CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.07)
SiYuan is an open-source personal knowledge management system. In versions prior to 3.7.0, attribute view names are stored without HTML escape, leading to potential HTML injection and Node.js code execution in the renderer.
Gradient is a nix-based continuous integration system. In version 1.1.0, when GRADIENT_DISCOVERABLE=true, anyone who can reach /proto can register as a worker without any credentials, leading to unauthorized access to jobs from every organization.
SiYuan is a knowledge management system that prior to version 3.7.0 had an issue with handling the aria-label attribute. Due to improper URL decoding, it was possible to inject malicious HTML code, leading to unauthorized script execution.
The Note Mark application prior to version 0.19.4 does not enforce minimum length or entropy for the JWT_SECRET configuration value. It allows any base64-decodable secret, including secrets as short as 1 byte.
mdserver-web versions from 0.18.0 to 0.18.4 have an unauthorized remote command execution vulnerability in the /modify_crond and /start_task interfaces. The lack of authentication allows modification of default scheduled tasks and their execution, leading to RCE.
FileBrowser Quantum prior to versions 1.3.1-stable and 1.3.9-beta has a vulnerability that allows an attacker to use attacker-controlled path input to escape the intended shared directory. As a result, an unauthenticated attacker with a valid public share hash and delete permissions can delete arbitrary files outside this directory.
Microsoft Authenticator has a vulnerability that allows an unauthorized attacker to disclose sensitive information over a network.
Valtimo is a business process automation platform with a vulnerability that allows remote code execution and credential exfiltration. Versions from 12.0.0 to before 12.32.0 for com.ritense.valtimo:document and from 13.0.0 to before 13.23.0 for com.ritense.valtimo:case and com.ritense.valtimo:contract are affected.
CVE-2026-20182 identifies an issue with the authentication mechanism in Cisco Catalyst SD-WAN Controller, Manager, and Validator that allows an unauthenticated attacker to bypass authentication and gain administrative privileges. An attacker could exploit this vulnerability by sending crafted requests to the system.
Gotenberg is an API for PDF files that prior to version 8.31.0 had a vulnerability in the downloadFrom and webhook features. The default deny-lists were bypassable, allowing unauthenticated attackers to access internal HTTP services.
Gotenberg is a PDF file API that, prior to version 8.31.0, did not validate keys in JSON objects sent to the /forms/pdfengines/metadata/write endpoint. Using a newline character in a JSON key allows for the injection of arbitrary ExifTool flags, leading to unauthenticated OS command execution.
A vulnerability in PyTorch Lightning versions 2.6.2 and 2.6.2 introduces functionality consistent with credential harvesting. An attacker could exploit this flaw to intercept user credentials.
In the soundcloud-rpc application prior to version 0.1.8, a vulnerability allowed for local command execution on the user's machine through malicious SoundCloud track metadata. This metadata was trusted and forwarded to the Electron main process, enabling it to be rendered as raw HTML.
vCluster Platform prior to versions 4.4.3, 4.5.5, 4.6.2, 4.7.1, and 4.8.0 has a Stored XSS attack vulnerability via the name field of a templateRef. This can lead to the execution of arbitrary external scripts within the platform's browser context.
A vulnerability in Akilli Commerce software allows authorization bypass through a user-controlled key, leading to session hijacking.
There is an SQL injection vulnerability in Akilli Commerce software that allows for a Blind SQL Injection attack. This issue affects E-Commerce Website versions before 4.5.001.
The InfusedWoo Pro plugin for WordPress is vulnerable to authorization bypass in all versions up to and including 5.1.2. This is due to the plugin not properly verifying that a user is authorized to perform an action.
The InfusedWoo Pro plugin for WordPress is vulnerable to privilege escalation due to missing authorization in all versions up to and including 5.1.2. This is due to missing nonce verification and capability checks in the iwar_save_recipe() AJAX handler.
The Career Section plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to and including 1.7 due to missing file type validation in the CV upload handler. This allows unauthenticated attackers to upload potentially executable files, enabling remote code execution.
The Burst Statistics – Privacy-Friendly WordPress Analytics plugin is vulnerable to Authentication Bypass in versions 3.4.0 to 3.4.1.1. The issue arises from incorrect return-value handling in the `is_mainwp_authenticated()` function, allowing unauthenticated attackers to impersonate an administrator.

