CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST - in English

CISA KEV catalog updated: (v2026.07.10)

CVE-2026-48937
Medium

A flaw in Node.js HTTP/2 server API allows servers to keep accepting data even after sending a `GOAWAY` frame. This affects **Node.js 22** and **Node.js 24**.

CVE-2026-47833
Medium

CVE-2026-47833 is a privilege escalation vulnerability from container to host via manipulation of the bpm.log file. A compromised process inside a bpm container can force the system to change the owner of any host file, leading to the exposure of passwords from the /etc/shadow file.

CVE-2026-48986
Medium

In pam_usb versions 0.9.1 and earlier, a bug can lead to an infinite loop DoS due to improper initialization of the *ppid variable. In the pusb_local_login() function, the same variable is reused as input and output in a loop, which can cause the authenticating process to hang.

CVE-2026-48985
Medium

In versions 0.9.1 and below, the pam_usb module can cause a NULL dereference crash when parsing loginctl output. The pusb_is_loginctl_local() function calls popen() and reads the result, which can lead to undefined behavior and crashing the PAM module.

CVE-2026-48984
Medium

In versions 0.9.1 and below, the xfree() function in pam_usb releases memory without first zeroing the buffer contents, leading to the exposure of sensitive data in freed memory. This could allow recovery of pad values or other authentication material from freed memory regions.

CVE-2026-56024
Medium

The WP EasyPay WordPress plugin contains a CSRF vulnerability that allows an attacker to perform unauthorized actions on behalf of a logged-in administrator. The flaw affects all versions up to and including 4.5.0.

CVE-2026-56022
Medium

Webmin accepts basic authentication without session cookies when an attacker provides the 'User-Agent: webmin' header, allowing bypass of additional MFA requirements. Fixed in version 2.641.

CVE-2026-56021
Medium

Webmin allows unauthenticated attackers to read the contents of any file ending in .conf within module directories, due to a bypassable regex pattern.

CVE-2026-55205
Medium

Hermes WebUI before 0.51.468 contains a resource exhaustion vulnerability in the unauthenticated POST /api/onboarding/oauth/start endpoint that allows unbounded accumulation of in-memory flow state and daemon threads.

CVE-2026-54106
Medium

The EPDS and EDS systems do not validate X-Forwarded-For HTTP headers, allowing a remote attacker with compromised administrator credentials to bypass network access controls and log in.

CVE-2026-54105
Medium

The EPDS and EDS systems expose sensitive account information through the 'update-profile/' API endpoint. A remote, unauthenticated attacker can submit a request containing an arbitrary 'user_id' parameter and receive a JSON response containing account-specific information, including the associated email address.

CVE-2026-11982
Medium

Grav version 2.0.0-rc.9 with Admin2 version 2.0.0-rc.14 contains a stored cross-site scripting (XSS) vulnerability in the Admin2 Pages API save flow.

CVE-2026-22551
Medium

In Eclipse Theia versions prior to 1.71.0, the AI chat rendered Markdown image tags from AI responses, triggering unrestricted HTTP requests to external URLs. Combined with prompt injection in a malicious workspace, an attacker could induce the AI agent to construct image URLs encoding sensitive information.

CVE-2026-11791
Medium

A flaw in 389 Directory Server causes the attr_syntax_swap_ht() function to unconditionally free attribute syntax information nodes during schema reload, bypassing the refcount-based deferred deletion. If an administrator triggers schema reload while concurrent LDAP queries are active, worker threads may access freed memory, resulting in use-after-free or double-free and a denial of service (server crash).

CVE-2025-58175
Medium

GeoServer prior to versions 2.26.4 and 2.27.3 may allow an attacker to perform unauthenticated Server-Side Request Forgery (SSRF) using `ENTITY_RESOLUTION_ALLOWLIST`. This requires GeoServer to be configured to use a proxy base URL without a path or ending with a slash.

CVE-2026-56009
Medium

CVE-2026-56009 describes an improper neutralization of input during web page generation in Bricksable for Bricks Builder, allowing for Stored XSS attacks.

CVE-2026-56007
Medium

CVE-2026-56007 describes an improper neutralization of input during web page generation in OceanWP Ocean Product Sharing, leading to Stored XSS vulnerabilities.

CVE-2026-54221
Medium

UBB.threads is vulnerable to Reflected XSS. The application improperly handles user input in certain requests, allowing attackers to execute arbitrary JavaScript in the context of a victim's browser.

CVE-2026-54219
Medium

UBB.threads is vulnerable to Stored XSS via user posts and user profile fields. The application fails to properly sanitize user input, allowing low privileged attackers to inject arbitrary JavaScript that executes in a victim's browser upon viewing.

CVE-2026-44942
Medium

A path traversal vulnerability in handling the 'path' component of .repo files in libzypp before version 17.38.13 in the 17.x series, or before 16.22.19, could allow attackers to fill directories on the system outside of the zypp cache with content.

PreviousPage 98 of 550Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS