Vulnerabilities

  

CVE-2026-55234 | Wekan up to 9.36 Permissions cards.js boardId improper authorization

A vulnerability, which was classified as critical, has been found in Wekan up to 9.36. This impacts an unknown function

  

CVE-2026-55576 | MaaAssistantArknights Pull Request Title release-preparation.yml pull_request.title os command injection

A vulnerability, which was classified as very critical, was found in MaaAssistantArknights. Affected is an unknown function of the file

  

CVE-2026-55652 | Wekan up to 9.45 Header-Login headerLoginAuth.js getRequestIp HEADER_LOGIN_ID improper authentication

A vulnerability has been found in Wekan up to 9.45 and classified as critical. Affected by this vulnerability is the

  

CVE-2026-26718 | xxl-job 3.0.0 Endpoint cross-site request forgery

A vulnerability was found in xxl-job 3.0.0 and classified as problematic. Affected by this issue is some unknown functionality of

  

CVE-2026-38974 | Dulwich up to 1.1.0 paramiko_vendor.py Remote Code Execution

A vulnerability was found in Dulwich up to 1.1.0. It has been classified as critical. This affects an unknown part

  

CVE-2026-26719 | xxl-job-admin 3.0.0 HTTP cross site scripting

A vulnerability was found in xxl-job-admin 3.0.0. It has been declared as problematic. This vulnerability affects unknown code of the

  

CVE-2026-62314 | TecharoHQ Anubis up to 1.26.0-pre0 Policy lib/policy/checker.go PathChecker.Check input validation

A vulnerability was found in TecharoHQ Anubis up to 1.26.0-pre0. It has been rated as problematic. This issue affects the

  

Drupal core – Moderately critical – Information disclosure – SA-CORE-2026-010

Project: Drupal coreDate: 2026-July-15Security risk: Moderately critical 10 ∕ 25 AC:Complex/A:None/CI:Some/II:None/E:Theoretical/TD:UncommonVulnerability: Information disclosureAffected versions: <10.6.13 || >=11.3.0 <11.3.14 || >=11.4.0 <11.4.4 || 11.0.* || 11.1.* || 11.2.*CVE

  

Drupal core – Moderately critical – Cross-site scripting – SA-CORE-2026-011

Project: Drupal coreDate: 2026-July-15Security risk: Moderately critical 14 ∕ 25 AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:AllVulnerability: Cross-site scriptingAffected versions: >=11.3.0 <11.3.14 || >=11.4.0 <11.4.4 || 11.2.*CVE IDs: CVE-2026-15917Description: Drupal core 11.2 and above integrate

  

Drupal core – Moderately critical – Cross-site scripting – SA-CORE-2026-012

Project: Drupal coreDate: 2026-July-15Security risk: Moderately critical 13 ∕ 25 AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:DefaultVulnerability: Cross-site scriptingAffected versions: <10.6.13 || >=11.3.0 <11.3.14 || >=11.4.0 <11.4.4 || 11.0.* || 11.1.* || 11.2.*CVE

  

CVE-2026-45417 | DataEase up to 2.10.22 Datasource Connection Status Check CalciteProvider checkStatus sql injection

A vulnerability was found in DataEase up to 2.10.22 and classified as critical. This affects the function checkStatus of the

  

CVE-2026-45534 | DataEase up to 2.10.22 Redshift Datasource Connection rsjdbc.ini connect deserialization

A vulnerability was found in DataEase up to 2.10.22. It has been classified as critical. This impacts the function connect

  

CVE-2026-45320 | DataEase up to 2.10.22 DataEase dashboard SqlparserUtils.transFilter deptId injection

A vulnerability was found in DataEase up to 2.10.22. It has been declared as problematic. Affected is the function SqlparserUtils.transFilter

  

CVE-2026-45419 | DataEase up to 2.10.22 Template Manage save staticResource name path traversal

A vulnerability was found in DataEase up to 2.10.22. It has been rated as critical. Affected by this vulnerability is

  

CVE-2026-45533 | DataEase up to 2.10.22 Export Center Cleanup delete path traversal

A vulnerability categorized as critical has been discovered in DataEase up to 2.10.22. Affected by this issue is the function

  

CVE-2026-45535 | DataEase up to 2.10.22 Data Visualization SqlparserUtils.handleVariableDefaultValue sql injection

A vulnerability identified as critical has been detected in DataEase up to 2.10.22. This affects the function SqlparserUtils.handleVariableDefaultValue of the

  

CVE-2026-46684 | DataEase up to 2.10.22 Token doFilter X-DE-TOKEN signature verification

A vulnerability labeled as critical has been found in DataEase up to 2.10.22. This vulnerability affects the function doFilter of

  

CVE-2026-40952 | Absolute Security Secure Access up to 14.54 Installer improper authentication

A vulnerability marked as problematic has been reported in Absolute Security Secure Access up to 14.54. This issue affects some

  

CVE-2026-40953 | Absolute Security Secure Access up to 14.54 Certificate Parsing heap-based overflow

A vulnerability described as problematic has been identified in Absolute Security Secure Access up to 14.54. Impacted is an unknown

  

CVE-2026-49445 | Cilium up to 1.17.13/1.18.7/1.19.1 Admin Endpoints admin.sock improper authentication

A vulnerability classified as very critical has been found in Cilium up to 1.17.13/1.18.7/1.19.1. The affected element is an unknown

  

CVE-2026-40956 | Absolute Security Secure Access up to 14.20 Tunnel information disclosure

A vulnerability classified as problematic was found in Absolute Security Secure Access up to 14.20. The impacted element is an

  

CVE-2026-45737 | argoproj argo-cd up to 3.2.11/3.3.9/3.4.1 ServerSideDiff information disclosure

A vulnerability, which was classified as problematic, has been found in argoproj argo-cd up to 3.2.11/3.3.9/3.4.1. This affects an unknown

  

CVE-2026-50144 | Tencent ncnn ParamDict load_param input validation

A vulnerability, which was classified as critical, was found in Tencent ncnn. This impacts the function load_param of the component

  

CVE-2026-33443 | Absolute Security Secure Access up to 14.54 Memory Management denial of service

A vulnerability has been found in Absolute Security Secure Access up to 14.54 and classified as critical. Affected is an

  

CVE-2026-40954 | Absolute Security Secure Access up to 14.54 Traffic Parsing Function integer underflow

A vulnerability was found in Absolute Security Secure Access up to 14.54 and classified as problematic. Affected by this vulnerability

  

CVE-2026-40955 | Absolute Security Secure Access up to 14.54 Traffic Parsing Function integer underflow

A vulnerability was found in Absolute Security Secure Access up to 14.54. It has been classified as problematic. Affected by

  

CVE-2026-40957 | Absolute Security Secure Access up to 14.54 Login Page redirect

A vulnerability was found in Absolute Security Secure Access up to 14.54. It has been declared as problematic. This affects

  

CVE-2026-40958 | Absolute Security Secure Access up to 14.54 Tunnel Protocol resource consumption

A vulnerability was found in Absolute Security Secure Access up to 14.54. It has been rated as problematic. This vulnerability

  

CVE-2026-45738 | argoproj Argo CD up to 3.2.11/3.3.9/3.4.1 Summary tab URLs section application-summary.tsx cross site scripting

A vulnerability categorized as problematic has been discovered in argoproj Argo CD up to 3.2.11/3.3.9/3.4.1. This issue affects some unknown

  

CVE-2026-49867 | DataEase up to 2.10.22 Template Management save saveFilesToServe staticResource cross site scripting

A vulnerability identified as problematic has been detected in DataEase up to 2.10.22. Impacted is the function saveFilesToServe of the

  

CVE-2026-52870 | modelcontextprotocol python-sdk up to 1.27.1 Task Management server.experimental.enable_tasks information disclosure

A vulnerability labeled as problematic has been found in modelcontextprotocol python-sdk up to 1.27.1. The affected element is the function

  

CVE-2026-52869 | modelcontextprotocol python-sdk up to 1.27.1 SSE Transport/Streamable HTTP Transport server.sse session_id/Mcp-Session-Id injection

A vulnerability marked as critical has been reported in modelcontextprotocol python-sdk up to 1.27.1. The impacted element is an unknown

  

CVE-2026-50030 | DataEase up to 2.10.22 SQL Preview previewSql executeQuery sql injection

A vulnerability described as critical has been identified in DataEase up to 2.10.22. This affects the function executeQuery of the

  

CVE-2026-50124 | DataEase up to 2.10.22 Excel upload API test.mv.db executeQuery unrestricted upload

A vulnerability classified as critical has been found in DataEase up to 2.10.22. This impacts the function executeQuery of the

  

CVE-2026-56743 | Cilium up to 1.19.3 Parser name resolution

A vulnerability classified as problematic was found in Cilium up to 1.19.3. Affected is an unknown function of the component

  

CVE-2026-56742 | Cilium up to 1.17.16/1.18.10/1.19.4 Gateway API permission

A vulnerability, which was classified as problematic, has been found in Cilium up to 1.17.16/1.18.10/1.19.4. Affected by this vulnerability is

  

CVE-2026-52887 | NocoBase up to 2.0.60 Notification /api/myInAppChannels Sequelize.literal latestMsgReceiveTimestamp sql injection

A vulnerability, which was classified as critical, was found in NocoBase up to 2.0.60. Affected by this issue is the

  

CVE-2026-52888 | NocoBase up to 2.0.59 SQL Collection utils.ts checkSQL incomplete blacklist

A vulnerability has been found in NocoBase up to 2.0.59 and classified as problematic. This affects the function checkSQL of

  

CVE-2026-55410 | NocoBase up to 2.1.18 Backup Management _metadata.json exec database.schema os command injection

A vulnerability was found in NocoBase up to 2.1.18 and classified as problematic. This vulnerability affects the function exec of

  

CVE-2026-59950 | modelcontextprotocol MCP up to 1.28.0 WebSocket Server input validation

A vulnerability was found in modelcontextprotocol MCP up to 1.28.0. It has been classified as critical. This issue affects some

  

CVE-2026-55399 | Absolute Security Secure Access up to 14.54 Publisher resource consumption

A vulnerability was found in Absolute Security Secure Access up to 14.54. It has been declared as critical. Impacted is

  

CVE-2026-33444 | Absolute Secutity Secure Access up to 14.54 Memory Management denial of service

A vulnerability was found in Absolute Secutity Secure Access up to 14.54. It has been rated as critical. The affected

  

CVE-2026-33445 | Absolute Security Secure Access up to 14.54 Memory Management denial of service

A vulnerability categorized as critical has been discovered in Absolute Security Secure Access up to 14.54. The impacted element is

  

CVE-2026-55398 | Absolute Security Secure Access up to 14.54 Memory Management resource consumption

A vulnerability identified as critical has been detected in Absolute Security Secure Access up to 14.54. This affects an unknown

  

CVE-2026-33684 | WWBN AVideo up to 28.x signUp API set_api_signUp emailVerified/canUpload/canStream/canCreateMeet permission

A vulnerability labeled as critical has been found in WWBN AVideo up to 28.x. This impacts the function set_api_signUp of

  

CVE-2026-51380 | Tenda AC10 03.03.16.09 UploadCfg Endpoint /cgi-bin/UploadCfg buffer overflow

A vulnerability marked as very critical has been reported in Tenda AC10 03.03.16.09. Affected is an unknown function of the

  

CVE-2026-55608 | czlonkowski n8n-MCP up to 2.57.3 Multi-Tenant HTTP Mode behavioral workflow

A vulnerability described as critical has been identified in czlonkowski n8n-MCP up to 2.57.3. Affected by this vulnerability is an

  

CVE-2026-46339 | decolua 9router up to 0.4.36 Middleware src/proxy.js improper authentication

A vulnerability classified as very critical has been found in decolua 9router up to 0.4.36. Affected by this issue is

  

CVE-2026-49352 | decolua 9router up to 0.4.43 JWT Authentication route.js login hard-coded credentials

A vulnerability classified as problematic was found in decolua 9router up to 0.4.43. This affects the function Login of the

  

CVE-2026-56679 | decolua 9router up to 0.5.3 Settings /api/settings input validation

A vulnerability, which was classified as critical, has been found in decolua 9router up to 0.5.3. This vulnerability affects unknown

  

CVE-2026-54052 | czlonkowski n8n-mcp up to 2.56.0 Workflow Version History Backup improper authorization

A vulnerability, which was classified as critical, was found in czlonkowski n8n-mcp up to 2.56.0. This issue affects some unknown

  

CVE-2026-56678 | decolua 9router up to 0.5.5 Kiro API-key Validation Endpoint /api/oauth/kiro/api-key region input validation

A vulnerability has been found in decolua 9router up to 0.5.5 and classified as problematic. Impacted is an unknown function

  

CVE-2026-50562 | labring FastGPT up to 4.15.0-beta5 Workflows preview-docs-build.yml build pull request behavioral workflow

A vulnerability was found in labring FastGPT. It has been classified as critical. Affected by this vulnerability is the function

  

CVE-2026-20298 | Splunk Enterprise/Cloud Platform prior 10.5.2605.0 REST endpoint passwords encr_password improper authentication

A vulnerability was found in Splunk Enterprise and Cloud Platform. It has been declared as problematic. Affected by this issue

  

CVE-2026-53512 | better-auth Better Auth up to 1.6.10 OIDC Provider/MCP /api/auth/oauth2/token refresh_token improper authorization

A vulnerability categorized as problematic has been discovered in better-auth Better Auth up to 1.6.10. This vulnerability affects unknown code

  

CVE-2026-53513 | better-auth Better Auth up to 1.6.10 SSO Plugin /sso/register userInfoEndpoint/tokenEndpoint/jwksEndpoint input validation

A vulnerability identified as critical has been detected in better-auth Better Auth up to 1.6.10. This issue affects some unknown

  

CVE-2026-58659 | Lightning-AI PyTorch Lightning up to 2.6.5 Instantiator load_state module state issue

A vulnerability labeled as critical has been found in Lightning-AI PyTorch Lightning up to 2.6.5. Impacted is the function load_state

  

CVE-2026-58658 | GPUStack up to 2.2.1 Debug/Logs Instance information disclosure

A vulnerability marked as problematic has been reported in GPUStack up to 2.2.1. The affected element is an unknown function

  

CVE-2026-59255 | SpecterOps BloodHound up to 9.4.0 Custom-Nodes API authorization

A vulnerability described as critical has been identified in SpecterOps BloodHound up to 9.4.0. The impacted element is an unknown

  

CVE-2026-58660 | Kanboard up to 1.2.51 Kanban Board Drag-and-Drop Endpoint save project_id/task_id information disclosure

A vulnerability classified as problematic has been found in Kanboard up to 1.2.51. This affects the function Save of the

  

CVE-2026-59258 | immich-app immich up to 3.0.2 id/user access control

A vulnerability classified as critical was found in immich-app immich up to 3.0.2. This impacts an unknown function. The manipulation

  

CVE-2026-61643 | labring FastGPT up to 4.15.0-beta4 Workflow Node improper authorization

A vulnerability, which was classified as problematic, has been found in labring FastGPT up to 4.15.0-beta4. Affected is an unknown

  

CVE-2026-62389 | websockets ws up to 8.21.0 Receiver lib/receiver.js memory allocation

A vulnerability, which was classified as problematic, was found in websockets ws up to 8.21.0. Affected by this vulnerability is

  

CVE-2026-53518 | better-auth Better Auth up to 1.6.10 OAuth2 Token Endpoint /oauth2/token authorization_code improper authorization

A vulnerability has been found in better-auth Better Auth up to 1.6.10 and classified as critical. Affected by this issue

  

CVE-2026-10673 | zephyrproject zephyr up to 4.4.x Ethernet Driver eth_adin2111.c eth_adin2111_oa_data_read scur/len out-of-bounds write

A vulnerability was found in zephyrproject zephyr up to 4.4.x and classified as very critical. This affects the function eth_adin2111_oa_data_read

  

CVE-2026-40501 | CherryHQ cherry-studio up to 1.9.12 SearchService improper isolation or compartmentalization

A vulnerability was found in CherryHQ cherry-studio up to 1.9.12. It has been classified as critical. This vulnerability affects unknown

  

CVE-2026-62948 | OpenWrt up to 25.12.4 DHCPv6 Client FQDN Option src/statefiles.c statefiles_write_state6 Hostname injection

A vulnerability was found in OpenWrt up to 25.12.4. It has been declared as very critical. This issue affects the

  

CVE-2026-45337 | better-auth Better Auth up to 1.6.10 DeviceAuthorization Plugin /device/approve userId improper authorization

A vulnerability was found in better-auth Better Auth up to 1.6.10. It has been rated as critical. Impacted is the

  

CVE-2026-53514 | better-auth Better Auth up to 1.6.10 Organization Plugin acceptInvitation invitation ID improper authorization

A vulnerability categorized as problematic has been discovered in better-auth Better Auth up to 1.6.10. The affected element is the

  

CVE-2026-53515 | better-auth Better Auth up to 1.6.10 SSO Plugin sso/register registerSSOProvider providerId improper authorization

A vulnerability identified as critical has been detected in better-auth Better Auth up to 1.6.10. The impacted element is the

  

CVE-2026-53517 | better-auth up to 1.6.10 OAuth Provider /oauth2/token refresh_token improper authorization

A vulnerability labeled as critical has been found in better-auth up to 1.6.10. This affects an unknown function of the

  

CVE-2026-56087 | Dell ThinOS up to 2602_10.0765_T10 Protection Mechanism protection mechanism

A vulnerability marked as problematic has been reported in Dell ThinOS. This impacts an unknown function of the component Protection

  

CVE-2026-56687 | Dell ThinOS up to 2605_10.2099 Obsolete Feature improper authorization

A vulnerability described as problematic has been identified in Dell ThinOS up to 2605_10.2099. Affected is an unknown function of

  

CVE-2026-62378 | RustFS Console up to 0.1.9 PDF Preview preview-modal.tsx SessionToken cross site scripting

A vulnerability classified as problematic has been found in RustFS Console up to 0.1.9. Affected by this vulnerability is an

  

CVE-2026-62947 | OpenWrt up to 25.12.4 Download session.c fnmatch requested path traversal

A vulnerability classified as problematic was found in OpenWrt up to 25.12.4. Affected by this issue is the function fnmatch

  

CVE-2026-46485 | lissy93 Dashy up to 4.0.7 Config config.yaml config-saving config permission

A vulnerability, which was classified as critical, has been found in lissy93 Dashy up to 4.0.7. This affects the function

  

CVE-2026-49987 | yamadashy repomix up to 1.14.0 Git Command gitCommand.ts –remote-branch injection

A vulnerability, which was classified as critical, was found in yamadashy repomix up to 1.14.0. This vulnerability affects unknown code

  

CVE-2026-49988 | yamadashy repomix up to 1.14.0 runSecretLint information disclosure

A vulnerability has been found in yamadashy repomix up to 1.14.0 and classified as problematic. This issue affects the function

  

CVE-2026-15746 | Amazon strands-agents-tools up to 0.6.x Elasticsearch Memory Tool api_key server-side request forgery

A vulnerability was found in Amazon strands-agents-tools up to 0.6.x and classified as problematic. Impacted is an unknown function of

  

CVE-2026-12997 | Gravity Forms Plugin up to 2.10.4 on WordPress gform_uploaded_files path traversal

A vulnerability was found in Gravity Forms Plugin up to 2.10.4 on WordPress. It has been classified as problematic. The

  

CVE-2026-54443 | lissy93 Dashy up to 3.1.x Dashy RSS Widget RssFeed.vue Link information disclosure

A vulnerability was found in lissy93 Dashy up to 3.1.x. It has been declared as problematic. The impacted element is

  

CVE-2026-1562 | Pegasystems Pega Infinity up to 25.1.1 User Interface cross site scripting

A vulnerability was found in Pegasystems Pega Infinity up to 25.1.1. It has been rated as problematic. This affects an

  

CVE-2026-15907 | H3C SecPath F1000-C8300 up to 20260522 ?g=log_fw_nbc_mail_jsondata subject sql injection

A vulnerability categorized as critical has been discovered in H3C SecPath F1000-C8300 up to 20260522. This impacts an unknown function

  

CVE-2026-15909 | RafyMrX TOKO-ONLINE-ROTI up to ddfe1cd587be0a0b5135d8b6e85cce2ec3aece99 proses/add.php kd_cs authorization

A vulnerability identified as critical has been detected in RafyMrX TOKO-ONLINE-ROTI up to ddfe1cd587be0a0b5135d8b6e85cce2ec3aece99. Affected is an unknown function of

  

CVE-2026-62349 | taosdata TDengine up to 3.4.1.6 Parser parUtil.c trimString out-of-bounds write

A vulnerability labeled as very critical has been found in taosdata TDengine up to 3.4.1.6. Affected by this vulnerability is

  

CVE-2026-15895 | AWS jsii up to 1.130.x npm package loading Source os command injection

A vulnerability marked as problematic has been reported in AWS jsii up to 1.130.x. Affected by this issue is some

  

CVE-2026-62353 | taosdata TDengine up to 3.4.1.13 SQL Parser parTokenizer.c tGetToken out-of-bounds

A vulnerability described as critical has been identified in taosdata TDengine up to 3.4.1.13. This affects the function tGetToken of

  

CVE-2026-62350 | taosdata TDengine up to 3.4.1.14 eval unrestricted upload

A vulnerability classified as critical has been found in taosdata TDengine up to 3.4.1.14. This vulnerability affects the function eval.

  

CVE-2026-46421 | cap-js cap-js/cds-dbs 2.2.2/2.2.2/2.10.1 Database Service sql injection

A vulnerability classified as critical was found in cap-js cap-js and cds-dbs 2.2.2/2.2.2/2.10.1. This issue affects some unknown processing of

  

CVE-2026-62351 | taosdata TDengine 3.4.1.5/3.4.1.6/3.4.1.14 Transport transComm.c transDecompressMsg comp out-of-bounds

A vulnerability, which was classified as critical, has been found in taosdata TDengine 3.4.1.5/3.4.1.6/3.4.1.14. Impacted is the function transDecompressMsg of

  

CVE-2026-62355 | taosdata TDengine up to 3.4.1.14 UDF Management permission

A vulnerability, which was classified as very critical, was found in taosdata TDengine up to 3.4.1.14. The affected element is

  

CVE-2026-62348 | taosdata TDengine up to 3.4.1.14 Shared-Storage Migration mndProcessKillSsMigrateReq improper authentication

A vulnerability has been found in taosdata TDengine up to 3.4.1.14 and classified as problematic. The impacted element is the

  

CVE-2026-44986 | Penpot up to 2.14.4 Session Management auth.clj register-profile email improper authentication

A vulnerability was found in Penpot up to 2.14.4. It has been declared as critical. This vulnerability affects the function

  

CVE-2026-46709 | Eugeny tabby up to 1.0.233 File Path pathDrop.ts os command injection

A vulnerability was found in Eugeny tabby up to 1.0.233. It has been rated as problematic. This issue affects some

  

CVE-2026-47159 | dani-garcia Vaultwarden up to 1.35.x SSO Discovery/Pre-Validation Flow information disclosure

A vulnerability categorized as problematic has been discovered in dani-garcia Vaultwarden up to 1.35.x. Impacted is an unknown function of

  

CVE-2026-47160 | dani-garcia Vaultwarden up to 1.35.x HTTP Client src/http_client.rs should_block_address/post_resolve domain server-side request forgery

A vulnerability identified as problematic has been detected in dani-garcia Vaultwarden up to 1.35.x. The affected element is the function

  

CVE-2026-47158 | dani-garcia Vaultwarden up to 1.35.x SSO Authorization Flow /connect/authorize state improper authorization

A vulnerability labeled as problematic has been found in dani-garcia Vaultwarden up to 1.35.x. The impacted element is the function

  

CVE-2026-45805 | Penpot up to 2.14.x ReplServer ReplServer.ts executePluginTask code os command injection

A vulnerability marked as critical has been reported in Penpot up to 2.14.x. This affects the function executePluginTask of the

  

CVE-2026-61871 | ImageMagick prior 7.1.2-26/6.9.13-51 ICON decoder memory leak

A vulnerability described as problematic has been identified in ImageMagick. This impacts an unknown function of the component ICON decoder.