CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST - in English

CISA KEV catalog updated: (v2026.07.13)

CVE-2026-12847
Critical

The GV-I/O Box 4E is a smart embedded device that is vulnerable to stack overflow due to improper handling of UDP messages. An attacker can send a specially crafted message, leading to potential buffer overflow.

CVE-2026-12846
Critical

The GV-I/O Box 4E is an embedded smart device that is vulnerable to stack overflow due to improper handling of UDP messages. An attacker can send a specially crafted message, potentially leading to unauthorized access or device failure.

CVE-2026-12488
Medium

A memory corruption vulnerability exists in the GV-Cloud functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted network request can lead to a denial of service.

CVE-2026-12486
CriticalEPSS 75%

Multiple OS command injection vulnerabilities exist in the libNetSetObj.so functionality of GeoVision GV-I/O Box 4E 2.09. A specially crafted network packet can lead to command execution.

CVE-2026-12485
Critical

GV-I/O Box 4E is a smart embedded device that supports communication over Ethernet and RS-485. The DVRSearch service, running by default on this device, is vulnerable to a stack overflow that can be exploited by an attacker to execute malicious code.

CVE-2026-3652
High

The ARForms plugin for WordPress is vulnerable to Stored Cross-Site Scripting (XSS) via the `value` parameter of the `arf_save_incomplete_form_data` AJAX action in all versions up to and including 7.1.3 due to insufficient input sanitization and output escaping.

CVE-2026-11614
Medium

The Xpro Addons — 140+ Widgets for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting (XSS) via the 'custom_attributes' parameter in all versions up to and including 1.7.2 due to insufficient input sanitization and output escaping.

CVE-2026-12681
High

In a vulnerability in Google go-attestation, the parseEfiSignatureList() function improperly validates indices, allowing attacker-controlled vendor header bytes to be appended to the trusted SHA256 hash list. This could lead to a remote attestation verifier accepting a compromised boot state.

CVE-2026-54639
High

Style Dictionary, a build system for creating cross-platform styles, has a prototype pollution vulnerability from version 4.3.0 to 5.4.4. Users are at risk with direct or indirect usage of the API, especially in NodeJS server applications.

CVE-2026-7574
High

The vulnerability in Anthropic Claude Desktop (versions v1.1348.0 through v1.2278.0) involves missing integrity verification of the Cowork VM root filesystem image. A local attacker with unprivileged access to the macOS user account can modify the rootfs.img image, which will be trusted on subsequent VM boots, enabling persistent arbitrary code execution in the VM and access to host-mounted directories.

CVE-2026-6458
Medium

A missing cryptographic step in Caliptra Core Firmware leads to an incorrect GCM authentication tag. Using the AES-256-GCM API with empty AAD results in the GHASH accumulator state not being saved after the first update call, causing the final tag to exclude the first batch of processed ciphertext.

CVE-2026-5818
High

Incorrect check of function return value in Caliptra Core Runtime Firmware allows bypass of MCU FW verification during hitless updates.

CVE-2026-56785
High

FlatPress contains a stored cross-site scripting vulnerability in comment and contact forms where name, URL, and email fields are rendered without proper output encoding in Smarty templates. Attackers can inject arbitrary HTML and JavaScript through these fields.

CVE-2026-54588
Critical

Poweradmin is a web-based DNS administration tool that in versions prior to 4.2.4 and 4.3.3 uses the attacker-controlled `HTTP_HOST` request header to build callback URLs in its OIDC, SAML, and logout authentication flows without any validation. An attacker can exploit this vulnerability to take over the victim's account.

CVE-2026-48493
Medium

In Snipe-IT versions prior to 8.6.0, a user with users.edit permission can send a PATCH request to /api/v1/users/{their_own_id} and grant themselves any permission except admin and superuser, e.g., assets.view, assets.create, reports.view, import. The issue is fixed in version 8.6.0.

CVE-2026-47693
Medium

Poweradmin before versions 4.2.4 and 4.3.3 is vulnerable to CSV Injection (Formula Injection) in its log export functionality. User-controlled data, specifically the username field, is written to exported CSV files without sanitizing formula trigger characters (=, +, -, @).

CVE-2026-12164
Medium

A vulnerability in Fortra File Integrity Monitoring (formerly Tripwire Enterprise) prior to version 9.4.0 may assign incorrect or elevated effective permissions to users created by the tetool import command while FIM is running, especially when the import also creates or changes roles or role-permission relationships.

CVE-2026-12163
Medium

Fortra File Integrity Monitoring (FIM), formerly Tripwire Enterprise, versions prior to 9.4.0.1 contain a stored cross-site scripting (XSS) vulnerability in the Asset View UI component. An authenticated user with sufficient privileges can store malicious script in node or database configuration fields, which will be executed in another administrator's browser.

CVE-2026-11972
High

A vulnerability in Python's 'tarfile' module occurs when opening an archive in streaming mode (mode='r|'). The module improperly handles EOF, causing archive parsing to take exponentially longer.

CVE-2026-54518
Medium

Vulnerability in jackson-databind related to unwrapped properties in constructors. The UnwrappedPropertyHandler.processUnwrappedCreatorProperties() method does not check @JsonView visibility, allowing bypass of view restrictions and injection of JSON data into a constructor parameter annotated with both @JsonView and @JsonUnwrapped, even when a more restrictive view is active.

PreviousPage 213 of 4554Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS