CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST - in English
CISA KEV catalog updated: (v2026.07.15)
Brak walidacji źródła wejściowego w oknie autoryzacji narzędzi w Kiro CLI przed wersją 1.28.0 umożliwia lokalnemu atakującemu wykonanie dowolnych narzędzi, w tym poleceń powłoki, bez zgody użytkownika, poprzez przygotowanie treści przesyłanej do kiro-cli za pomocą stdin.
A vulnerability in ClipBucket v5.5.2 allows an attacker to execute arbitrary code via the authentication interface, login page endpoint, and HTTP response security headers components.
A buffer overflow vulnerability in Easy Chat Server 3.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via the chat message functionality.
TypeBot is a chatbot builder tool that, in versions prior to 3.16.0, has a vulnerability in SSRF protection. The SSRF protection for Webhook / HTTP Request blocks only validates the URL string, allowing the use of local IP addresses and hostnames that can lead to unauthorized access to internal resources.
In versions 3.15.2 and prior, the RatingButton component in the embed package renders the user-controlled customIcon.svg field without sanitization, allowing arbitrary HTML/JS execution in the authenticated context of the chatbot builder.
Improper handling of factor key state in the multi-factor authentication management feature in Devolutions Server allows an attacker with knowledge of a user's password to bypass the user's multi-factor authentication after the user reconfigures their factors.
Improper authorization in the Active Directory browsing feature in Devolutions Server allows a low-privileged authenticated user to obtain authentication material associated with a stored PAM provider service account via authentication relay to an attacker-controlled server.
An improper certificate validation vulnerability in Ivanti Secure Access Client before 22.8R6 allows a remote unauthenticated attacker to execute arbitrary code.
A directory traversal vulnerability in Follett Software's Destiny Library Manager version 22_0_2_rc1 (fixed in v.22.5 AU1) allows remote attackers to read arbitrary system and application files via the image parameter.
W podatności CVE-2026-8671 występuje możliwość wprowadzenia wrażliwych informacji do pliku dziennika w oprogramowaniu syslink software AG Avantra na systemach Linux i Windows, co prowadzi do ujawnienia wycieków zasobów. Problem dotyczy wersji Avantra przed 25.3.0.
Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, and 10.11.x <= 10.11.14 fail to properly validate msgpack-encoded WebSocket frames before memory allocation. This allows an unauthenticated remote attacker to crash the server process, causing a full service outage for all users.
A SQL injection vulnerability has been identified in STER. Improper neutralization of input provided by user into multiple Search Filters allows for SQL Injection attacks.
The Ditty – Responsive News Tickers, Sliders, and Lists plugin for WordPress is vulnerable to authorization bypass in all versions up to and including 3.1.65. This is due to the plugin not properly verifying that a user is authorized to perform an action, allowing unauthenticated attackers to access the full content of non-public Dittys.
The AudioIgniter plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to and including 2.0.2. The handle_playlist_endpoint() function accepts a user-controlled playlist ID and returns track data without performing any authentication.
The Easy Elements for Elementor – Addons & Website Templates plugin for WordPress is vulnerable to Privilege Escalation in all versions up to and including 1.4.5 via the `easyel_handle_register()` function. This is due to the lack of a key whitelist in the `wp_ajax_nopriv_eel_register` AJAX handler, allowing attackers to overwrite the `wp_capabilities` key and gain full administrator privileges.
The WP ERP Pro plugin for WordPress is vulnerable to SQL Injection via the 'search_key' parameter in all versions up to and including 1.5.1. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.
An incorrectly placed cast from bytes to int allowed for server-side panic in the AES-GCM packet decoder for well-crafted inputs.
A Path Traversal vulnerability in UniFi OS devices can be exploited by a malicious actor with network access and low privileges. This allows access to files on the underlying system that can be manipulated to obtain sensitive information.
Concrete CMS version 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) in the rescanMultiple() method of the backend file controller.
Concrete CMS version 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) in the rescan() function of the backend file controller.

