CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.01)
The Snowflake datasource vulnerability allows GET/PUT commands, enabling any user with query access to read/write files between the local Grafana server and the connected Snowflake host.
IBM Langflow OSS versions 1.0.0 through 1.9.3 contain a vulnerability due to improper isolation of Python execution combined with an authentication bypass. An unauthenticated attacker can execute arbitrary code on the host system, leading to full compromise.
Multiple MISP core controllers and model capture paths accepted client-controlled request fields such as primary keys and foreign keys without proper server-side validation. This allows authenticated users to submit crafted data, potentially leading to object overwrites or unauthorized data access.
Net::Statsite::Client versions through 1.1.0 for Perl allow metric injections. Newlines are not removed from metric names, allowing for these injections.
A vulnerability has been identified in centraldogma-server versions prior to 0.84.0, where enabling ZooKeeper replication without setting replication.secret causes the server to silently fall back to a hard-coded, publicly known secret. This default credential authenticates the embedded ZooKeeper ensemble.
SiYuan before v3.6.1 fails to sanitize package metadata and README content in the Bazaar marketplace, allowing malicious package authors to inject arbitrary HTML and JavaScript.
SiYuan before v3.6.1 fails to sanitize package metadata and README content in the Bazaar marketplace, allowing malicious package authors to inject arbitrary HTML and JavaScript. Attackers can achieve remote code execution on any user browsing the Bazaar by embedding XSS payloads in package displayName, description, or README fields.
Crawl4AI before version 0.8.7 contains an authentication bypass vulnerability due to a hardcoded default JWT signing key in the Docker API server. Attackers who know the default key can forge valid authentication tokens for any user, bypassing authentication and gaining full access to protected functionality.
Prefect version 3.6.23 is vulnerable to remote code execution due to improper handling of user-controlled input in the `GitRepository` storage class. The `commit_sha` parameter lacks validation and does not include a `--` separator, allowing injection of arbitrary git flags like `--upload-pack` to execute external programs. The `directories` parameter can also be exploited to inject git flags during sparse-checkout operations.
Flowise versions before 2.1.4 allow configuration to be injected into the Chainflow during execution via the overrideConfig option. This feature is enabled by default and lacks a allow-list of permitted variables, enabling attackers to achieve remote code execution and other serious attacks.
WooCommerce version 7.1.0 contains a remote code execution vulnerability that allows attackers to execute arbitrary PHP code by injecting shell commands through the product-type parameter.
The WordPress Ultimate Addons for Beaver Builder plugin version 1.2.4.1 contains an authentication bypass vulnerability that allows attackers to gain unauthorized access by exploiting the social media login form functionality.
SP LMS (com_splms) version < 4.1.4 by JoomShaper deserializes user-controlled cookie data without validation, allowing an unauthenticated remote attacker to execute arbitrary code on the server.
A vulnerability in SP Page Builder for Joomla allows unauthenticated users to upload arbitrary files, ultimately resulting in the upload and execution of PHP code.
Crypt::OpenSSL::PKCS12 versions before 1.96 for Perl allow a heap OOB read in print_attribute for UTF8STRING attributes. The print_attribute() function copies an ASN.1 attribute value into a memory buffer without adding a NUL terminator, leading to unsafe reads of adjacent bytes.
The Branda plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to and including 3.4.29. This is due to the plugin not properly validating a user's identity prior to updating their password.
Cap-go before version 12.128.2 contains an authentication logic flaw that allows an attacker to register and control an account bound to a victim's email address before that email is verified. By enabling two-factor authentication on the pre-registered account, the attacker can take control of the account claimed under the victim's identity.
Cap-go before version 12.128.2 contains an authentication bypass vulnerability in OTP verification that allows attackers to bypass email verification by modifying server responses. Attackers can intercept OTP verification requests and manipulate HTTP responses to falsely mark verification successful.
A vulnerability in Azure Synapse allows execution with unnecessary privileges. An authorized attacker can remotely elevate privileges over a network.
Missing authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network.

