CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST - in English

CISA KEV catalog updated: (v2026.07.15)

CVE-2026-9539
Medium

An out-of-bounds heap read and integer underflow in TCP urgent data handling in libslirp versions before v4.9.2 allows a privileged guest VM attacker to leak sensitive host-process heap memory.

CVE-2026-12851
CriticalEPSS 74%

Multiple OS command injection vulnerabilities exist in the libNetSetObj.so functionality of GeoVision GV-I/O Box 4E 2.09. A specially crafted network packet can lead to command execution.

CVE-2026-12850
CriticalEPSS 75%

Multiple OS command injection vulnerabilities exist in the libNetSetObj.so functionality of GeoVision GV-I/O Box 4E 2.09. A specially crafted network packet can lead to command execution.

CVE-2026-12849
CriticalEPSS 74%

Multiple OS command injection vulnerabilities exist in the libNetSetObj.so functionality of GeoVision GV-I/O Box 4E 2.09. A specially crafted network packet can lead to command execution.

CVE-2026-12848
Critical

The GV-I/O Box 4E is a smart embedded device that supports communication over Ethernet and RS-485. The DVRSearch service, running by default on port 10001, is vulnerable to a stack overflow that can be exploited by an attacker to execute malicious code.

CVE-2026-12847
Critical

The GV-I/O Box 4E is a smart embedded device that is vulnerable to stack overflow due to improper handling of UDP messages. An attacker can send a specially crafted message, leading to potential buffer overflow.

CVE-2026-12846
Critical

The GV-I/O Box 4E is an embedded smart device that is vulnerable to stack overflow due to improper handling of UDP messages. An attacker can send a specially crafted message, potentially leading to unauthorized access or device failure.

CVE-2026-12488
Medium

A memory corruption vulnerability exists in the GV-Cloud functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted network request can lead to a denial of service.

CVE-2026-12486
CriticalEPSS 75%

Multiple OS command injection vulnerabilities exist in the libNetSetObj.so functionality of GeoVision GV-I/O Box 4E 2.09. A specially crafted network packet can lead to command execution.

CVE-2026-12485
Critical

GV-I/O Box 4E is a smart embedded device that supports communication over Ethernet and RS-485. The DVRSearch service, running by default on this device, is vulnerable to a stack overflow that can be exploited by an attacker to execute malicious code.

CVE-2026-3652
High

The ARForms plugin for WordPress is vulnerable to Stored Cross-Site Scripting (XSS) via the `value` parameter of the `arf_save_incomplete_form_data` AJAX action in all versions up to and including 7.1.3 due to insufficient input sanitization and output escaping.

CVE-2026-11614
Medium

The Xpro Addons — 140+ Widgets for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting (XSS) via the 'custom_attributes' parameter in all versions up to and including 1.7.2 due to insufficient input sanitization and output escaping.

CVE-2026-12681
High

In a vulnerability in Google go-attestation, the parseEfiSignatureList() function improperly validates indices, allowing attacker-controlled vendor header bytes to be appended to the trusted SHA256 hash list. This could lead to a remote attestation verifier accepting a compromised boot state.

CVE-2026-54639
High

Style Dictionary, a build system for creating cross-platform styles, has a prototype pollution vulnerability from version 4.3.0 to 5.4.4. Users are at risk with direct or indirect usage of the API, especially in NodeJS server applications.

CVE-2026-7574
High

The vulnerability in Anthropic Claude Desktop (versions v1.1348.0 through v1.2278.0) involves missing integrity verification of the Cowork VM root filesystem image. A local attacker with unprivileged access to the macOS user account can modify the rootfs.img image, which will be trusted on subsequent VM boots, enabling persistent arbitrary code execution in the VM and access to host-mounted directories.

CVE-2026-6458
Medium

A missing cryptographic step in Caliptra Core Firmware leads to an incorrect GCM authentication tag. Using the AES-256-GCM API with empty AAD results in the GHASH accumulator state not being saved after the first update call, causing the final tag to exclude the first batch of processed ciphertext.

CVE-2026-5818
High

Incorrect check of function return value in Caliptra Core Runtime Firmware allows bypass of MCU FW verification during hitless updates.

CVE-2026-56785
High

FlatPress contains a stored cross-site scripting vulnerability in comment and contact forms where name, URL, and email fields are rendered without proper output encoding in Smarty templates. Attackers can inject arbitrary HTML and JavaScript through these fields.

CVE-2026-54588
Critical

Poweradmin is a web-based DNS administration tool that in versions prior to 4.2.4 and 4.3.3 uses the attacker-controlled `HTTP_HOST` request header to build callback URLs in its OIDC, SAML, and logout authentication flows without any validation. An attacker can exploit this vulnerability to take over the victim's account.

CVE-2026-48493
Medium

In Snipe-IT versions prior to 8.6.0, a user with users.edit permission can send a PATCH request to /api/v1/users/{their_own_id} and grant themselves any permission except admin and superuser, e.g., assets.view, assets.create, reports.view, import. The issue is fixed in version 8.6.0.

PreviousPage 260 of 4583Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS