CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.01)
Crypt::OpenSSL::PKCS12 versions before 1.96 for Perl allow a heap OOB read in print_attribute for UTF8STRING attributes. The print_attribute() function copies an ASN.1 attribute value into a memory buffer without adding a NUL terminator, leading to unsafe reads of adjacent bytes.
The Branda plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to and including 3.4.29. This is due to the plugin not properly validating a user's identity prior to updating their password.
Cap-go before version 12.128.2 contains an authentication logic flaw that allows an attacker to register and control an account bound to a victim's email address before that email is verified. By enabling two-factor authentication on the pre-registered account, the attacker can take control of the account claimed under the victim's identity.
Cap-go before version 12.128.2 contains an authentication bypass vulnerability in OTP verification that allows attackers to bypass email verification by modifying server responses. Attackers can intercept OTP verification requests and manipulate HTTP responses to falsely mark verification successful.
A vulnerability in Azure Synapse allows execution with unnecessary privileges. An authorized attacker can remotely elevate privileges over a network.
Missing authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network.
Improper authentication in Azure Active Directory allows an unauthorized attacker to elevate privileges over a network.
ProxySQL, a proxy for MySQL and PostgreSQL, has a pre-authentication heap memory corruption vulnerability in versions 2.0.18 through 3.0.8. A remote unauthenticated client can declare an oversized first packet length, potentially leading to exploitation of this vulnerability.
ProxySQL in versions 2.0.0 through 3.0.8 incorrectly accepts a malformed PROXY protocol header, allowing attackers to spoof source addresses. This leads to a bypass of routing and access control rules, enabling attackers to manipulate queries as if they were trusted users.
In Tenda AC7 v15.03.06.44, there is a stack buffer overflow vulnerability in the wanSpeed parameter of the route /goform/AdvSetMacMtuWan, which can lead to remote arbitrary code execution.
Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the mac parameter.
Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the cloneType parameter.
Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the wanMTU parameter.
There is an insecure default credentials vulnerability in NI grpc-device when TLS configuration is not present and the server is bound beyond loopback. This may allow an unauthenticated user access to the server on the local network.
The CSRF vulnerability in the cas-auth plugin under default configurations allows a remote attacker to authenticate the victim's browser as a different identity. Actions taken by the victim are then attributed to the attacker's identity.
The vulnerability related to improper validation of integrity check value in Apache APISIX allows authentication bypass in the jwe-decrypt plugin under default configuration. This issue affects versions from 3.8.0 to 3.16.0.
There is an untrusted pointer dereference vulnerability in the NI grpc-device sideband streaming API that may allow an attacker to cause an arbitrary memory dereference, potentially resulting in remote code execution. Successful exploitation requires an attacker to supply a specially crafted Moniker protobuf message.
CVE-2026-44087 in Apache APISIX has insufficient verification of data authenticity in the openid-connect plugin, allowing an attacker to spoof identity headers.
Authentication Bypass by Spoofing vulnerability in Apache APISIX allows an attacker to completely bypass the authentication process by capitalizing on certain configurations of the jwt-auth plugin. This issue affects Apache APISIX from v2.2 through v3.16.0.
A vulnerability in Microsoft HEIF Image Extensions version 1.2.22.0 is caused by an out-of-bounds read. The CHEIFItemInfoEntry_GetDataSize function can return success while leaving the data size as 0, resulting in a 1-byte allocation. Subsequently, CopyPixels calculates copy size based on stride and height but does not check the source buffer length before calling memmove.

