CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST — in English

CISA KEV catalog updated: (v2026.07.07)

CVE-2026-11714
High

IBM WebSphere Application Server Liberty versions 17.0.0.3 through 26.0.0.7 are affected by a server-side request forgery (SSRF) vulnerability when the apiDiscovery-1.0 feature is enabled. An attacker can exploit this flaw to send unauthorized requests from the server to internal network resources.

CVE-2026-11712
Critical

IBM WebSphere Application Server 9.0 and 8.5 are affected by a cross-site scripting (XSS) vulnerability in the administrative console help system. This allows an attacker to inject malicious scripts into the help page.

CVE-2026-11708
Critical

IBM WebSphere Application Server 9.0 and 8.5 is affected by a cross-site scripting vulnerability in the administrative console's integrated help system. This allows an attacker to inject malicious script into the help page.

CVE-2026-11595
Medium

IBM WebSphere Application Server 9.0 and 8.5 contain a vulnerability that could allow a remote attacker to obtain sensitive information from the integrated help system of the administrative console.

CVE-2026-11546
High

IBM WebSphere Application Server Liberty versions 17.0.0.3 through 26.0.0.7 with the adminCenter-1.0 feature enabled are affected by a server-side request forgery (SSRF) vulnerability.

CVE-2026-10564
High

IBM Langflow OSS versions 1.0.0 through 1.9.6 contain a Server-Side Request Forgery (SSRF) vulnerability. The RSSReaderComponent and SearXNG components make unvalidated HTTP requests to user-controlled URLs, bypassing SSRF protections introduced in version 1.9.3.

CVE-2026-10560
High

IBM Langflow OSS versions 1.0.0 through 1.9.6 contain a missing authentication vulnerability in /api/v1/build_public_tmp/ endpoints, allowing an unauthenticated attacker to read build event data or cancel jobs using a valid job identifier, resulting in information disclosure and denial of service.

CVE-2026-10546
High

IBM Langflow OSS versions 1.0.0 through 1.9.3 contain a Server-Side Request Forgery (SSRF) vulnerability in the URL component due to a TOCTOU race condition exploitable via DNS rebinding.

CVE-2026-10140
Critical

IBM Langflow OSS versions 1.0.0 through 1.10.0 in voice mode have improper shared-state handling that allows reuse of API clients across tenant boundaries. An authenticated attacker can manipulate cache state to cause requests from other users to be processed using incorrect upstream API credentials, leading to cross-tenant billing and accountability misattribution.

CVE-2026-10134
Critical

IBM Langflow OSS versions 1.0.0 through 1.9.3 contain a critical vulnerability allowing an attacker to read all secrets available to the Langflow process, read and modify all flows, conversations, messages, file uploads, and saved components in the Langflow database. The attacker can also connect to internal services, abuse cloud metadata endpoints, laterally move to other tenants on the same Langflow instance, and establish persistence by modifying the public flow's `tool_code` so that normal `/api/v1/build/...` calls by any user re-execute attacker code at each build.

CVE-2026-10129
High

IBM Langflow OSS versions 1.0.0 through 1.9.3 contain a Server-Side Request Forgery (SSRF) protection bypass vulnerability in the API Request component. An authenticated attacker with low-level privileges (flow author role) can bypass SSRF protections by enabling the follow_redirects parameter and supplying a public URL that redirects to internal/localhost addresses. The vulnerability exists because the application validates only the initial URL but does not re-validate redirect destinations.

CVE-2026-10109
CriticalEPSS 54%

IBM Db2 versions 11.5.0 through 11.5.9 and 12.1.0 through 12.1.4 are vulnerable to remote code execution due to improper handling of DRDA handshake before authentication.

CVE-2025-36372
Medium

A vulnerability in IBM Db2 allows an authenticated user to read sensitive information from monitoring and event tables. It affects versions 11.5.0 through 11.5.9 and 12.1.0 through 12.1.4 on Linux, UNIX, and Windows.

CVE-2026-58138
CriticalEPSS 56%

Orkes Conductor versions 3.21.21 through 3.30.2 contain an unauthenticated remote code execution vulnerability. Attackers can submit malicious workflow definitions with JavaScript or Python expressions to the API before authentication, allowing arbitrary OS command execution.

CVE-2026-10513
High

The Webmention plugin for WordPress up to version 5.8.0 is vulnerable to Stored Cross-Site Scripting via parser-derived 'avatar' and 'url' author metadata. This is due to insufficient input sanitization and output escaping on user-supplied MF2 author properties processed by the unauthenticated webmention REST endpoint and rendered directly into HTML 'value' attributes by the edit-comment-form template.

CVE-2026-9263
Medium

The Zephyr Bluetooth controller ISO Adaptation Layer (isoal.c) fails to validate the length of a framed ISO PDU start segment. An attacker over Bluetooth can send a crafted packet causing an integer underflow and out-of-bounds read.

CVE-2026-8864
High

The HP Fan Control App might allow local escalation of privileges. The vulnerability stems from improper access control in HP's fan management software.

CVE-2026-58377
High

A broken access control vulnerability in JeecgBoot through version 3.9.2 allows authenticated low-privilege users to perform full CRUD operations on OpenAPI credentials via OpenApiAuthController and OpenApiPermissionController endpoints lacking Shiro authorization annotations. The list endpoint exposes secret keys in plaintext, enabling credential theft and unauthorized API invocation.

CVE-2026-58376
High

Dolibarr up to version 23.0.3 (fixed in commit 14db36e) contains a SQL injection vulnerability. Authenticated API users can exfiltrate arbitrary database contents by supplying malicious values to the sqlfilters parameter in the setup dictionary and multicurrencies REST API endpoints.

CVE-2026-58375
High

JimuReport up to version 2.5.0 exposes the POST /jmreport/auto/export endpoint without authentication. The @JimuNoLoginRequired annotation causes all access controls to be skipped, and the export service streams the report for any supplied ID without verifying the auto-export configuration flag. An unauthenticated attacker can enumerate Snowflake report identifiers and export the full contents of any report, including data from SQL queries and credentials embedded in data sources.

PreviousPage 86 of 4466Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS