CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST - in English

CISA KEV catalog updated: (v2026.07.15)

CVE-2026-12805
Medium

A flaw has been found in OFFIS DCMTK up to version 3.7.0 in the function XMLNode::parseFile, which can lead to heap-based buffer overflow. The attack may be performed remotely.

CVE-2026-12804
Medium

A vulnerability was detected in lemonldap-ng up to version 2.23.0, affecting an unknown function in the library lemonldap-ng-portal/lib/Lemonldap/NG/Portal/CDC.pm. Manipulating the argument url results in an open redirect, which can be exploited remotely.

CVE-2026-56412
Medium

In libexpat before version 2.8.2, XML_TOK_DATA_CHARS is not considered in doCdataSection, leading to a lack of handler call depth tracking in cases of policy violation. This can result in a use-after-free error.

CVE-2026-56411
Medium

In libexpat before version 2.8.2, there is an integer overflow in the xmlwf function that can occur when processing NOTATION declarations in endDoctypeDecl.

CVE-2026-56410
Medium

In libexpat before version 2.8.2, there is an integer overflow in the resolveSystemId function, which may lead to unexpected application behavior.

CVE-2026-56409
Medium

In libexpat before version 2.8.2, there is an integer overflow for the output filename when the -d outputDir option is used.

CVE-2026-56408
Medium

libexpat before version 2.8.2 has an integer overflow in the copyString function.

CVE-2026-56407
Medium

In libexpat before version 2.8.2, there is an integer overflow in the doProlog function related to storeEntityValue and entity textLen.

CVE-2026-56406
Medium

In libexpat before version 2.8.2, there is an integer overflow in XML_ParseBuffer due to a lack of a check that was present in XML_Parse.

CVE-2026-56405
Medium

libexpat before version 2.8.2 has an integer overflow in the getAttributeId function.

CVE-2026-56404
Medium

libexpat before 2.8.2 has an integer overflow in addBinding.

CVE-2026-56403
Medium

libexpat before 2.8.2 has an integer overflow in storeAtts.

CVE-2026-56397
Critical

SiYuan before v3.6.1 fails to sanitize package metadata and README content in the Bazaar marketplace, allowing malicious package authors to inject arbitrary HTML and JavaScript.

CVE-2026-56396
High

phpMyFAQ before 4.1.4 contains missing authorization vulnerabilities in editUser() and updateUserRights() endpoints that allow authenticated administrators to escalate privileges. Non-SuperAdmin users with edit_user permission can set is_superadmin flag or grant arbitrary rights to escalate to SuperAdmin access.

CVE-2026-56395
Critical

SiYuan before v3.6.1 fails to sanitize package metadata and README content in the Bazaar marketplace, allowing malicious package authors to inject arbitrary HTML and JavaScript. Attackers can achieve remote code execution on any user browsing the Bazaar by embedding XSS payloads in package displayName, description, or README fields.

CVE-2026-56394
Medium

Craft CMS version 4.0.0-RC1 contains an authenticated path traversal vulnerability in the assets/icon endpoint where the extension parameter is not validated before file existence checks. Attackers can bypass extension validation by passing traversal sequences that resolve to existing SVG files, allowing local file read access.

CVE-2026-56393
Medium

Craft CMS versions 4.x (>= 4.0.0-RC1, < 4.17.0-beta.1) and 5.x (>= 5.0.0-RC1, < 5.9.0-beta.1) contain multiple stored cross-site scripting vulnerabilities where settings names and field option labels are rendered without sanitization. An authenticated administrator can inject malicious payloads into section names, volume names, user group names, global set names, generated field names, checkbox/radio option labels, and custom source labels, causing arbitrary JavaScript to execute in other users' control-panel sessions.

CVE-2026-56385
Medium

Craft CMS versions >= 5.0.0-RC1, <= 5.9.13 and >= 4.0.0-RC1, <= 4.17.7 contain an authorization bypass in the assets/preview-file endpoint. This vulnerability allows low-privileged authenticated users to bypass view authorization for assets.

CVE-2026-56384
Medium

Craft CMS contains a missing authorization vulnerability in the assets/preview-thumb endpoint. A Control Panel user without permission to view a target private asset can call the endpoint with an attacker-controlled assetId and receive preview HTML containing a signed fallback transform preview link for that private asset.

CVE-2026-56383
Medium

Craft CMS contains a stored XSS vulnerability in the editableTable.twig component when using the 'Row Heading' column type. The application fails to sanitize input within row heading default values, allowing an attacker with an administrator account to inject arbitrary JavaScript.

PreviousPage 258 of 4525Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS