CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST - in English
CISA KEV catalog updated: (v2026.07.10)
Path Traversal vulnerability in Spring MVC and WebFlux when resolving static resources. An attacker can access files outside the target directory.
Spring MVC and WebFlux applications are vulnerable to Information Disclosure attacks when resolving static resources. The vulnerability affects Spring Framework versions 7.0.0 through 7.0.7, 6.2.0 through 6.2.18, 6.1.0 through 6.1.27, and 5.3.0 through 5.3.48.
Spring WebFlux applications are vulnerable to Denial of Service (DoS) attacks when processing multipart requests. Affected versions: Spring Framework 7.0.0 through 7.0.7, 6.2.0 through 6.2.18, 6.1.0 through 6.1.27, 5.3.0 through 5.3.48.
A WebFlux application with a compromised subdomain is vulnerable to an escalation attack that allows exchanging a known session ID for that of an authenticated user.
WebSocket session IDs in the spring-websocket module are not cryptographically unpredictable, which may be exploitable in combination with inadequate authorization rules.
In specific scenarios involving HTTP redirects from a secure to an insecure endpoint, the Reactor Netty HTTP client may leak credentials. This occurs only if the HTTP client has been configured to follow redirects.
An attacker can craft a large number of unique requests that trigger a failure, exhausting the capacity of the application-wide stateful retry cache. Once the cache is full, it permanently rejects any further updates, causing all later stateful retries and circuit breakers in the application to fail.
A vulnerability has been detected in tmux up to version 3.6a, affecting the image_free function in image.c, leading to use after free. Local access is required, and the attack is characterized by high complexity.
The Product Filter Widget for Elementor plugin for WordPress is vulnerable to Reflected Cross-Site Scripting (XSS) via the 'args[filterFormArray]' parameter in all versions up to and including 1.0.6 due to insufficient input sanitization and output escaping.
The jQuery Hover Footnotes plugin for WordPress is vulnerable to Stored Cross-Site Scripting (XSS) via Footnote Qualifier ('{{...}}') in all versions up to and including 1.4 due to insufficient input sanitization and output escaping. This allows authenticated attackers with author-level access and above to inject arbitrary web scripts into pages.
The jQuery Hover Footnotes plugin for WordPress is vulnerable to Cross-Site Request Forgery (CSRF) in all versions up to and including 1.4. This is due to missing or incorrect nonce validation on the jqFootnotes_options_subpanel function.
The TinyMCE shortcode Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting (XSS) via 'btnrel' Shortcode Attribute in all versions up to and including 1.0.0 due to insufficient input sanitization and output escaping.
The Enable Media Replace plugin for WordPress is vulnerable to Stored Cross-Site Scripting (XSS) via the 'location_dir' parameter in all versions up to and including 4.1.8 due to insufficient input sanitization and output escaping. This allows authenticated attackers with Author-level access and above to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
A weakness has been identified in Dcat-Admin up to version 2.2.3-beta, affecting the function editorMDUpload in the file /admin/dcat-api/editor-md/upload on the User Setting Page. Manipulation of the argument editormd-image-file allows unrestricted file uploads.
A security flaw has been discovered in TOTOLINK EX200 version 4.0.3c.7646 in the file /etc/vsftpd.conf of the vsftpd component. Manipulation of this file results in least privilege violation.
A vulnerability was identified in Dolibarr ERP CRM up to version 23.0.2, affecting an unknown function in the file htdocs/core/filemanagerdol/connectors/php/config.inc.php of the Legacy Filemanager component. The manipulation leads to improper authorization, allowing for remote attack initiation.
The Accordions plugin for WordPress is vulnerable to Stored Cross-Site Scripting (XSS) via the Accordion body field in all versions up to and including 2.3.23 due to insufficient input sanitization and output escaping.
SAP Wily Introscope Enterprise Manager allows an unauthenticated attacker to craft a specially crafted URL. Under certain conditions, when accessed by a victim, the injected script could execute in the user’s browser within the context of the application.
The SAP Business Objects Business Intelligence Platform does not sufficiently validate email sending parameters supplied by authenticated users, resulting in an email spoofing vulnerability.
The Remote Function Call (RFC) modules of the Operational Data Provisioning Data Replication API (ODP-RFC) are missing caller identification of permitted SAP-internal applications, which could lead to unintended disclosure of data.

