CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST - in English
CISA KEV catalog updated: (v2026.07.10)
Wss4jSecurityInterceptor incorrectly initializes its BSP compliance flag, leading to the disabling of BSP enforcement for RequestData. Services validating WS-Security on the network may accept messages that violate BSP rules.
A malicious or compromised FTP/SFTP/SMB server can write arbitrary files anywhere on the client filesystem (outside the configured local-directory) with attacker-controlled content.
The UpdraftPlus: WP Backup & Migration Plugin for WordPress is vulnerable to Authentication Bypass in all versions up to and including 1.26.4. This is due to insufficient validation of the remote communications message format, allowing signature verification to be bypassed.
In ImageMagick, prior to versions 6.9.13-50 and 7.1.2-25, the ICON decoder contains an incorrect loop that can lead to an out-of-bounds heap write, resulting in a crash.
In ImageMagick prior to versions 6.9.13-50 and 7.1.2-25, a missing check for maximum memory request in AcquireAlignedMemory could trigger an out-of-memory condition.
Dulwich, a pure-Python implementation of Git file formats and protocols, has a vulnerability that allows for the injection of attacker-controlled submodule paths from a malicious repository. Versions from 0.23.2 to prior to 1.2.5 do not validate paths, leading to arbitrary code execution.
CVE-2026-50223 in Apache OFBiz has an improper control of code generation vulnerability, allowing low-privileged authenticated users to perform template injection attacks. This could lead to Remote Code Execution.
In ImageMagick prior to versions 6.9.13-48 and 7.1.2-24, a missing check in the DCM decoder could result in an image with invalid dimensions, potentially causing crashes in other operations.
A privilege escalation vulnerability in Apache OFBiz allows a low-privileged authenticated user to obtain higher privileges.
Pi-hole FTL, the core engine of the network-level advertisement and tracker blocker, contained a race condition vulnerability in the HTTP session management subsystem prior to version 6.6.1. This issue was introduced with the v6.0 rewrite of the CivetWeb-based web server and has been patched in version 6.6.1.
Dulwich, a pure-Python implementation of Git file formats and protocols, has a vulnerability in versions from 0.24.0 to 1.2.4. The `ProcessMergeDriver` improperly substitutes the file path into the merge driver command, allowing an attacker to execute arbitrary commands.
Xibo, a digital signage platform, has a security vulnerability prior to version 4.4.2 that allows users with DataSet permissions to exploit the Data Connector functionality to craft messages that escape the sandbox and enable XSS.
Dulwich, a pure-Python implementation of Git file formats and protocols, has a vulnerability leading to remote code execution via arbitrary file writes. Versions from 0.10.0 to prior to 1.2.5 are vulnerable when cloning or checking out a malicious Git repository on Windows.
In version 1.5.4, non-admin users with enabled plugins can invoke operations in the cdp_action_handling AJAX handler. Attackers can delete posts or overwrite plugin settings, bypassing capability checks.
Fedify is a TypeScript library for building federated server apps powered by ActivityPub. In versions 0.11.2 and prior, the IPv4 validation logic is incomplete, potentially allowing SSRF bypass.
Russh is a Rust SSH client and server library that had an issue in versions from 0.34.0 to before 0.61.0 with decoding attacker-controlled SSH strings. An attacker could send malicious data, leading to improper memory allocation.
Russh is a Rust SSH client & server library that from version 0.34.0 to before 0.61.1 had an issue accepting compressed packets that, after decompression, were much larger than allowed. This allowed a remote attacker to send packets that should have been rejected, leading to availability issues.
Kanidm is an identity management platform that was vulnerable to stack overflow due to an unauthenticated GET request to the /scim/v1/... endpoint with a specific query string prior to version 1.9.3. This issue has been patched in version 1.9.3.
In versions prior to 15.0.23, three cooperating omissions in @libp2p/gossipsub allow an unauthenticated single peer to exhaust the Node.js heap of any gossipsub node with default options.
Russh is a Rust SSH client & server library. In versions prior to 0.60.3, there were issues with unchecked capacity growth in CryptoVec and unsafe allocation/locking paths, which could allow an attacker to introduce invalid frame lengths.

