CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST - in English

CISA KEV catalog updated: (v2026.07.10)

CVE-2026-7569
High

A vulnerability in Quest NetVault Backup allows an attacker to bypass authentication via cross-site scripting (XSS) in the viewclient component. User interaction is required, as the target must visit a malicious page or open a malicious file.

CVE-2026-40079
CriticalEPSS 62%

Cacti versions 1.2.30 and prior are vulnerable to Command Injection due to lack of sanitization in the escape_command() function in lib/rrd.php, which returns the command unchanged. The rrdtool_function_graph() function passes the built command to shell_exec() through this ineffective function, and the risk is that text_format values from graph templates (which may contain host variable substitutions) reach shell_exec() without adequate escaping.

CVE-2026-39951
High

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a Stored SQL Injection vulnerability through graph_name_regexp in the Reports feature. This issue has been fixed in version 1.2.31.

CVE-2025-60473
Medium

A NULL pointer dereference vulnerability was found in the gf_filter_in_parent_chain function of GPAC/MP4Box before version 26.02.0. Attackers can cause a Denial of Service (DoS) by supplying a crafted file.

CVE-2025-60466
Medium

A use-after-free vulnerability was found in the gf_filter_pid_get_packet function (/filter_core/filter_pid.c) of GPAC/MP4Box before version 26.02.0. Attackers can cause a Denial of Service (DoS) by supplying a crafted media file.

CVE-2026-39955
Critical

Cacti versions 1.2.30 and prior contain a pre-authentication SQL injection vulnerability via unanchored FILTER_VALIDATE_REGEXP in graph_view.php. This issue has been fixed in version 1.2.31.

CVE-2026-39948
Critical

In Cacti versions 1.2.30 and prior, the rfilter request parameter is retrieved via the raw accessor grv() instead of gfrv() with FILTER_VALIDATE_IS_REGEX validation and concatenated directly into RLIKE SQL clauses in lib/html_graph.php and lib/html_tree.php. These files are reachable pre-authentication through graph_view.php on installations with guest graph viewing enabled. Because the unbalanced-quote payload bypasses the regex validation that would otherwise reject it, an unauthenticated attacker can inject arbitrary SQL to compromise the confidentiality, integrity, and availability of the database.

CVE-2026-39938
Critical

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have unauthenticated LFI through graph_theme and rrdtool IPC serialization hardening. This issue has been resolved in version 1.2.31.

CVE-2026-39900
Medium

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Reflected XSS via tab parameter in the auth_profile.php JavaScript context. This issue has been fixed in version 1.2.31.

CVE-2026-39899
Medium

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Path Traversal via filename parameter in package_import.php. This issue has been fixed in version 1.2.31.

CVE-2025-8106
Unknown

CVE-2025-8106 has been rejected or withdrawn by its CVE Numbering Authority.

CVE-2025-60474
High

A buffer overflow vulnerability in the gf_media_import function of GPAC/MP4Box before version 26.02.0 allows an attacker to cause a Denial of Service (DoS) by supplying a crafted input file.

CVE-2025-60467
High

A use-after-free vulnerability was found in the GPAC/MP4Box library before version 26.02.0 in the gf_filter_pid_inst_swap_delete_task function within filter_pid.c. An attacker can exploit this by supplying a crafted media file to cause a denial of service (DoS).

CVE-2026-9779
High

In ATEN Unizon, the updateWar method has an improper implementation of cryptographic signature verification. An authenticated remote attacker can exploit this vulnerability to execute arbitrary code in the context of SYSTEM.

CVE-2026-9778
HighEPSS 71%

A directory traversal vulnerability in the ImportDeviceList method of ATEN Unizon allows remote code execution. The issue stems from improper validation of a user-supplied path before using it in file operations. Authentication is required for exploitation.

CVE-2026-9777
HighEPSS 71%

A directory traversal vulnerability in the restoreDB method of ATEN Unizon allows remote code execution. The flaw is due to improper validation of a user-supplied path before using it in file operations. Authentication is required, but the attacker can execute code in the context of SYSTEM.

CVE-2026-9776
HighEPSS 72%

A Directory Traversal vulnerability in the writeFileToHttpServletResponse method in ATEN Unizon allows remote attackers to disclose sensitive information without authentication. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations.

CVE-2026-9775
MediumEPSS 64%

A vulnerability in the uploadSSL method of ATEN Unizon allows remote authenticated attackers to delete arbitrary files. The issue stems from missing validation of a user-supplied path before using it in file operations.

CVE-2026-9774
MediumEPSS 64%

The vulnerability in the updateLicense method of ATEN Unizon software allows a remote authenticated attacker to delete arbitrary files on the system. The issue stems from the lack of proper validation of a user-supplied path before using it in file operations.

CVE-2026-9773
HighEPSS 62%

The vulnerability allows remote code execution in Unraid via command injection in ToggleState.php. Authentication is required, and the issue stems from missing validation of user input before using it in a system call.

PreviousPage 196 of 4563Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS