CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.01)
A vulnerability in Quest NetVault Backup allows an attacker to bypass authentication via cross-site scripting (XSS) in the viewclient component. User interaction is required, as the target must visit a malicious page or open a malicious file.
Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a Stored SQL Injection vulnerability through graph_name_regexp in the Reports feature. This issue has been fixed in version 1.2.31.
A buffer overflow vulnerability in the gf_media_import function of GPAC/MP4Box before version 26.02.0 allows an attacker to cause a Denial of Service (DoS) by supplying a crafted input file.
A use-after-free vulnerability was found in the GPAC/MP4Box library before version 26.02.0 in the gf_filter_pid_inst_swap_delete_task function within filter_pid.c. An attacker can exploit this by supplying a crafted media file to cause a denial of service (DoS).
In ATEN Unizon, the updateWar method has an improper implementation of cryptographic signature verification. An authenticated remote attacker can exploit this vulnerability to execute arbitrary code in the context of SYSTEM.
A directory traversal vulnerability in the ImportDeviceList method of ATEN Unizon allows remote code execution. The issue stems from improper validation of a user-supplied path before using it in file operations. Authentication is required for exploitation.
A directory traversal vulnerability in the restoreDB method of ATEN Unizon allows remote code execution. The flaw is due to improper validation of a user-supplied path before using it in file operations. Authentication is required, but the attacker can execute code in the context of SYSTEM.
A Directory Traversal vulnerability in the writeFileToHttpServletResponse method in ATEN Unizon allows remote attackers to disclose sensitive information without authentication. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations.
The vulnerability allows remote code execution in Unraid via command injection in ToggleState.php. Authentication is required, and the issue stems from missing validation of user input before using it in a system call.
A vulnerability in the Unraid web server allows remote code execution via command injection in FileUpload.php. The flaw stems from insufficient validation of user-supplied data before use in a system call. Authentication is required, and an attacker can execute code as the www-data user.
In Rocket.Chat versions prior to 8.5.1, 8.4.4, 8.3.6, 8.2.6, 8.1.6, 8.0.7, and 7.10.13, the POST /api/v1/fingerprint endpoint requires authentication but does not perform authorization checks. Any authenticated user could deregister the workspace from Rocket.Chat Cloud, leading to data loss and requiring manual re-registration.
Vulnerability in Rocket.Chat's Apple Sign-In handler lacks JWT claims validation. An attacker who obtains a target user's Apple identity token (from server logs, intercepted sign-in flow, or another app sharing the same Apple developer team) can replay it to authenticate as that user with no expiration.
SiYuan is an open-source personal knowledge management system. Prior to version 3.7.0, Lute's HTML sanitizer does not remove <iframe> elements, allowing an attacker to include a malicious <iframe> in a Bazaar package README that executes arbitrary commands on the victim's machine.
A vulnerability in SiYuan before version 3.7.0 allows JavaScript execution in the administrator's context by rendering a Bazaar package README. The flaw stems from an incomplete allowlist of event attributes in the lute sanitizer engine, which passes modern event handlers (e.g., onpointerover, onpointerdown) through.
SiYuan is an open-source personal knowledge management system. In versions prior to 3.7.0, a vulnerability allowed an unauthenticated attacker to read arbitrary files in WorkspaceDir by double URL-encoding in the /assets/*path route.
Sentry is an error tracking and performance monitoring tool. From version 24.4.0 to 26.5.2, a Regular Expression Denial of Service (ReDoS) vulnerability exists in Sentry's event ingestion pipeline, where a regex applied to attacker-controlled fields on incoming events can be made to consume disproportionate CPU time.
Appsmith before version 2.1 exposes the supervisord XML-RPC interface on port 9001, reachable from outside the container via a Caddy reverse-proxy route at /supervisor/* on the public ingress. Combined with the APPSMITH_SUPERVISOR_PASSWORD exposed via GET /api/v1/admin/env, any authenticated administrator can send arbitrary XML-RPC calls to supervisord and execute OS commands inside the Docker container via twiddler.addProgramToGroup.
A heap-based buffer overflow vulnerability in GIMP's HDR file parsing allows remote code execution. Exploitation requires user interaction, such as opening a malicious file or visiting a crafted webpage.
A vulnerability in MosaicML Composer allows remote code execution through the deserialization of untrusted data. User interaction is required to exploit this vulnerability, meaning the victim must visit a malicious page or open a malicious file.
A potential security vulnerability has been identified in the HP Accessory WMI Provider installer for some HP Docking Stations, which might allow escalation of privilege and/or arbitrary code execution. HP is releasing software updates to mitigate the potential vulnerability.

