CVE-2026-45195
— GPU DDK - rgxfw_set_mips_fault_address(&psInit->sFaultPhysAddr) is untrusted
Kernel software installed and running inside a Host VM may post improper commands to the GPU Firmware to trigger a memory read or write outside the permitted range of memory for the host kernel.
A…
|
Memory Corruption
Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
CVE-2026-5757
— There exists an unauthenticated remote information disclosure vulnerability in Ollama's m…
Unauthenticated remote information disclosure vulnerability in Ollama's model quantization engine allows an attacker to read and exfiltrate the server's heap memory, potentially leading to sensitive …
|
Information Disclosure
Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
CVE-2026-21734
— GPU DDK - libusc OOB write at TreeRemove during WebGPU shader compilation
A web page that contains unusual GPU shader code is loaded into the GPU compiler process and can trigger a write out-of-bounds write crash in the GPU shader compiler library. On certain platforms, wh…
|
Memory Corruption
Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
CVE-2026-57667
— WordPress Groundhogg plugin <= 4.5 - SQL Injection vulnerability
Sales Representative SQL Injection in Groundhogg <= 4.5 versions.
Remote
|
Injection
Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
CVE-2026-57665
— WordPress GravityView plugin <= 3.0.0 - Insecure Direct Object References (IDOR) vulnerab…
Unauthenticated Insecure Direct Object References (IDOR) in GravityView <= 3.0.0 versions.
Remote
|
Authorization
Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
CVE-2026-57664
— WordPress Bopo – WooCommerce Product Bundle Builder plugin <= 1.1.6 - Sensitive Data Expo…
Unauthenticated Sensitive Data Exposure in Bopo – WooCommerce Product Bundle Builder <= 1.1.6 versions.
Remote
|
Information Disclosure
Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
CVE-2026-57663
— WordPress Recipe Maker For Your Food Blog from Zip Recipes plugin <= 8.2.7 - SQL Injectio…
Contributor SQL Injection in Recipe Maker For Your Food Blog from Zip Recipes <= 8.2.7 versions.
Remote
|
Injection
Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
CVE-2026-57662
— WordPress Contest Gallery plugin <= 30.0.0 - SQL Injection vulnerability
Contributor SQL Injection in Contest Gallery <= 30.0.0 versions.
Remote
|
Injection
Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
CVE-2026-57661
— WordPress WPComplete plugin <= 2.9.5.5 - Broken Access Control vulnerability
Subscriber Broken Access Control in WPComplete <= 2.9.5.5 versions.
Remote
|
Authorization
Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
CVE-2026-57660
— WordPress Booking and Rental Manager plugin <= 2.7.1 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in Booking and Rental Manager <= 2.7.1 versions.
Remote
|
Authorization
Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
CVE-2026-57659
— WordPress Paid Memberships Pro - Add Member From Admin plugin <= 0.7.2 - Cross Site Reque…
Unauthenticated Cross Site Request Forgery (CSRF) in Paid Memberships Pro - Add Member From Admin <= 0.7.2 versions.
Remote
|
Cross-Site Request Forgery
Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
CVE-2026-57658
— WordPress TemplateSpare plugin <= 4.2.0 - Arbitrary File Upload vulnerability
Administrator Arbitrary File Upload in TemplateSpare <= 4.2.0 versions.
Remote
|
Misconfiguration
Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
CVE-2026-57657
— WordPress Gmail SMTP plugin <= 1.2.3.19 - Cross Site Request Forgery (CSRF) vulnerability
Unauthenticated Cross Site Request Forgery (CSRF) in Gmail SMTP <= 1.2.3.19 versions.
Remote
|
Cross-Site Request Forgery
Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
CVE-2026-57656
— WordPress Hester Core plugin <= 1.1.8 - Cross Site Scripting (XSS) vulnerability
Author Cross Site Scripting (XSS) in Hester Core <= 1.1.8 versions.
Remote
|
Cross-Site Scripting
Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
CVE-2026-57655
— WordPress Child theme Wizard plugin <= 1.4 - Cross Site Request Forgery (CSRF) vulnerabil…
Unauthenticated Cross Site Request Forgery (CSRF) in Child Theme Wizard <= 1.4 versions.
Remote
|
Cross-Site Request Forgery
Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
CVE-2026-57654
— WordPress Affiliates Manager plugin <= 2.9.49 - Broken Access Control vulnerability
Affiliate Broken Access Control in Affiliates Manager <= 2.9.49 versions.
Remote
|
Authorization
Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
CVE-2026-57653
— WordPress WP Job Portal plugin <= 2.5.2 - SQL Injection vulnerability
Contributor SQL Injection in WP Job Portal <= 2.5.2 versions.
Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
CVE-2026-57652
— WordPress JS Help Desk plugin <= 3.1.0 - Insecure Direct Object References (IDOR) vulnera…
Unauthenticated Insecure Direct Object References (IDOR) in JS Help Desk <= 3.1.0 versions.
Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
CVE-2026-57651
— WordPress Ghost Kit plugin <= 3.6.0 - Cross Site Scripting (XSS) vulnerability
Contributor Cross Site Scripting (XSS) in Ghost Kit <= 3.6.0 versions.
Remote
|
Cross-Site Scripting
Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
CVE-2026-57650
— WordPress Magazine Blocks plugin <= 1.8.3 - Cross Site Scripting (XSS) vulnerability
Contributor Cross Site Scripting (XSS) in Magazine Blocks <= 1.8.3 versions.
Remote
|
Cross-Site Scripting
Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
Jun 26, 2026
