CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST — in English

CISA KEV catalog updated: (v2026.07.01)

CVE-2026-54405
High

A vulnerability in UniFi Network Application allows an attacker with network access to execute a Denial of Service (DoS) attack through improper input validation.

CVE-2026-54404
High

An SQL Injection vulnerability in UniFi OS allows an attacker with network access and low privileges to escalate privileges on affected UniFi OS devices or instances.

CVE-2026-54403
High

A Path Traversal vulnerability in devices running UniFi OS allows an attacker with network access to bypass authentication. The flaw affects specific UniFi OS devices or instances.

CVE-2026-54402
Critical

A vulnerability in UniFi OS allows an attacker with network access and low privileges to execute command injection on the host device due to improper input validation.

CVE-2026-54401
High

An SSRF vulnerability in UniFi OS allows an attacker with network access and low privileges to escalate privileges on the device or instance.

CVE-2026-54400
Critical

A vulnerability in UniFi Access Application allows privilege escalation on the host device. An attacker with network access and high privileges can exploit improper access control.

CVE-2026-53358
Unknown

In the Linux kernel, a vulnerability in the Bluetooth L2CAP subsystem was found where improper lock ordering in cleanup_listen() could cause a deadlock. Instead of calling l2cap_chan_close() directly, channels are now closed asynchronously using a timer to avoid lock inversion.

CVE-2026-53357
Unknown

A use-after-free (UAF) vulnerability was discovered in the Linux kernel's Bluetooth stack. The issue occurs in l2cap_sock_cleanup_listen() and l2cap_conn_del() functions, where a race condition during listening socket close and concurrent HCI disconnect leads to a freed child socket being used by the cleanup function. This vulnerability can cause system crashes or potentially privilege escalation.

CVE-2026-50748
Critical

A vulnerability in UniFi Access Application allows an attacker with network access and low privileges to execute command injection on the host device due to improper input validation.

CVE-2026-50747
Critical

An authenticated SQL Injection vulnerability in UniFi Talk Application allows a network-accessible attacker with low privileges to escalate privileges on the host device.

CVE-2026-50746
Critical

A vulnerability in the UniFi Connect application allows an attacker with network access to execute command injection on the host device due to improper access control.

CVE-2026-12168
High

An improper validation vulnerability in the `GFAC_Sys_x64.sys` driver of Little Orbit GFAC allows a local attacker to escalate privileges to SYSTEM and execute arbitrary code in kernel mode via crafted messages sent through a Minifilter communication port.

CVE-2026-12167
High

The vulnerability in the `GFAC_Sys_x64.sys` driver of Little Orbit GFAC allows a local attacker to access privileged driver functions through a Minifilter communication port that lacks proper access restrictions.

CVE-2026-12166
Medium

A NULL pointer dereference vulnerability in the `GFAC_Sys_x64.sys` driver of Little Orbit GFAC allows a local attacker to cause a denial of service via crafted requests that trigger a system crash.

CVE-2026-4767
Critical

Missing authentication for a critical function in TR7 Cyber Defense Inc. WAF-ASP allows authentication abuse. The vulnerability affects versions from v1.0.324.900 before v1.4.0.117.

CVE-2026-5524
Critical

The Divi Form Builder plugin for WordPress up to version 5.1.8 is vulnerable to arbitrary file upload leading to remote code execution. The issue is due to insufficient file extension validation in the do_image_upload() function, where the acceptFileTypes POST parameter is directly interpolated into a regular expression. Attackers can upload files with .phtml, .phar, .php5, or .php7 extensions, bypassing .htaccess protection that only blocks .php files.

CVE-2026-58653
Medium

PraisonAI before version 0.1.7 fails to validate that the project_id in issue create and update request bodies belongs to the URL workspace. An attacker can create issues referencing projects from other workspaces, causing cross-tenant data pollution in project statistics aggregation without workspace constraints.

CVE-2026-58652
High

A privilege escalation flaw in luci-app-travelmate and the travelmate package allows a session with UCI write ACL to set arbitrary script and arguments, executed as root by the travelmate service. The UI restriction to /etc/travelmate/*.login is only frontend.

CVE-2026-4772
Medium

A stored Cross-Site Scripting (XSS) vulnerability has been found in TR7 Cyber Defense Inc. WAF-ASP due to improper input neutralization during web page generation. The issue affects versions from v1.0.324.900 before v1.4.0.117.

CVE-2026-4770
Medium

A DOM-Based XSS vulnerability was found in TR7 Cyber Defense Inc. Web Application Firewall due to improper input neutralization during page generation. It affects versions from 1.0.42.239 before 1.4.0.117.

PreviousPage 24 of 4505Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS