CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST — in English

CISA KEV catalog updated: (v2026.07.01)

CVE-2026-54891
Medium

A vulnerability in the Erlang/OTP SSL library (tls_gen_connection module) involves improper enforcement of message integrity during transmission. A network attacker can inject unauthenticated plaintext to a TLS client during the handshake, which after completion is treated by the application as authenticated server data.

CVE-2026-54887
Medium

A vulnerability in the SSL library of the DTLS server in Erlang/OTP uses a default empty cryptographic key for DTLS cookie generation during server startup. This makes cookies predictable, allowing an attacker to bypass source address verification.

CVE-2026-54886
Medium

An infinite loop vulnerability in the ssh_sftpd module of Erlang OTP allows an authenticated SFTP user to permanently block an SFTP channel. By sending extended data (SSH_MSG_CHANNEL_EXTENDED_DATA) with a non-zero type code, the attacker causes the handle_data/4 function to loop indefinitely, preventing further communication on that channel.

CVE-2026-53422
Low

An Observable Response Discrepancy vulnerability in the ssh_sftpd module of Erlang OTP SSH allows an authenticated SFTP user to enumerate the existence of files and directories outside the configured root directory. The SSH_FXP_REALPATH handler does not canonicalize the path before checking restrictions, enabling the use of '..' components to bypass validation and obtain information about the existence of paths on the filesystem.

CVE-2026-50282
Medium

Craft CMS versions 5.0.0-RC1 through 5.9.21 and 4.0.0-RC1 through 4.17.14 contain an authorization issue where a forced folder move can delete a conflicting destination folder without the required delete permission. The vulnerability is in the actionMoveFolder() function of the AssetsController.

CVE-2026-50281
High

Craft CMS versions 5.7.0 through 5.9.20 contain a mass-assignment vulnerability in the bulk-duplicate element action. An attacker who can duplicate their own entries can submit an arbitrary id via the newAttributes parameter, leading to overwriting an existing victim entry.

CVE-2026-44935
Critical

Missing validation of 'valuesFrom' references in Helm Deployer of SUSE Rancher Fleet allows owners of one tenant to access fleet credentials of other tenants. The vulnerability affects versions 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11, and 0.12 before 0.12.15.

CVE-2024-58352
High

Landray OA contains an unauthenticated HQL injection vulnerability that allows attackers to query Hibernate entities by injecting malicious HQL syntax into the uid parameter of the wechatLoginHelper.do endpoint. Lack of input sanitization in the filter expression passed to the Hibernate findList() method enables extraction of sensitive data like administrator password hashes and, with sufficient database privileges, file-write operations leading to remote code execution.

CVE-2024-14037
Critical

Redsea Cloud eHR contains an arbitrary file upload vulnerability that allows unauthenticated attackers to achieve remote code execution by uploading malicious files through the PtFjk.mob servlet endpoint. Attackers can submit a multipart POST request with a JSP webshell disguised using a spoofed image/jpeg Content-Type to bypass the absence of extension and MIME type validation, with the uploaded file stored at a predictable path under the uploadfile directory and executed directly by the web server.

CVE-2022-50973
CriticalEPSS 54%

An unauthenticated arbitrary file upload vulnerability in Yonyou KSOA 9.0 allows remote code execution via a crafted POST request to the ImageUpload servlet. Attackers can upload a JSP webshell without any authentication or validation.

CVE-2026-58455
Critical

Dockwatch through version 0.6.567 contains an unauthenticated OS command injection vulnerability. A missing exit() after an authentication redirect in loader.php combined with unsanitized input passed to shell_exec() in ajax/compose.php allows remote attackers to execute arbitrary shell commands.

CVE-2026-44941
High

A relative path traversal vulnerability in the "keyhint" option during repomd.xml parsing in libzypp before version 17.38.12. Attackers able to supply a malicious repository can inject or overwrite files on the target system as root.

CVE-2026-9272
High

In Progress Flowmon ADS versions prior to 12.5.6 and 13.0.5, a vulnerability allows an authenticated attacker with low privileges to send specially crafted requests, potentially leading to unauthorized access to application data and its modification.

CVE-2026-8079
High

In Progress Flowmon versions prior to 12.5.9 and 13.0.11, an authenticated low-privileged user may craft a request during PDF generation, resulting in operations performed with another user's privileges. This could lead to unauthorized access to sensitive data and unintended system configuration changes.

CVE-2026-56842
High

An Incorrect Authorization vulnerability in UniFi Network Application allows a malicious actor with network access to persist privileges after such access has been removed, under certain conditions.

CVE-2026-56841
High

An authenticated SQL Injection vulnerability in UniFi Protect Application allows an attacker with network access and low privileges to escalate privileges on the host device by injecting malicious SQL code.

CVE-2026-56004
Critical

A shellcode injection vulnerability in the Mercurial handler of the obs tar_scm source service before version 0.12.4 allows attackers with a malicious _service file to execute code as the source service or the local user.

CVE-2026-55119
High

A vulnerability in the UniFi Talk Application allows an attacker with network access and low privileges to escalate privileges through improper access control.

CVE-2026-55118
High

A vulnerability in UniFi Network Application allows privilege escalation by an attacker with network access and low privileges, under certain conditions. The issue stems from improper access control.

CVE-2026-55117
High

A Path Traversal vulnerability in UniFi Access Application allows a malicious actor with network access to access files on the host device.

PreviousPage 17 of 4465Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS