CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST — in English

CISA KEV catalog updated: (v2026.07.07)

CVE-2026-56012
High

CVE-2026-56012 describes an improper neutralization of special elements used in SQL commands, allowing for Blind SQL Injection attacks in the David Lingren Media Library Assistant application.

CVE-2026-54224
High

UBB.threads is vulnerable to Denial of Service (DoS). An authenticated attacker can send multiple concurrent requests to view any user profile, leading to exhaustion of database resources and complete denial of access to the application for other users.

CVE-2026-54223
High

UBB.threads is vulnerable to Path traversal, allowing attackers with privilege to edit templates to read and write any file on the application’s server, resulting in Remote Code Execution.

CVE-2026-54222
High

UBB.threads is vulnerable to Blind SQL Injection, allowing attackers with access to the Members in Control Panel to interact with the underlying database. Due to insufficient input sanitization, an attacker can extract sensitive information, such as user credentials.

CVE-2026-54220
High

uBB.threads is vulnerable to a Cross-Site Request Forgery (CSRF) due to a lack of protective mechanisms. This allows an attacker to trick an authenticated user into executing unintended actions.

CVE-2026-50141
High

In the Woodpecker CI/CD engine, from version 3.0.0 to 3.14.1, a vulnerability in the gRPC layer allowed authenticated agents to impersonate other agents on the same server by injecting a forged `agent_id` value into outgoing gRPC metadata. Version 3.14.1 patches this issue.

CVE-2026-42488
High

In some shadow paging error paths, page tables may be switched without updating the currently running vCPU reference. This can lead to a mismatch between the loaded page tables and the mapcache metadata, potentially resulting in corruption of the mapcache.

CVE-2026-42487
High

Access to HVM guest I/O ports is subject to emulation or at least translation, which requires synchronization with updates. The current implementation lacks synchronization when handling these accesses.

CVE-2026-40456
HighEPSS 56%

An OS Command Injection vulnerability exists in LMS (LAN Management System) before commit 9fcb4de. The issue arises from an IP address parameter being passed to the 'exec()' function without proper validation, allowing attackers to execute arbitrary operating system commands.

CVE-2026-40455
High

An SQL Injection vulnerability exists in LMS (LAN Management System) before commit 4cb30a7 within the 'tarifflist.php' module due to insufficient sanitization of the POST 'tg[]' parameter. This allows authenticated attackers to perform Error-Based SQL injection and extract sensitive database information.

CVE-2026-11958
High

The vulnerability allows local privilege escalation by loading malicious DLLs from a shared temporary directory in DFIR-ORC versions 10.2.7 and prior. An attacker with access to the system can place a malicious DLL in C:\Windows\Temp, enabling automatic loading when the application is executed with administrative privileges.

CVE-2026-11719
High

An authenticated authorization bypass vulnerability exists in MCP Toolbox for Databases due to missing scope enforcement across older protocol handlers. An authenticated client with low-privilege tokens can access high-privilege tools by using an older protocol version.

CVE-2026-8811
High

SEPPmail versions before 15.0.5 allow improper handling of attachment filenames during encrypted PDF generation. An attacker can exploit this to create new files outside the intended directory.

CVE-2026-55746
High

Cotonti 1.0.0 is vulnerable to stored Cross-Site Scripting in the Personal File Storage (PFS) module. An authenticated user can store HTML/JavaScript in a folder title, leading to the execution of the injected script in other users' browsers.

CVE-2026-55744
High

Cotonti version 1.0.0 (master branch, commit f43f1fc3) is vulnerable to Cross-Site Request Forgery in the Personal File Storage (PFS) module. The file upload action ('a=upload') does not validate the anti-CSRF token, allowing a remote attacker to upload arbitrary files to the victim's PFS storage.

CVE-2026-55741
High

Cotonti 1.0.0 is vulnerable to Cross-Site Request Forgery in the administration configuration handler. The configuration update action ('a=update') processes POST data without validating the anti-CSRF token, allowing for modification of configuration options through forged requests.

CVE-2026-11395
High

The CF7 to Webhook plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to and including 5.0.0, allowing unauthenticated attackers to make web requests to arbitrary locations originating from the web application.

CVE-2026-9860
High

The Offload, AI & Optimize with Cloudflare Images plugin for WordPress is vulnerable to Remote Code Execution in all versions up to and including 1.10.2 via the 'account-id' parameter. This is due to insufficient privilege enforcement on the cf_images_do_setup AJAX handler, allowing authenticated attackers with author-level access to execute code on the server.

CVE-2026-12505
High

A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information inside a user-controlled environment. A local, low privileged attacker can exploit this by using a crafted request_key payload to trick the root-owned helper into entering a custom environment (namespace) containing a malicious NSS module. This forces the system to load the attacker's controlled NSS Module and configuration, allowing them to execute arbitrary commands as the root user, elevating their privileges and fully compromising the system.

CVE-2026-12407
High

The E2Pdf – Export Pdf Tool for WordPress plugin is vulnerable to Missing Authorization in versions up to and including 1.32.26. The screen_action() function lacks a dedicated capability check and nonce verification, allowing attackers to overwrite WordPress options.

PreviousPage 86 of 3311Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS