CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST - in English

CISA KEV catalog updated: (v2026.07.07)

CVE-2026-57079
Medium

A vulnerability in the Net::BitTorrent library for Perl (up to version 2.0.1) allows writing files outside the download directory via path traversal in peer-supplied metadata. An attacker can exploit the ut_metadata extension (BEP09) to supply file names containing ".." sequences that are not properly validated.

CVE-2026-53692
Medium

Redeight CMS version 1.0 stores user passwords using the MD5 algorithm without a salt. MD5 is a cryptographically broken algorithm and the lack of salting allows attackers to easily reverse the hashes using rainbow tables.

CVE-2026-53691
High

An unrestricted file upload vulnerability in Redeight CMS 1.0 allows authenticated attackers to achieve remote code execution (RCE) via the POST /admin/index.php?module=pages&mode=FileAdd endpoint. The application fails to validate file extensions and MIME types, permitting arbitrary PHP scripts to be uploaded to the /uploads/files/ directory where they are executed by the web server.

CVE-2026-53690
Critical

An SQL Injection vulnerability exists in Redeight CMS version 1.0 via the "userEmail" parameter in the POST "/admin/index.php" login endpoint. The application fails to sanitize user input and directly interpolates it into SQL queries without using prepared statements, allowing unauthenticated remote attackers to execute arbitrary SQL commands and extract sensitive database information.

CVE-2026-41053
High

Incorrect authentication caching in the team membership expansion of the Rancher Github authentication provider caused granting principal access to any logged in user, in 2.13 before 2.13.6 and 2.14 before 2.14.2.

CVE-2026-14162
Critical

A vulnerability in Advantech's Hospital Queuing Management allows unauthenticated remote attackers to access API documentation via a specific URL, leading to sensitive data exposure.

CVE-2026-14161
High

Hospital Quening Management by Advantech has a Sensitive Data Exposure vulnerability, allowing unauthenticated remote attackers to access a specific URL to obtain API documentation.

CVE-2026-13766
Critical

DBIx::QuickORM before version 0.000026 for Perl is vulnerable to SQL injection via unquoted SQL identifiers. The default SQL builder does not set quote_char, causing identifiers to be emitted verbatim into SQL queries.

CVE-2026-54475
High

A missing authorization vulnerability was found in Apache ActiveMQ for temporary destinations. Temporary destinations are expected to be isolated to the connection that created them, but the isolation is only checked on the client side, allowing a different connection to consume from another connection's temporary destination.

CVE-2026-53917
HighEPSS 52%

A vulnerability in Apache ActiveMQ allows an authenticated user to cause a DoS attack on the broker by sending a crafted OpenWire message with an excessive map size value. The lack of size validation during deserialization of message property maps can trigger OOM and crash the broker.

CVE-2026-53916
HighEPSS 52%

A vulnerability in Apache ActiveMQ allows an unauthenticated client to send non-terminating header bytes via STOMP NIO, causing unlimited buffering and JVM heap exhaustion.

CVE-2026-52760
Medium

A Cross-site Scripting (XSS) vulnerability was found in Apache ActiveMQ and its Web Console. The browse page renders a message ID without sanitization, allowing an authenticated producer to send a crafted JMS message ID containing HTML/JavaScript. When an administrator browses the queue, the payload executes in their browser.

CVE-2026-50750
High

A vulnerability in Apache ActiveMQ allows an unauthenticated attacker to cause Out of Memory (OOM) by sending repeated BrokerInfo commands without ConnectionInfo, leading to broker crash.

CVE-2026-50734
HighEPSS 52%

A vulnerability in Apache ActiveMQ allows an unauthenticated attacker to remotely cause a Denial of Service (DoS) of the broker by sending a crafted WireFormatInfo frame with a maliciously large size value. The lack of validation leads to memory allocation attempts during pre-auth negotiation, potentially causing an Out-of-Memory (OOM) condition and broker crash.

CVE-2026-49877
High

An improper authorization vulnerability was found in Apache ActiveMQ. By default, an authenticated low-privilege Web Console user can access /admin/* paths, which should be restricted to admins. The issue is caused by incorrect default Jetty settings.

CVE-2026-49434
High

An improper input validation vulnerability in Apache ActiveMQ allows an attacker with LDAP access to instantiate denied transports within the broker JVM. This can be exploited to fetch a malicious URL and spawn a second BrokerService in the same JVM.

CVE-2026-49432
HighEPSS 53%

An improper input validation vulnerability exists in Apache ActiveMQ's STOMP protocol. A remote unauthenticated attacker can send a negative content-length header, causing denial-of-service (DoS). For NIO STOMP transport, this leads to out-of-memory (OOM), while for blocking STOMP it causes connection errors and closure.

CVE-2026-13316
Medium

A flaw has been found in Foreman where HTTP parameters can be modified in http_proxies_controller and http_proxy files. Attackers can perform an SSRF attack and steal cloud metadata service on AWS, GCP, or Azure environments.

CVE-2026-9711
Critical

The EventON plugin for WordPress up to version 5.0.11 is vulnerable to SQL injection via the 'search' parameter. Insufficient escaping and lack of query preparation allow unauthenticated attackers to append additional SQL queries, enabling extraction of sensitive database information if the 'Enable additional search queries' setting is enabled and at least one published event exists.

CVE-2026-8141
High

The Ajax Load More - Filters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'taxonomy_include_children' parameter in all versions up to and including 3.4.1 due to insufficient input sanitization and output escaping.

PreviousPage 126 of 4556Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS