CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST — in English

CISA KEV catalog updated: (v2026.07.07)

CVE-2026-9692
Medium

Mojolicious::Sessions::Storable versions through 0.05 for Perl generate session ids insecurely. The default session id generator uses low-entropy sources, making them predictable.

CVE-2026-55392
Medium

NILFS utilities up to version 2.3.0 have a validation issue with the s_log_block_size field in the NILFS2 superblock in the nilfs_sb_is_valid() function. Attackers can supply crafted NILFS2 images, leading to undefined behavior and crashes of tools like nilfs-tune and dumpseg.

CVE-2026-48937
Medium

A flaw in Node.js HTTP/2 server API allows servers to keep accepting data even after sending a `GOAWAY` frame. This affects **Node.js 22** and **Node.js 24**.

CVE-2026-47833
Medium

CVE-2026-47833 is a privilege escalation vulnerability from container to host via manipulation of the bpm.log file. A compromised process inside a bpm container can force the system to change the owner of any host file, leading to the exposure of passwords from the /etc/shadow file.

CVE-2026-48986
Medium

In pam_usb versions 0.9.1 and earlier, a bug can lead to an infinite loop DoS due to improper initialization of the *ppid variable. In the pusb_local_login() function, the same variable is reused as input and output in a loop, which can cause the authenticating process to hang.

CVE-2026-48985
Medium

In versions 0.9.1 and below, the pam_usb module can cause a NULL dereference crash when parsing loginctl output. The pusb_is_loginctl_local() function calls popen() and reads the result, which can lead to undefined behavior and crashing the PAM module.

CVE-2026-48984
Medium

In versions 0.9.1 and below, the xfree() function in pam_usb releases memory without first zeroing the buffer contents, leading to the exposure of sensitive data in freed memory. This could allow recovery of pad values or other authentication material from freed memory regions.

CVE-2026-56024
Medium

The WP EasyPay WordPress plugin contains a CSRF vulnerability that allows an attacker to perform unauthorized actions on behalf of a logged-in administrator. The flaw affects all versions up to and including 4.5.0.

CVE-2026-56022
Medium

Webmin accepts basic authentication without session cookies when an attacker provides the 'User-Agent: webmin' header, allowing bypass of additional MFA requirements. Fixed in version 2.641.

CVE-2026-56021
Medium

Webmin allows unauthenticated attackers to read the contents of any file ending in .conf within module directories, due to a bypassable regex pattern.

CVE-2026-55205
Medium

Hermes WebUI before 0.51.468 contains a resource exhaustion vulnerability in the unauthenticated POST /api/onboarding/oauth/start endpoint that allows unbounded accumulation of in-memory flow state and daemon threads.

CVE-2026-54106
Medium

The EPDS and EDS systems do not validate X-Forwarded-For HTTP headers, allowing a remote attacker with compromised administrator credentials to bypass network access controls and log in.

CVE-2026-54105
Medium

The EPDS and EDS systems expose sensitive account information through the 'update-profile/' API endpoint. A remote, unauthenticated attacker can submit a request containing an arbitrary 'user_id' parameter and receive a JSON response containing account-specific information, including the associated email address.

CVE-2026-11982
Medium

Grav version 2.0.0-rc.9 with Admin2 version 2.0.0-rc.14 contains a stored cross-site scripting (XSS) vulnerability in the Admin2 Pages API save flow.

CVE-2026-22551
Medium

In Eclipse Theia versions prior to 1.71.0, the AI chat rendered Markdown image tags from AI responses, triggering unrestricted HTTP requests to external URLs. Combined with prompt injection in a malicious workspace, an attacker could induce the AI agent to construct image URLs encoding sensitive information.

CVE-2026-11791
Medium

A flaw in 389 Directory Server causes the attr_syntax_swap_ht() function to unconditionally free attribute syntax information nodes during schema reload, bypassing the refcount-based deferred deletion. If an administrator triggers schema reload while concurrent LDAP queries are active, worker threads may access freed memory, resulting in use-after-free or double-free and a denial of service (server crash).

CVE-2025-58175
Medium

GeoServer prior to versions 2.26.4 and 2.27.3 may allow an attacker to perform unauthenticated Server-Side Request Forgery (SSRF) using `ENTITY_RESOLUTION_ALLOWLIST`. This requires GeoServer to be configured to use a proxy base URL without a path or ending with a slash.

CVE-2026-56009
Medium

CVE-2026-56009 describes an improper neutralization of input during web page generation in Bricksable for Bricks Builder, allowing for Stored XSS attacks.

CVE-2026-56007
Medium

CVE-2026-56007 describes an improper neutralization of input during web page generation in OceanWP Ocean Product Sharing, leading to Stored XSS vulnerabilities.

CVE-2026-54221
Medium

UBB.threads is vulnerable to Reflected XSS. The application improperly handles user input in certain requests, allowing attackers to execute arbitrary JavaScript in the context of a victim's browser.

PreviousPage 90 of 540Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS