jell.ie CVEs
Read at: 2026-05-19T13:37:23+00:00
CVE ID :CVE-2026-7507
Published : May 19, 2026, 12:16 p.m. | 59 minutes ago
Description :A session fixation vulnerability was found in Keycloak's login-actions endpoints. An unauthenticated attacker could exploit this flaw by pre-creating an authentication session and tricking a victim into visiting a maliciously crafted link. By leveraging the /login-actions/restart endpoint—which processes session handles without adequate CSRF protection or cookie ownership validation—an attacker can reset the authentication flow state. This causes Single Sign-On (SSO) to authenticate the victim transparently upon clicking the link, allowing the attacker to hijack the required-action form without needing the victim's credentials. A successful exploit could lead to complete account takeover, including highly privileged administrative accounts.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-7571
Published : May 19, 2026, 12:16 p.m. | 59 minutes ago
Description :A flaw was found in Keycloak. A low-privilege user, with knowledge of user credentials and client ID, can bypass a security control intended to disable the implicit flow in OpenID Connect (OIDC) clients. By manipulating client data during a session restart, an attacker can obtain an access token that should not be available. This vulnerability can also lead to the exposure of these access tokens in server logs, proxy logs, and HTTP Referrer headers, resulting in sensitive information disclosure.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-7307
Published : May 19, 2026, 12:16 p.m. | 59 minutes ago
Description :A flaw was found in Keycloak. A remote, unauthenticated attacker can send a specially crafted XML input to the Security Assertion Markup Language (SAML) endpoint. This malicious input can cause high CPU usage and worker thread starvation, leading to a Denial of Service (DoS) where the server becomes unavailable.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-7504
Published : May 19, 2026, 12:16 p.m. | 59 minutes ago
Description :A flaw was found in Keycloak's URL validation logic during redirect operations. By crafting a malicious request, an attacker could bypass validation to redirect users to unauthorized URLs, potentially leading to the exposure of sensitive information within the domain or facilitating further attacks. This vulnerability specifically affects Keycloak clients configured with a wildcard (*) in the "Valid Redirect URIs" field and requires user interaction to be successfully exploited.
The issue stems from a discrepancy in how Keycloak and the underlying Java URI implementation handle the user-info component of a URL. If a malicious redirect URL is constructed using multiple @ characters in the user-info section, Java's URI parser fails to extract the user-info, leaving only the raw authority field. Consequently, Keycloak's validation check fails to detect the malformed user-info, falls back to a wildcard comparison, and incorrectly permits the malicious redirect.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-45442
Published : May 19, 2026, 12:16 p.m. | 59 minutes ago
Description :Missing Authorization vulnerability in Brainstorm Force Presto Player allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects Presto Player: from n/a through 4.1.3.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-4630
Published : May 19, 2026, 12:16 p.m. | 59 minutes ago
Description :A flaw was found in Keycloak. An authenticated client could exploit an Insecure Direct Object Reference (IDOR) vulnerability in the Authorization Services Protection API endpoint. By knowing or obtaining a resource's unique identifier (UUID) belonging to another Resource Server within the same realm, the client could bypass authorization checks. This allows the client to perform unauthorized GET, PUT, and DELETE operations on resources, leading to information disclosure and potential unauthorized modification or deletion of data.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-43493
Published : May 19, 2026, 12:16 p.m. | 59 minutes ago
Description :In the Linux kernel, the following vulnerability has been resolved:
crypto: pcrypt - Fix handling of MAY_BACKLOG requests
MAY_BACKLOG requests can return EBUSY. Handle them by checking
for that value and filtering out EINPROGRESS notifications.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-7860
Published : May 19, 2026, 12:16 p.m. | 59 minutes ago
Description :A possible information disclosure vulnerability exists in the Vaadin Maven plugin and Vaadin Gradle plugin that exposes the full set of environment variables in build logs whenever the frontend build process exits with a non-zero status. Because the build environment may contain credentials supplied as secrets, any failed frontend build can expose those secrets in clear text in CI logs and archived build artifacts.
Users of affected versions should apply the following mitigation or upgrade. Releases that have fixed this issue include:
Product version
Vaadin 23.0.0 - 23.6.9
Vaadin 24.0.0 - 24.10.3
Vaadin 25.0.0 - 25.1.4
Mitigation
Upgrade to 23.6.10
Upgrade to 24.10.4 or newer
Upgrade to 25.1.5 or newer
Please note that Vaadin versions 10-13 and 15-22 are no longer supported and you should update either to the latest 23, 24, or 25 version.
ArtifactsMaven coordinatesVulnerable versionsFixed versioncom.vaadin:flow-plugin-base23.0.0 - 23.6.10≥23.6.11com.vaadin:flow-plugin-base24.0.0 - 24.10.3≥24.10.4com.vaadin:flow-plugin-base25.0.0 - 25.1.4≥25.1.5com.vaadin:flow-maven-plugin23.0.0 - 23.6.10≥23.6.11com.vaadin:flow-maven-plugin24.0.0 - 24.10.3≥24.10.4com.vaadin:flow-maven-plugin25.0.0 - 25.1.4≥25.1.5com.vaadin:flow-gradle-plugin24.0.0 - 24.10.3≥24.10.4com.vaadin:flow-gradle-plugin25.0.0 - 25.1.4≥25.1.5
Severity: 1.6 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-37981
Published : May 19, 2026, 12:16 p.m. | 59 minutes ago
Description :A flaw was found in Keycloak. A broken access control vulnerability in the Account Resources user lookup endpoint allows a remote authenticated user, who owns at least one User-Managed Access (UMA) resource, to enumerate and harvest personally identifiable information (PII) for all realm users. By sending crafted requests with arbitrary usernames or email values, the endpoint returns full profile objects for unrelated users. This leads to broad profile-level information disclosure.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-43492
Published : May 19, 2026, 12:16 p.m. | 59 minutes ago
Description :In the Linux kernel, the following vulnerability has been resolved:
lib/crypto: mpi: Fix integer underflow in mpi_read_raw_from_sgl()
Yiming reports an integer underflow in mpi_read_raw_from_sgl() when
subtracting "lzeros" from the unsigned "nbytes".
For this to happen, the scatterlist "sgl" needs to occupy more bytes
than the "nbytes" parameter and the first "nbytes + 1" bytes of the
scatterlist must be zero. Under these conditions, the while loop
iterating over the scatterlist will count more zeroes than "nbytes",
subtract the number of zeroes from "nbytes" and cause the underflow.
When commit 2d4d1eea540b ("lib/mpi: Add mpi sgl helpers") originally
introduced the bug, it couldn't be triggered because all callers of
mpi_read_raw_from_sgl() passed a scatterlist whose length was equal to
"nbytes".
However since commit 63ba4d67594a ("KEYS: asymmetric: Use new crypto
interface without scatterlists"), the underflow can now actually be
triggered. When invoking a KEYCTL_PKEY_ENCRYPT system call with a
larger "out_len" than "in_len" and filling the "in" buffer with zeroes,
crypto_akcipher_sync_prep() will create an all-zero scatterlist used for
both the "src" and "dst" member of struct akcipher_request and thereby
fulfil the conditions to trigger the bug:
sys_keyctl()
keyctl_pkey_e_d_s()
asymmetric_key_eds_op()
software_key_eds_op()
crypto_akcipher_sync_encrypt()
crypto_akcipher_sync_prep()
crypto_akcipher_encrypt()
rsa_enc()
mpi_read_raw_from_sgl()
To the user this will be visible as a DoS as the kernel spins forever,
causing soft lockup splats as a side effect.
Fix it.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-43491
Published : May 19, 2026, 12:16 p.m. | 59 minutes ago
Description :In the Linux kernel, the following vulnerability has been resolved:
net: qrtr: ns: Limit the maximum server registration per node
Current code does no bound checking on the number of servers added per
node. A malicious client can flood NEW_SERVER messages and exhaust memory.
Fix this issue by limiting the maximum number of server registrations to
256 per node. If the NEW_SERVER message is received for an old port, then
don't restrict it as it will get replaced. While at it, also rate limit
the error messages in the failure path of qrtr_ns_worker().
Note that the limit of 256 is chosen based on the current platform
requirements. If requirement changes in the future, this limit can be
increased.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-37982
Published : May 19, 2026, 12:16 p.m. | 59 minutes ago
Description :A flaw was found in Keycloak. This authentication vulnerability allows a remote attacker to replay `ExecuteActionsActionToken` tokens within Keycloak's WebAuthn (Web Authentication) flow. By intercepting an execute-actions email link, an attacker can register their own authenticator to a victim's account. This leads to unauthorized enrollment of a hardware-backed credential, enabling persistent account takeover.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-37979
Published : May 19, 2026, 12:16 p.m. | 59 minutes ago
Description :A flaw was found in Keycloak. This access control vulnerability in Keycloak's OpenID Connect (OIDC) token introspection endpoint allows a confidential client to bypass audience restrictions. An attacker-controlled client with valid credentials can retrieve sensitive token claims intended for other resource servers, compromising the confidentiality of lightweight access tokens. This issue can be exploited remotely by any confidential client in the realm with valid credentials.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-37978
Published : May 19, 2026, 12:16 p.m. | 59 minutes ago
Description :A flaw was found in Keycloak. A low-privilege administrator with the 'view-clients' role can exploit this by invoking the 'evaluate-scopes' Admin API endpoints with an arbitrary user ID (userId) parameter. This vulnerability allows for cross-role personally identifiable information (PII) leakage, enabling unauthorized visibility into user identities and authorizations across the realm. Exploitation is possible remotely via network access to the Admin API.
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-4883
Published : May 19, 2026, 11:18 a.m. | 1 hour, 56 minutes ago
Description :The Piotnet Forms plugin for WordPress is vulnerable to arbitrary file upload due to missing file type validation in the 'piotnetforms_ajax_form_builder' function in all versions up to, and including, 2.1.40. The plugin uses an incomplete extension blacklist that only blocks php, phpt, php5, php7, and exe extensions, while allowing dangerous extensions such as .phar or .phtml to be uploaded. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. Note: The exploit can only be exploited if a file field is added to the form.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8912
Published : May 19, 2026, 11:18 a.m. | 1 hour, 56 minutes ago
Description :The Contest Gallery plugin for WordPress is vulnerable to SQL Injection via the 'form_input' parameter in versions up to, and including, 28.1.6. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query inside the unauthenticated 'post_cg_gallery_form_upload' AJAX action (specifically the 'cb' branch of the included users-upload-check.php, where $f_input_id is concatenated unquoted into 'SELECT Field_Content FROM ... WHERE id = $f_input_id'). The endpoint is gated only by a public frontend nonce ('cg1l_action' / 'cg_nonce') that is exposed in the page source of any public gallery page. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-46725
Published : May 19, 2026, 10:16 a.m. | 2 hours, 58 minutes ago
Description :The extension passes an attacker-controlled cookie directly to PHP's unserialize() without safely processing the input. A remote, unauthenticated attacker can supply a crafted serialized payload to trigger PHP Object Injection, leading to Remote Code Execution on the TYPO3 server. Exploitation requires the content element to be configured with "Persistent Mode: Static" in the plugin settings.
Severity: 9.2 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-46722
Published : May 19, 2026, 10:16 a.m. | 2 hours, 58 minutes ago
Description :The OOXML parsing of the file indexer does not disable external entity resolution. A crafted xlsx or pptx document placed in an indexed directory can cause local files to be read or outbound HTTP requests to be performed, with the retrieved content being written to the search index.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-46723
Published : May 19, 2026, 10:16 a.m. | 2 hours, 58 minutes ago
Description :The additional_tables configuration of the page and tt_content indexers accepts arbitrary table and field names. A backend user with permission to edit indexer configurations can copy sensitive data from internal TYPO3 tables into the search index.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-46724
Published : May 19, 2026, 10:16 a.m. | 2 hours, 58 minutes ago
Description :The file indexer does not normalize the configured directory path. A backend user with permission to edit indexer configurations can index documents from arbitrary locations on the server file system through path traversal sequences.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8827
Published : May 19, 2026, 10:16 a.m. | 2 hours, 58 minutes ago
Description :The AddressRepository::getSqlQuery() method constructs a database query without properly sanitizing user input, leading to SQL Injection. The method is not invoked anywhere within the extension itself and therefore poses no direct risk in a default installation. However, custom extensions that call this method with untrusted input would expose the site to SQL injection.
Severity: 8.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8726
Published : May 19, 2026, 10:16 a.m. | 2 hours, 58 minutes ago
Description :The extension fails to properly sanitize user input before using it in a database query. As a result, an unauthenticated attacker can inject arbitrary SQL through a URL parameter on pages using the "Date Menu of news articles" plugin. Exploitation requires the "Date Menu of news articles" plugin to be in use and the TypoScript/Plugin setting disableOverrideDemand not to be enabled.
Severity: 8.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8727
Published : May 19, 2026, 10:16 a.m. | 2 hours, 58 minutes ago
Description :The Crawler extension passes the X-T3Crawler-Meta response header from crawled URLs directly to PHP's unserialize(). An attacker controlling a crawled endpoint can inject arbitrary serialized PHP objects, leading to Remote Code Execution on the TYPO3 server. Exploitation requires administrative privileges to configure a crawler-enabled page and trigger the crawl via a Scheduler task.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-46586
Published : May 19, 2026, 10:16 a.m. | 2 hours, 58 minutes ago
Description :Improper Control of Generation of Code ('Code Injection'), Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') vulnerability in Apache OFBiz.
This issue affects Apache OFBiz: before 24.09.06.
Users are recommended to upgrade to version 24.09.06, which fixes the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-46721
Published : May 19, 2026, 10:16 a.m. | 2 hours, 58 minutes ago
Description :The create and edit flows do not restrict which user properties may be submitted and do not enforce access control on the frontend user group assignment. As a result, an attacker can assign an arbitrary frontend user group to a newly registered or edited account, gaining unauthorized access to content and functionality restricted to privileged frontend user groups.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 4.4. The following CVEs are assigned: CVE-2026-34342.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.5. The following CVEs are assigned: CVE-2026-28955.
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows that run Message Queueing. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2026-33838.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2026-28847.
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the CoreSymbolication framework is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The ZDI has assigned a CVSS rating of 3.3. The following CVEs are assigned: CVE-2026-28918.
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the USD library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The ZDI has assigned a CVSS rating of 3.3. The following CVEs are assigned: CVE-2026-28941.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the USD library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2026-28940.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2025-12659.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2025-12659.
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Ivanti Endpoint Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The ZDI has assigned a CVSS rating of 4.9. The following CVEs are assigned: CVE-2026-8109.
A CVSS score 7.8
AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H severity vulnerability discovered by 'Marcin Wiazowski' was reported to the affected vendor on: 2026-05-11, 8 days ago. The vendor is given until 2026-09-08 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 7.8
AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H severity vulnerability discovered by 'Marcin Wiazowski' was reported to the affected vendor on: 2026-05-11, 8 days ago. The vendor is given until 2026-09-08 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 8.1
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Richard Chen of TrendAI Research' was reported to the affected vendor on: 2026-05-11, 8 days ago. The vendor is given until 2026-09-08 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 7.8
AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H severity vulnerability discovered by 'Richard Chen of TrendAI Research' was reported to the affected vendor on: 2026-05-11, 8 days ago. The vendor is given until 2026-09-08 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 7.8
AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H severity vulnerability discovered by 'Marcin Wiazowski' was reported to the affected vendor on: 2026-05-11, 8 days ago. The vendor is given until 2026-09-08 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 7.8
AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H severity vulnerability discovered by 'Marcin Wiazowski' was reported to the affected vendor on: 2026-05-11, 8 days ago. The vendor is given until 2026-09-08 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 7.8
AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H severity vulnerability discovered by 'Marcin Wiazowski' was reported to the affected vendor on: 2026-05-11, 8 days ago. The vendor is given until 2026-09-08 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 4.3
AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N severity vulnerability discovered by 'Yazhi Wang of TrendAI Research' was reported to the affected vendor on: 2026-05-11, 8 days ago. The vendor is given until 2026-09-08 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 6.5
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N severity vulnerability discovered by 'Aaron Luo at VicOne Inc., LabR7' was reported to the affected vendor on: 2026-05-08, 11 days ago. The vendor is given until 2026-09-05 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'YJK(@YJK0805) of ZUSO ART' was reported to the affected vendor on: 2026-05-08, 11 days ago. The vendor is given until 2026-09-05 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Bongeun Koo (@kiddo_pwn)' was reported to the affected vendor on: 2026-05-07, 12 days ago. The vendor is given until 2026-09-04 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 8.1
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Charbel F.' was reported to the affected vendor on: 2026-05-07, 12 days ago. The vendor is given until 2026-09-04 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 7.8
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Adam Babis' was reported to the affected vendor on: 2026-05-07, 12 days ago. The vendor is given until 2026-09-04 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 5.3
AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L severity vulnerability discovered by 'Peter Gabaldon (https://x.com/PedroGabaldon)' was reported to the affected vendor on: 2026-05-07, 12 days ago. The vendor is given until 2026-09-04 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 7.3
AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N severity vulnerability discovered by 'Vladislav Berghici of TrendAI Research' was reported to the affected vendor on: 2026-05-07, 12 days ago. The vendor is given until 2026-09-04 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Bongeun Koo (@kiddo_pwn)' was reported to the affected vendor on: 2026-05-07, 12 days ago. The vendor is given until 2026-09-04 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 7.6
AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H severity vulnerability discovered by 'Meshaal (@unrealmesh)' was reported to the affected vendor on: 2026-05-07, 12 days ago. The vendor is given until 2026-09-04 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Bongeun Koo (@kiddo_pwn)' was reported to the affected vendor on: 2026-05-07, 12 days ago. The vendor is given until 2026-09-04 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 7.2
AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Syed Ibrahim Ahmed of TrendAI Research, Sean Shekhtman (@sheep_trend) of TrendAI Research, and Jacky Yang of TrendAI Research' was reported to the affected vendor on: 2026-05-06, 13 days ago. The vendor is given until 2026-09-03 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 6.3
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L severity vulnerability discovered by 'Alex Williams from Pellera Technologies' was reported to the affected vendor on: 2026-05-06, 13 days ago. The vendor is given until 2026-09-03 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 6.3
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L severity vulnerability discovered by 'Alex Williams from Pellera Technologies' was reported to the affected vendor on: 2026-05-06, 13 days ago. The vendor is given until 2026-09-03 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 8.8
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Dvir Gozlan' was reported to the affected vendor on: 2026-05-06, 13 days ago. The vendor is given until 2026-09-03 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Flowise. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 9.8. The following CVEs are assigned: CVE-2026-41265.
A CVSS score 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2026-04-30, 19 days ago. The vendor is given until 2026-08-28 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2026-04-30, 19 days ago. The vendor is given until 2026-08-28 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 6.5
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N severity vulnerability discovered by '06fe5fd2bc53027c4a3b7e395af0b850e7b8a044' was reported to the affected vendor on: 2026-04-30, 19 days ago. The vendor is given until 2026-08-28 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2026-04-30, 19 days ago. The vendor is given until 2026-08-28 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by '06fe5fd2bc53027c4a3b7e395af0b850e7b8a044' was reported to the affected vendor on: 2026-04-30, 19 days ago. The vendor is given until 2026-08-28 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 6.5
AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H severity vulnerability discovered by 'Nitesh Surana (niteshsurana.com) of TrendAI Research' was reported to the affected vendor on: 2026-04-30, 19 days ago. The vendor is given until 2026-08-28 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 3.3
AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2026-04-30, 19 days ago. The vendor is given until 2026-08-28 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2026-04-30, 19 days ago. The vendor is given until 2026-08-28 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2026-04-30, 19 days ago. The vendor is given until 2026-08-28 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by '06fe5fd2bc53027c4a3b7e395af0b850e7b8a044' was reported to the affected vendor on: 2026-04-30, 19 days ago. The vendor is given until 2026-08-28 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by '06fe5fd2bc53027c4a3b7e395af0b850e7b8a044' was reported to the affected vendor on: 2026-04-30, 19 days ago. The vendor is given until 2026-08-28 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Sean de Regge' was reported to the affected vendor on: 2026-04-29, 20 days ago. The vendor is given until 2026-08-27 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'MICHAEL RANDRIANANTENAINA [https://elkamika.blogspot.com/]' was reported to the affected vendor on: 2026-04-29, 20 days ago. The vendor is given until 2026-08-27 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Sajeeb Lohani' was reported to the affected vendor on: 2026-04-29, 20 days ago. The vendor is given until 2026-08-27 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2026-04-29, 20 days ago. The vendor is given until 2026-08-27 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Sajeeb Lohani' was reported to the affected vendor on: 2026-04-29, 20 days ago. The vendor is given until 2026-08-27 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by '@pacbypass' was reported to the affected vendor on: 2026-04-29, 20 days ago. The vendor is given until 2026-08-27 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by '@pacbypass' was reported to the affected vendor on: 2026-04-29, 20 days ago. The vendor is given until 2026-08-27 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by '@pacbypass' was reported to the affected vendor on: 2026-04-29, 20 days ago. The vendor is given until 2026-08-27 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.5. The following CVEs are assigned: CVE-2026-35230.
This vulnerability allows remote attackers to bypass the sandbox on affected installations of OpenAI Codex. User interaction is required to exploit this vulnerability in that the target must use Codex to process a repository containing malicious JavaScript. The ZDI has assigned a CVSS rating of 8.6.
This vulnerability allows remote attackers to bypass authentication on affected installations of Flowise. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.1. The following CVEs are assigned: CVE-2026-41276.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2026-5940.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2026-5941.
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 3.3. The following CVEs are assigned: CVE-2026-5942.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2026-5943.
A CVSS score 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Dre Cura (@dre_cura) of TrendAI Research' was reported to the affected vendor on: 2026-04-23, 26 days ago. The vendor is given until 2026-08-21 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 8.8
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2026-04-23, 26 days ago. The vendor is given until 2026-08-21 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H severity vulnerability discovered by '06fe5fd2bc53027c4a3b7e395af0b850e7b8a044' was reported to the affected vendor on: 2026-04-23, 26 days ago. The vendor is given until 2026-08-21 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H severity vulnerability discovered by '06fe5fd2bc53027c4a3b7e395af0b850e7b8a044' was reported to the affected vendor on: 2026-04-23, 26 days ago. The vendor is given until 2026-08-21 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 3.3
AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N severity vulnerability discovered by 'truff' was reported to the affected vendor on: 2026-04-23, 26 days ago. The vendor is given until 2026-08-21 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 3.7
AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N severity vulnerability discovered by 'Sajeeb Lohani' was reported to the affected vendor on: 2026-04-23, 26 days ago. The vendor is given until 2026-08-21 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
This vulnerability allows remote attackers to escalate privileges on affected installations of Siemens SINEC NMS. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2026-25654.
A CVSS score 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'truff' was reported to the affected vendor on: 2026-04-23, 26 days ago. The vendor is given until 2026-08-21 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
This vulnerability allows remote attackers to bypass authentication on affected installations of Siemens SINEC NMS. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.3. The following CVEs are assigned: CVE-2026-24032.
This vulnerability allows local attackers to escalate privileges on affected installations of Docker Desktop. An attacker must first obtain the ability to execute low-privileged code within a container in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2026-6406.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics ASDA-Soft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2026-5726.
A CVSS score 8.5
AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N severity vulnerability discovered by 'Apex Security Research' was reported to the affected vendor on: 2026-04-23, 26 days ago. The vendor is given until 2026-08-21 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 8.4
AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2026-04-22, 27 days ago. The vendor is given until 2026-08-20 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 8.4
AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2026-04-22, 27 days ago. The vendor is given until 2026-08-20 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 8.8
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Dre Cura (@dre_cura) of TrendAI Research' was reported to the affected vendor on: 2026-04-22, 27 days ago. The vendor is given until 2026-08-20 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
A CVSS score 8.4
AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2026-04-22, 27 days ago. The vendor is given until 2026-08-20 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
count: 100