CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST — in English

CISA KEV catalog updated: (v2026.07.01)

CVE-2026-12577
High

The DVP80ES3 device contains a vulnerability due to an improperly implemented security check for the standard. This could allow an attacker to bypass security mechanisms.

CVE-2026-12576
High

The DVP80ES3 device has a vulnerability due to improper enforcement of message integrity during transmission in a communication channel. This allows an attacker to modify transmitted data without detection.

CVE-2026-12575
High

The vulnerability in DVP80ES3 involves improper resource shutdown or release, which can lead to memory leaks or other performance issues.

CVE-2026-12224
High

The Dokan Pro plugin for WordPress is vulnerable to privilege escalation via the update_capabilities REST Endpoint in all versions up to and including 5.0.4. The lack of allowlist validation allows authenticated attackers with Vendor-level access or higher, when the Vendor Staff module is enabled, to grant arbitrary WordPress capabilities, including administrator, to vendor_staff accounts, leading to full site takeover.

CVE-2026-12158
High

The RegistrationMagic – User Registration Forms Plugin for WordPress is vulnerable to Cross-Site Request Forgery (CSRF) in all versions up to and including 6.0.9.1. Missing nonce validation in the process_request function allows unauthenticated attackers to escalate privileges of an arbitrary form submitter to administrator by creating a malicious Chronos automation task executed via WordPress cron, provided they trick a site administrator into clicking a link.

CVE-2026-10538
High

A vulnerability in the messaging consumer functionality of unsupported Control-M/Server and Control-M/Enterprise Manager versions 9.0.20.x and earlier allows deserialization of user-controlled data without sufficient restriction of allowed object types. This may allow an authenticated attacker to trigger unintended server-side behavior through crafted serialized content.

CVE-2026-1239
High

The Ninja Forms plugin for WordPress is vulnerable to unauthorized data access due to a missing authorization check on the 'ninja-forms-views/token/refresh' REST callback in all versions up to and including 3.14.1. This allows unauthenticated attackers to view form submissions, which may contain sensitive information.

CVE-2026-14193
High

The vulnerability in the DVP80ES300T device is caused by improper validation of an array index, which could allow an attacker to execute code or cause a system crash.

CVE-2026-12579
High

The AS228T device contains an authentication bypass vulnerability. An attacker can gain unauthorized access to the system without knowing valid credentials.

CVE-2026-11883
High

The WebAuthn Provider for Two Factor WordPress plugin before version 2.5.6 does not correctly validate the second-factor authentication response, allowing an attacker who already knows a user's password to bypass the two-factor authentication requirement by submitting a malformed request.

CVE-2026-11823
High

The BookingPress Appointment Booking Pro plugin for WordPress up to version 5.7.1 is vulnerable to SQL Injection via the 'store_service_date' parameter in the bpa_assign_staffmember_to_slots() function. This is due to the use of stripslashes_deep() on POST data without using $wpdb->prepare(), allowing unauthenticated attackers to append additional SQL queries.

CVE-2026-11794
High

The Advanced Form Integration plugin for WordPress before version 2.1.1 does not restrict the WordPress role assigned when creating a user from a public form submission. This allows unauthenticated visitors to create an administrator account if an active integration maps the user role to a public form field, requiring a specific non-default configuration.

CVE-2026-11568
High

The Product Configurator for WooCommerce WordPress plugin before version 1.7.3 lacks authorization and post-status checks when returning WooCommerce product data via a public AJAX action. This allows unauthenticated users to retrieve data (title, price, weight, stock status, and configurator option pricing/SKUs) of private and draft products by supplying the product ID, bypassing WordPress post-visibility controls.

CVE-2026-10750
High

The Royal MCP WordPress plugin before version 1.4.26 does not perform capability checks on most of its MCP tools after token authentication, allowing authenticated users with low-privileged roles such as Subscriber to read private content, enumerate all users and their roles, and create, modify, or delete content owned by other users.

CVE-2026-7838
HighEPSS 63%

UltraVNC viewer up to version 1.8.2.2 contains an integer overflow leading to a heap buffer overflow in the RFB protocol failure-response parsing path. The 4-byte reasonLen field (CARD32) is passed as reasonLen+1 to CheckBufferSize(), where a value of 0xFFFFFFFF overflows to 0, allocating only 256 bytes, followed by reading 4 GiB into that buffer. This is reachable without authentication via rfbConnFailed and rfbVncAuthFailed message types.

CVE-2026-7831
High

UltraVNC viewer up to version 1.8.2.2 contains an off-by-one stack buffer overflow in the RFB ServerInit message handler. When the server supplies a desktop name of exactly 2024 bytes, ReadString writes a null terminator one byte past the allocated buffer, causing a stack overflow.

CVE-2026-7830
High

UltraVNC up to version 1.8.2.2 uses weak cryptography in the MS-Logon II authentication scheme. The Diffie-Hellman key exchange relies on 64-bit parameters that can be broken in under a second, and the random number generator based on rand() with a time seed allows private key recovery within a minute. A network attacker can derive the shared DH key and decrypt the username and password.

CVE-2026-7829
High

A post-authentication out-of-bounds write vulnerability in UltraVNC repeater through version 1.8.2.2 exists in the allow/deny rule parser. The code writes a NUL terminator without clamping the length to the destination buffer size, potentially corrupting stack data.

CVE-2026-7517
High

The Custom Payment Gateways for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'alg_wc_cpg_input_fields' parameter in all versions up to, and including, 2.1.0 due to insufficient input sanitization and output escaping.

CVE-2026-13731
High

The WPBot – AI ChatBot plugin for WordPress up to version 8.4.9 is vulnerable to stored cross-site scripting via the 'conversation' parameter due to insufficient input sanitization and output escaping. Unauthenticated attackers can inject arbitrary web scripts that execute when users access affected pages. The AJAX nonce required for saving is publicly exposed on every frontend page, removing practical exploitation barriers.

PreviousPage 19 of 3334Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS