Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
8.1 HIGH
CVE-2026-55377 — Logto: Account Center MFA management step-up bypass via WebAuthn registration verification

Logto is the modern, open-source auth infrastructure for SaaS and AI apps. Prior to 1.41.0, Logto's Account Center step-up check accepted any active verification record that belonged to the current u…

Remote | Authentication
Jul 10, 2026 Jul 10, 2026
Jul 10, 2026
Jul 10, 2026
6.4 MEDIUM
CVE-2026-55370 — Logto: TOTP code can be replayed within the RFC 6238 validity window (one-time use violat…

Logto is the modern, open-source auth infrastructure for SaaS and AI apps. Prior to 1.41.0, Logto's existing TOTP verification accepted a successfully used TOTP code again while the code remained ins…

Remote | Authentication
Jul 10, 2026 Jul 10, 2026
Jul 10, 2026
Jul 10, 2026
6.1 MEDIUM
CVE-2026-54714 — Logto: XSS via unescaped RelayState in SAML auto-submit form

Logto is the modern, open-source auth infrastructure for SaaS and AI apps. Prior to 1.41.0, @logto/core reflected the SAML RelayState, SAMLResponse, and actionUrl into a Logto-origin auto-submit HTML…

Remote | Cross-Site Scripting
Jul 10, 2026 Jul 10, 2026
Jul 10, 2026
Jul 10, 2026
4.4 MEDIUM
CVE-2026-15295 — Ajax Load More <= 7.0.1 - Authenticated (Administrator+) Stored Cross-Site Scripting

The WordPress Infinite Scroll – Ajax Load More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 7.0.1 due to insufficient inp…

Remote | Cross-Site Scripting
Jul 10, 2026 Jul 10, 2026
Jul 10, 2026
Jul 10, 2026
6.4 MEDIUM
CVE-2026-11321 — GLPI DataInjection Plugin Authenticated SQL Injection via CSV Import

The DataInjection plugin for GLPI 2.15.6 (GLPI 11 builds) concatenates user-supplied CSV field values directly into SQL queries during CSV import, without parameterization or escaping, resulting in a…

Remote | Injection
Jul 10, 2026 Jul 10, 2026
Jul 10, 2026
Jul 10, 2026
8.8 HIGH
CVE-2026-6212 — IDOR in Teracity's TeraMIS

Authorization bypass through User-Controlled key vulnerability in Teracity Software Technologies Inc. TeraMIS allows Privilege Abuse. This issue affects TeraMIS: from V03.26.01.14 through 30.04.2026.

Remote | Authorization
Jul 10, 2026 Jul 10, 2026
Jul 10, 2026
Jul 10, 2026
8.8 HIGH
CVE-2026-61461 — Dify < 1.16.0-rc1 SQL Injection via MyScale Vector Store search_by_full_text

Dify before 1.16.0-rc1 contains a SQL injection vulnerability in the MyScale vector store backend that allows attackers to execute arbitrary SQL by supplying unsanitized search parameters to the sear…

dify | Remote | Injection
Jul 10, 2026 Jul 10, 2026
Jul 10, 2026
Jul 10, 2026
8.8 HIGH
CVE-2026-61460 — Krayin CRM Insecure Direct Object Reference via Controllers

Krayin CRM through 2.2.3 contains an insecure direct object reference vulnerability in LeadController, PersonController, OrganizationController, QuoteController, and ActivityController that allows au…

Remote | Authorization
Jul 10, 2026 Jul 10, 2026
Jul 10, 2026
Jul 10, 2026
9.8 CRITICAL
CVE-2026-61459 — MCP Server Kubernetes < 3.9.0 Argument Injection via kubectl Structured Tools

MCP Server Kubernetes before 3.9.0 contains an argument injection vulnerability in structured tools (kubectl_get, kubectl_describe, kubectl_delete) that allows attackers to bypass the assertNoDangero…

Remote | Injection
Jul 10, 2026 Jul 10, 2026
Jul 10, 2026
Jul 10, 2026
9.8 CRITICAL
CVE-2026-5801 — SQLi in Semtek Informatics' SEM-PMP

Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Semtek Informatics Software Consulting Trade Ltd. Co. SEM-PMP allows Command Line Execution throu…

Remote | Injection
Jul 10, 2026 Jul 10, 2026
Jul 10, 2026
Jul 10, 2026
9.6 CRITICAL
CVE-2026-59151 — Prowler: SAML Domain Claiming Enables Cross-Tenant Account Takeover

Prowler is a cloud security platform. Prior to 5.30.3, Prowler's SAML authentication flow trusted the email domain asserted in a SAMLResponse when deciding which tenant should receive the final token…

Remote | Authentication
Jul 10, 2026 Jul 10, 2026
Jul 10, 2026
Jul 10, 2026
7.0 HIGH
CVE-2026-55843 — Snipe-IT: Improper Privilege Management

Snipe-IT is an IT asset/license management system. Prior to 8.6.0, UsersController::update() passes a missing permission request field through NormalizePermissionsPayloadAction and PreserveUnauthoriz…

snipe-it | Remote | Authorization
Jul 10, 2026 Jul 10, 2026
Jul 10, 2026
Jul 10, 2026
7.7 HIGH
CVE-2026-55516 — Snipe-IT: Cross-company asset maintenance re-parenting via API update

Snipe-IT is an IT asset/license management system. Prior to 8.6.2, PATCH or PUT /api/v1/maintenances/{maintenance_id} checks access to the current maintenance record and asset but then fills attacker…

snipe-it | Remote | Authorization
Jul 10, 2026 Jul 10, 2026
Jul 10, 2026
Jul 10, 2026
5.4 MEDIUM
CVE-2026-55478 — Snipe-IT: Missing object-level authorization in Kits API

Snipe-IT is an IT asset/license management system. Prior to 8.6.2, POST /api/v1/kits/{kit_id}/licenses checks whether the caller can edit kits but does not authorize access to the referenced license …

snipe-it | Remote | Authorization
Jul 10, 2026 Jul 10, 2026
Jul 10, 2026
Jul 10, 2026
5.3 MEDIUM
CVE-2026-55476 — Snipe-IT: Unauthorized Asset Request Cancellation via Unguarded cancel_by_admin Parameter

Snipe-IT is an IT asset/license management system. Prior to 8.6.0, POST /account/request/{itemType}/{itemId}/{cancel_by_admin?}/{requestingUser?} accepts cancel_by_admin as a URL path segment without…

snipe-it | Remote | Authorization
Jul 10, 2026 Jul 10, 2026
Jul 10, 2026
Jul 10, 2026
7.1 HIGH
CVE-2026-55474 — Snipe-IT: Directory traversal in displaySig

Snipe-IT is an IT asset/license management system. Prior to 8.5.0, ActionlogController::displaySig concatenates the route filename parameter into a private upload-directory path without sanitization,…

snipe-it | Remote | Path Traversal
Jul 10, 2026 Jul 10, 2026
Jul 10, 2026
Jul 10, 2026
4.3 MEDIUM
CVE-2026-55472 — Snipe-IT: API Location Creation Bypasses FMCS Parent-Child Company Boundary Validation

Snipe-IT is an IT asset/license management system. Prior to 8.6.2, when Full Multiple Companies Support and scope_locations_fmcs are enabled, the API location creation endpoint detects an invalid par…

snipe-it | Remote | Authorization
Jul 10, 2026 Jul 10, 2026
Jul 10, 2026
Jul 10, 2026
5.4 MEDIUM
CVE-2026-55464 — Snipe-IT: Stored XSS via Markdown custom field

Snipe-IT is an IT asset/license management system. Prior to 8.6.2, CommonMark escapes raw HTML but does not sanitize javascript: URIs in Markdown hyperlinks, allowing a user with assets.edit permissi…

snipe-it | Remote | Cross-Site Scripting
Jul 10, 2026 Jul 10, 2026
Jul 10, 2026
Jul 10, 2026
7.1 HIGH
CVE-2026-55460 — Snipe-IT: Authorization bypass on bulk editing users

Snipe-IT is an IT asset/license management system. Prior to 8.6.2, an authenticated non-admin user with users.view and users.edit but without users.delete can directly POST to /users/bulksave with de…

snipe-it | Remote | Authorization
Jul 10, 2026 Jul 10, 2026
Jul 10, 2026
Jul 10, 2026
8.5 HIGH
CVE-2026-54329 — Snipe-IT: Cross-Tenant Accessory Injection in Snipe-IT API

Snipe-IT is an IT asset/license management system. Prior to 8.6.2, the Accessories API create path mass-assigns request parameters to the Accessory model while company_id is mass assignable, allowing…

snipe-it | Remote | Authorization
Jul 10, 2026 Jul 10, 2026
Jul 10, 2026
Jul 10, 2026
Showing 20 of 7439 Results