Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
4.0 MEDIUM
CVE-2026-15505 — vnotex vnote YAML Frontmatter markdownit.js cross site scripting

A weakness has been identified in vnotex vnote up to 3.20.1. Impacted is an unknown function of the file /src/data/extra/web/js/markdownit.js of the component YAML Frontmatter. This manipulation of t…

Remote | Cross-Site Scripting
Jul 12, 2026 Jul 12, 2026
Jul 12, 2026
Jul 12, 2026
2.4 LOW
CVE-2026-10668 — Host-triggerable control-endpoint wedge (DoS) in Nuvoton NuMaker HSUSBD UDC driver

The Nuvoton NuMaker HSUSBD USB device-controller driver (drivers/usb/udc/udc_numaker.c) armed the control Data IN stage unconditionally (base->CEPTXCNT = len in numaker_hsusbd_ep_trigger). Because th…

zephyr zephyr | Denial of Service
Jul 12, 2026 Jul 12, 2026
Jul 12, 2026
Jul 12, 2026
7.8 HIGH
CVE-2026-10667 — SMP use-after-free in Zephyr `CONFIG_USERSPACE` dynamic kernel-object tracking, reachable…

Zephyr's dynamic kernel-object tracking (kernel/userspace/userspace.c, formerly kernel/userspace.c) maintains a doubly-linked list (obj_list) of dynamically allocated kernel objects. Iteration over t…

zephyr zephyr | Race Condition
Jul 12, 2026 Jul 12, 2026
Jul 12, 2026
Jul 12, 2026
8.1 HIGH
CVE-2026-10666 — Stack buffer overflow in `net_ipaddr_parse()` IPv4 address-with-port parsing in `subsys/n…

parse_ipv4() in subsys/net/ip/utils.c (reached via net_ipaddr_parse() for strings of the form "a.b.c.d:port") copies the port substring into a fixed 17-byte stack buffer (char ipaddr[NET_IPV4_ADDR_LE…

zephyr zephyr | Memory Corruption
Jul 12, 2026 Jul 12, 2026
Jul 12, 2026
Jul 12, 2026
7.4 HIGH
CVE-2026-10665 — Heap buffer overflow on WireGuard receive path via unbounded incoming packet length

In Zephyr's WireGuard subsystem (subsys/net/lib/wireguard), wg_process_data_message() in wg_crypto.c linearizes an inbound transport-data payload into a fixed pool buffer of CONFIG_WIREGUARD_BUF_LEN …

zephyr zephyr | Memory Corruption
Jul 12, 2026 Jul 12, 2026
Jul 12, 2026
Jul 12, 2026
5.0 MEDIUM
CVE-2026-10664 — Out-of-bounds write in nRF70 Wi-Fi driver power-save event handler (unbounded TWT flow co…

The nRF70 Wi-Fi driver's power-save event handler nrf_wifi_event_proc_get_power_save_info() in drivers/wifi/nrf_wifi/src/wifi_mgmt.c copied TWT (Target Wake Time) flow entries from an nrf_wifi_umac_e…

zephyr zephyr | Memory Corruption
Jul 12, 2026 Jul 12, 2026
Jul 12, 2026
Jul 12, 2026
6.1 MEDIUM
CVE-2026-10663 — Use-after-free / double-free of the root USB device in the experimental USB host stack

In Zephyr's experimental USB host stack (CONFIG_USB_HOST_STACK), usbh_device_disconnect() (subsys/usb/host/usbh_device.c) freed the root usb_device slab object without clearing the cached pointer ctx…

zephyr zephyr | Memory Corruption
Jul 12, 2026 Jul 12, 2026
Jul 12, 2026
Jul 12, 2026
8.3 HIGH
CVE-2026-58596 — Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

Untrusted pointer dereference in Microsoft Edge (Chromium-based) allows an unauthorized attacker to elevate privileges over a network.

Jul 12, 2026 Jul 12, 2026
Jul 12, 2026
Jul 12, 2026
6.5 MEDIUM
CVE-2026-15502 — AojiaoZero Antaris PayPal IPN Payment ipn.php _rewardPurchase sql injection

A vulnerability was detected in AojiaoZero Antaris 1.0. This affects the function _rewardPurchase of the file /ipn.php of the component PayPal IPN Payment Handler. The manipulation of the argument it…

antaris | Remote | Injection
Jul 12, 2026 Jul 12, 2026
Jul 12, 2026
Jul 12, 2026
6.5 MEDIUM
CVE-2026-15501 — AstrBotDevs AstrBot MCP Test Endpoint tools.py ToolsRoute.test_mcp_connection server-side…

A security vulnerability has been detected in AstrBotDevs AstrBot up to 4.25.2. Affected by this issue is the function ToolsRoute.test_mcp_connection of the file astrbot/dashboard/routes/tools.py of …

astrbot | Remote | Server-Side Request Forgery
Jul 12, 2026 Jul 12, 2026
Jul 12, 2026
Jul 12, 2026
9.4 CRITICAL
CVE-2026-61876 — LuCI DHCPv6 Lease Hostname Stored Cross-Site Scripting

LuCI versions fail to properly encode DHCPv6 lease hostnames before rendering in status tables, allowing adjacent network attackers to inject HTML markup. Attackers can send a DHCPv6 Client FQDN cont…

luci | Cross-Site Scripting
Jul 12, 2026 Jul 12, 2026
Jul 12, 2026
Jul 12, 2026
8.8 HIGH
CVE-2026-61875 — luci-app-upnp Stored XSS via UPnP Port Mapping Description

luci-app-upnp contains a stored cross-site scripting vulnerability that allows unauthenticated LAN clients to inject JavaScript via UPnP IGD AddPortMapping SOAP requests. Attackers can send malicious…

luci | Cross-Site Scripting
Jul 12, 2026 Jul 12, 2026
Jul 12, 2026
Jul 12, 2026
3.1 LOW
CVE-2026-61874 — filebrowser before 2.63.17 Stale Public Share via Trailing-Slash Delete

filebrowser versions before 2.63.17 fail to normalize paths before querying the share index in DeleteWithPathPrefix, allowing authenticated users to leave stale public shares behind. Attackers can de…

filebrowser | Remote | Path Traversal
Jul 12, 2026 Jul 12, 2026
Jul 12, 2026
Jul 12, 2026
8.8 HIGH
CVE-2026-59260 — OpenWrt luci-app-samba4 read ACL remote code execution via smbd

OpenWrt luci-app-samba4 read ACL grants file.exec permission on /usr/sbin/smbd, allowing authenticated delegated users to execute the Samba daemon with caller-controlled command-line arguments. Attac…

luci | Remote | Authorization
Jul 12, 2026 Jul 12, 2026
Jul 12, 2026
Jul 12, 2026
6.9 MEDIUM
CVE-2026-56336 — Capgo - Information Disclosure via Unauthenticated SSO check-domain Endpoint

Capgo before 12.128.2 contains an information disclosure vulnerability in the unauthenticated /private/sso/check-domain endpoint that returns internal org_id and provider_id values. Attackers can enu…

Remote | Information Disclosure
Jul 12, 2026 Jul 12, 2026
Jul 12, 2026
Jul 12, 2026
8.1 HIGH
CVE-2026-56313 — Capgo - Cross-Organization Account Disruption via SSO Prelink Endpoint

Capgo before 12.128.2 contains a cross-organization account disruption vulnerability in the SSO prelink endpoint that allows enterprise administrators to delete password identities of users in foreig…

Remote | Authentication
Jul 12, 2026 Jul 12, 2026
Jul 12, 2026
Jul 12, 2026
8.4 HIGH
CVE-2026-56308 — Capgo - Insufficient Authentication in Email Change Endpoint

Capgo before 12.128.2 allows email address changes without requiring current password re-authentication or verification of the existing email address. An attacker with access to a valid session cooki…

Remote | Authentication
Jul 12, 2026 Jul 12, 2026
Jul 12, 2026
Jul 12, 2026
5.1 MEDIUM
CVE-2026-56281 — Capgo - SQL Injection via Unvalidated limit Parameter in Admin Stats Endpoint

Capgo before 12.128.2 contains a sql injection vulnerability in the POST /private/admin_stats endpoint where the limit parameter is destructured from unvalidated request body and interpolated directl…

Remote | Injection
Jul 12, 2026 Jul 12, 2026
Jul 12, 2026
Jul 12, 2026
9.8 CRITICAL
CVE-2026-56271 — Flowise - Weak Default JWT Secrets in Authentication Middleware

Flowise before 3.1.0 (affected versions 3.0.13 and earlier) uses weak hardcoded default JWT secrets ('auth_token', 'refresh_token') and default audience and issuer values ('AUDIENCE', 'ISSUER') in th…

flowise | Remote | Authentication
Jul 12, 2026 Jul 12, 2026
Jul 12, 2026
Jul 12, 2026
9.1 CRITICAL
CVE-2026-56260 — Crawl4AI - Arbitrary File Write via output_path Parameter

Crawl4AI before 0.8.7 contains an arbitrary file write vulnerability in the Docker API server's /screenshot and /pdf endpoints. The output_path parameter accepts arbitrary filesystem paths without va…

crawl4ai | Remote | Path Traversal
Jul 12, 2026 Jul 12, 2026
Jul 12, 2026
Jul 12, 2026
Showing 20 of 7132 Results