Runtipi versions 4.9.1 through 4.9.3 allow arbitrary file read through an unauthenticated endpoint, leading to exposure of local files from the Runtipi container. The issue arises from improper path checking for symbolic links in app store repositories.
There is a broken access control issue in WPBakery Page Builder versions up to 8.7.2 that may allow unauthorized users to access subscriber resources.
In the CarrierWave framework, versions prior to 2.2.7 and 3.1.3, the content_type_denylist check fails to properly handle regex metacharacters in string entries, leading to intended content types not being blocked. As a result, applications may be vulnerable to XSS attacks through uploading SVG files containing malicious JavaScript.
The Incorrect Authorization vulnerability allows users to access workflow instance information belonging to projects they do not have permission to access.
The Incorrect Authorization vulnerability allows users with system login privileges to delete task definitions in unauthorized projects.
CP Client Portal (Pro) versions up to 5.6.2 have a vulnerability that allows unauthorized users to download arbitrary files.
Bricks Builder versions up to 2.1.4 contain a vulnerability in access control that may allow subscribers unauthorized access to resources.
A missing authorization vulnerability in Yoast SEO Premium allows exploiting incorrectly configured access control security levels.
W3 Total Cache versions up to 2.9.1 contain a broken access control vulnerability, potentially allowing unauthorized access to resources.
There is an unauthenticated PHP Object Injection vulnerability in Valiance <= 1.2 versions.
Playroom versions up to 1.4.1 are vulnerable to unauthenticated PHP object injection.
In WPAMS versions below 49.5.3, there is a vulnerability that allows subscribers to delete arbitrary content.
A flaw was found in evolution-data-server that allows for inconsistent comparison in the addressbook file backend. A Flatpak application with D-Bus access can craft a malicious URI containing directory traversal sequences, leading to the deletion of arbitrary files on the host filesystem.
In MmsSmsProvider of MmsSmsProvider.java, there is a possible way to retrieve sensitive information due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
In Contacts Provider, there is a possible way to access the contacts database due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed.
In PackageInstaller.Session#transfer, there is a logic error that may lead to a memory exhaustion attack. This could result in local denial of service with no additional execution privileges needed.
A Cross-Site Scripting (XSS) vulnerability in the Regesta Smart HD-PLC device from Teldat allows an authenticated network attacker to inject arbitrary JavaScript via the 'Hostname' field in the configuration file. The script executes in the context of the /upgrade/query.php?cmd=p+3%3Bversion path.
A vulnerability in the Teldat Regesta Smart HD-PLC device allows an unauthenticated network attacker to perform a Slow Loris attack, causing Denial of Service (DoS) on the web interface. The issue affects firmware version TLDPH16D2 11.02.05.10.02.
A vulnerability in the Teldat Regesta Smart HD-PLC device allows an attacker with network access (no authentication required) to obtain privilege information by sending a Version request to the path /upgrade/query.php?cmd=p+3&3Bversion. This affects firmware version TLDPH16D2 11.02.05.10.02.
In Slimstat Analytics versions below 5.4.0, there is a vulnerability to unauthenticated deserialization of untrusted data.

