CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST - in English

CISA KEV catalog updated: (v2026.07.10)

CVE-2026-57874
High

A buffer overflow vulnerability exists in IEEE8021x_upload.cgi in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier due to insufficient bounds checking when parsing filename values in multipart upload data. An unauthenticated remote attacker may exploit this by sending a crafted upload request with overly long input, causing memory corruption and denial of service.

CVE-2026-57873
High

In GeoVision GV-LPC2011 and GV-LPC2211 devices version V1.12 and earlier, an unauthenticated NULL pointer dereference vulnerability exists in IEEE8021x_upload.cgi. The issue is caused by improper validation of multipart upload headers when processing certificate-related fields. A remote attacker can send a malformed multipart request, causing the CGI process to crash and resulting in a denial of service.

CVE-2026-57872
HighEPSS 57%

An unauthenticated directory traversal vulnerability exists in get_fcont.cgi in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient validation of user-supplied file path input before the requested file is accessed by the CGI component. A remote attacker may exploit this vulnerability by sending a crafted request to read arbitrary files accessible to the affected process, resulting in information disclosure.

CVE-2026-49486
High

The Apache Airflow FTP provider's FTPS connection does not encrypt the data channel. Although the control channel is TLS-protected, data is transmitted in cleartext, allowing a network attacker to intercept file contents and credentials.

CVE-2026-2053
High

A vulnerability in the message flow component of WSO2 API Manager allows an unauthenticated attacker to manipulate WS-Addressing headers. The lack of proper validation of these headers enables redirecting server-initiated requests to arbitrary destinations.

CVE-2026-8380
Medium

The Frontend File Manager Plugin WordPress plugin through 23.6 does not properly verify ownership of every targeted post before permanent deletion, allowing authenticated users with author-level access and above to permanently delete arbitrary posts and pages. When the 'Allow guest uploads' setting is enabled by an administrator, the same deletion primitive becomes reachable by unauthenticated users.

CVE-2026-10835
High

The SALESmanago & Leadoo WordPress plugin before version 3.11.3 does not properly sanitize and escape a parameter passed to one of its AJAX actions before using it in a SQL statement, and fails to enforce authorization on that action, allowing authenticated users with minimal permissions, such as subscribers, to perform SQL injection attacks.

CVE-2026-10823
High

The YMC Filter WordPress plugin before version 3.11.3 does not properly authorize access to one of its REST API endpoints and does not validate a user-supplied query parameter, allowing unauthenticated attackers to retrieve the titles and content of private, draft, and other non-public posts.

CVE-2025-10268
Medium

The Printcart Web to Print Product Designer for WooCommerce WordPress plugin through version 2.4.8 contains a path traversal vulnerability, allowing an attacker to retrieve directory listings for arbitrary directories on the server.

CVE-2026-8797
High

An access control deficiency vulnerability exists in ExpressUpdate Agent for Windows. If a malicious user gains access to the product, arbitrary code could be executed with SYSTEM privileges.

CVE-2026-8661
Medium

Server-Side Cross-Site Scripting (XSS) and Server-Side Request Forgery (SSRF) vulnerability in the markdown_to_pdf action of Rapid7 InsightConnect Markdown Plugin version 3.1.4 and earlier on Linux. A remote attacker can execute JavaScript server-side and make arbitrary outbound HTTP requests via crafted content embedded in Markdown input. The PDF rendering engine does not restrict script execution or outbound network access.

CVE-2026-50745
Medium

A missing sanitisation vulnerability exists with user input in the stats-video.php script. The way URLs to this script were constructed did not follow best practices, and the output of the Smarty custom helper function url was neither properly encoded nor sanitised, allowing user‑supplied input to be reflected without escaping.

CVE-2026-50744
Medium

A bypass to the admin-only restriction of the XML-RPC API in Revive Adserver 6.0.7. The API response for the ox.login method returned a session ID cookie in the HTTP headers, and although the method correctly returned an error, the associated session was not invalidated, allowing the leaked session ID to be used for subsequent unrestricted API calls.

CVE-2026-50742
Medium

A stored XSS vulnerability exists in the maintenance-acl-check.php and maintenance-banners-check.php tools of Revive Adserver 6.0.7. Entity names are displayed without proper escaping when inconsistencies are detected.

CVE-2026-50741
High

CVE-2026-50741 bypasses the fix for CVE-2026-34916. Attackers can bypass the security patch by sending a disallowed but valid plugin identifier as type or by using the `ox.setChannelTargeting` XML-RPC API method.

CVE-2026-50740
Medium

In Revive Adserver 6.0.7 and earlier, missing sanitization of user input in the zone-include.php script allows XSS attacks. A low-privileged user can exploit the refresh parameter of the iFrame invocation tag to perform reflected XSS attacks.

CVE-2026-50739
Medium

A bypass for CVE-2026-34913 exists in Revive Adserver 6.0.7 and earlier due to missing ownership validation in the reverse operation of linking campaigns and trackers via the `tracker-campaigns.php` script. A low-privileged user can link their trackers to campaigns owned by other managers on the same instance, causing inconsistent ownership relationships.

CVE-2026-48936
Low

A flaw in Node.js Permission API allows starting a local server via a Unix domain socket, even without the `--allow-net` permission. This affects Node.js 26 release line.

CVE-2026-48935
Low

A flaw in Node.js Permission API allows modification of file metadata even on a path set as read-only with the `--allow-fs-read` flag. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26.

CVE-2026-48934
Medium

A flaw in Node.js TLS host verification allows an attacker to bypass certificate validation. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26.

PreviousPage 150 of 4532Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS