CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST — in English

CISA KEV catalog updated: (v2026.07.07)

CVE-2026-41507
Critical

math-codegen generates code from mathematical expressions. Prior to version 0.4.3, string literal content passed to cg.parse() was injected verbatim into a new Function() body without sanitization, allowing attackers to execute arbitrary system commands.

CVE-2026-41497
Critical

PraisonAI is a multi-agent system that prior to version 4.6.9 had a vulnerability in MCP command handling. The lack of a command allowlist and argument validation in parse_mcp_command() allowed arbitrary executables like bash or python with inline code execution flags to be executed.

CVE-2026-25199
Critical

The Proxmox extension for Apache CloudStack allows unauthorized access to instances belonging to other tenants. The issue arises from improper use of an instance setting, enabling attackers to modify and gain control over virtual machines of other users.

CVE-2026-8153
Critical

The Dashboard Server interface in Universal Robots PolyScope versions prior to 5.25.1 is vulnerable to OS command injection, allowing an unauthenticated attacker to craft commands that execute code on the robot's OS.

CVE-2026-8076
Critical

The CashDro 3 web administration panel version 24.01.00.26 has weak credentials as it allows the use of numeric PINs for user authentication. An attacker can easily perform a brute-force attack by trying different PINs without the account being locked.

CVE-2026-6213
Critical

A vulnerability in Remote Spark SparkView before build 1122 allows an attacker to bypass the local connection check and achieve arbitrary code execution as root on the server side. Depending on implementation, the vulnerability can be exploited by an unauthenticated attacker.

CVE-2013-10075
Critical

Apache::Session versions through 1.94 for Perl re-create deleted sessions. Sessions stored in Apache::Session::Store::File and Apache::Session::Store::DB_File can be revived, potentially exposing data that was meant to be deleted.

CVE-2025-69691
Critical

Netgate pfSense CE version 2.8.0 allows code execution via the XMLRPC API using pfsense.exec_php. The supplier disputes this vulnerability as the API call is only available to admins who are intentionally allowed to execute PHP code.

CVE-2025-69690
Critical

Netgate pfSense CE version 2.7.2 allows code execution by using the module installer with a backup file containing a serialized PHP object with the post_reboot_commands property.

CVE-2025-69599
Critical

RayVentory Scan Engine through version 12.6 Update 8 allows attackers to gain privileges if they control the value of the PATH environment variable. This vulnerability is disputed as the ability to control the environment is a site-specific misconfiguration.

CVE-2025-67887
Critical

1C-Bitrix version 25.100.500 allows Remote Code Execution because an actor with SOURCE/WRITE permissions for the Translate Module can upload and execute code by sending a PHP file and a .htaccess file.

CVE-2023-46453
Critical

Certain GL.iNet devices with 4.x firmware allow authentication bypass, resulting in administrative control of the device. This affects version 4.3.7 on models GL-MT3000, GL-AR300M, GL-B1300, GL-AX1800, GL-AR750S, GL-MT2500, GL-AXT1800, GL-X3000, and GL-SFT1200.

CVE-2024-51092
Critical

LibreNMS before 24.10.0 allows a remote attacker to execute arbitrary code via OS command injection involving AboutController.php's index(), SettingsController.php's update(), and PollDevice.php's initRrdDirectory().

CVE-2026-43944
Critical

Electerm, a terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client, is vulnerable to arbitrary local code execution in versions from 3.0.6 to before 3.8.15. Exploiting this vulnerability requires clicking a crafted electerm://... link or opening a crafted shortcut/command.

CVE-2026-43941
Critical

Electerm is a terminal client that in versions 3.8.15 and prior does not validate protocols for URLs clicked in the terminal. Attackers can exploit this to execute arbitrary code or access local files on the victim's machine if the victim clicks a displayed link.

CVE-2026-42208
CriticalActively exploitedEPSS 100%

In LiteLLM versions from 1.81.16 to before 1.83.7, a SQL injection vulnerability exists during proxy API key checks. An unauthenticated attacker can send a crafted Authorization header, leading to reading and potentially modifying data in the proxy database.

CVE-2026-41501
Critical

In the electerm client prior to version 3.3.8, a command injection vulnerability exists that allows an attacker to append malicious version strings into an exec command without validation. This issue has been patched in version 3.3.8.

CVE-2026-41500
Critical

In the electerm client prior to version 3.3.8, a command injection vulnerability allows an attacker to inject malicious code into the exec command. This issue has been patched in version 3.3.8.

CVE-2026-42880
Critical

In Argo CD versions 3.2.0 to 3.2.10 and 3.3.0 to 3.3.8, there is a missing authorization and data-masking gap in the ServerSideDiff endpoint. This allows an attacker with read-only access to extract plaintext Kubernetes Secret data from etcd via the Kubernetes API server's Server-Side Apply dry-run mechanism.

CVE-2026-8034
Critical

A server-side request forgery (SSRF) vulnerability was identified in the GitHub Enterprise Server notebook viewer that allowed an attacker to access internal services by exploiting URL parser confusion between the validation layer and the HTTP request library.

PreviousPage 84 of 559Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS