CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.07)
Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Reflected XSS via tab parameter in the auth_profile.php JavaScript context. This issue has been fixed in version 1.2.31.
Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Path Traversal via filename parameter in package_import.php. This issue has been fixed in version 1.2.31.
A vulnerability in the uploadSSL method of ATEN Unizon allows remote authenticated attackers to delete arbitrary files. The issue stems from missing validation of a user-supplied path before using it in file operations.
The vulnerability in the updateLicense method of ATEN Unizon software allows a remote authenticated attacker to delete arbitrary files on the system. The issue stems from the lack of proper validation of a user-supplied path before using it in file operations.
SiYuan is a knowledge management system that prior to version 3.7.0 had the /api/icon/getDynamicIcon endpoint which did not require authentication. Attackers can exploit this endpoint to execute arbitrary SELECT queries against the SiYuan SQLite database, leading to data leakage.
Vulnerability in Chrome DevTools MCP (versions 0.24.0 to 1.1.0) allows bypassing workspace root restrictions via symbolic links. The path validation function does not canonicalize symbolic links, enabling read and write access to files outside the allowed area.
A vulnerability in chrome-devtools-mcp from version 0.20.0 to 1.1.0 allows a local low-privilege user to create a symbolic link to the daemon PID file, resulting in overwriting any victim's file with the daemon PID string.
A vulnerability in Tiptap for PHP before version 2.1.1 allows authenticated attackers to cause a denial of service by submitting Tiptap JSON with the attrs.href field set to an array instead of a string. This triggers an unhandled TypeError in the Link::isAllowedUri() function when passed to preg_match(), permanently corrupting the record and blocking HTML rendering for all users.
Cacti is an open source performance and fault management framework. Versions 1.2.30 and below contain a Reflected XSS vulnerability in the html_auth_footer, which has been fixed in version 1.2.31.
The Zephyr PL011 UART driver (drivers/serial/uart_pl011.c) has an unbounded loop in pl011_irq_tx_enable() that hangs the calling thread when CTS hardware flow control is enabled and the peer de-asserts CTS. The loop never exits because the TX FIFO cannot drain, causing a denial of service (CWE-835).
In GPAC/MP4Box version 2.5-DEV-rev1593-gfe88c3545-master, a buffer overflow vulnerability was found. The function gf_filter_pid_inst_swap_delete_task() in filter_core/filter_pid.c improperly accesses freed objects during PID instance cleanup after a swap/delete operation, leading to a heap use-after-free.
Gogs is an open source Git service that prior to version 0.14.3 had a vulnerability in the Jupyter Notebook (ipynb) sanitizer endpoint at POST /-/api/sanitize_ipynb. This vulnerability allowed arbitrary data URIs to be submitted without proper restrictions, potentially leading to Cross-Site Scripting (XSS) attacks.
Gogs, an open source Git service, prior to version 0.14.3 has an unauthenticated information disclosure vulnerability. The GET /api/v1/orgs/:orgname/teams endpoint returns all teams for any organization without requiring authentication.
Gogs is an open source Git service that prior to version 0.14.3 was vulnerable to an unauthenticated, asymmetric Denial of Service (DoS) attack via its built-in SSH server. An attacker could open multiple TCP connections to the SSH port, leading to file descriptor exhaustion and destabilization of the entire Gogs process.
In Gogs before version 0.14.3, password-reset tokens are generated using the account-activation lifetime (conf.Auth.ActivateCodeLives) instead of the reset-password lifetime (conf.Auth.ResetPasswordCodeLives). The token lifetime is embedded in the token at generation time and re-extracted at verification, making RESET_PASSWORD_CODE_LIVES irrelevant. Even if an administrator configures a shorter reset window (e.g., 10 minutes), tokens remain valid for the full activation lifetime, while the reset email falsely advertises the shorter expiry.
Gogs is an open source Git service that prior to version 0.14.3 had an issue with rendering milestone names. The default auto-escaping in Go allowed for HTML/JavaScript injection through interaction with the dropdown in Semantic UI.
Gogs is an open source self-hosted Git service. Prior to 0.14.3, a repository admin collaborator can escalate their privileges to owner-level access by exploiting an off-by-one error in the ChangeCollaborationAccessMode function. This vulnerability is fixed in 0.14.3.
Gogs is an open source Git service that prior to version 0.14.3 had an open redirect vulnerability. Attacker-controlled redirect_to parameters could bypass validation, allowing redirection to arbitrary external sites.
Gogs is an open-source Git service that in version 0.14.3 and earlier allows authenticated users to watch private repositories they do not have access to. The issue arises from an incorrectly implemented access check in the Watch API, enabling attackers to access information from private repositories.
Mastodon, a social network server based on ActivityPub, has a vulnerability in versions from 4.3.0 to 4.5.11 and 4.4.18 that allows modification of the attributionDomains value in signed activities. An error in the definition of this term makes Linked Data signatures ineffective.

