CVE-2026-13746
— Snowflake CLI SQL Injection Through Improper Neutralization of Local CLI Parameters
Improper neutralization of local CLI parameters in Snowflake CLI versions prior to 3.19 allowed unintended SQL execution. A user could trigger this issue by supplying crafted values to vulnerable Cor…
Jun 29, 2026
Jun 30, 2026
Jun 29, 2026
Jun 30, 2026
CVE-2026-13744
— Snowflake CLI SQL Injection Through Improper Neutralization of User-Controlled Input
Improper neutralization of attacker-controlled content in Snowflake CLI versions prior to 3.19 allowed unintended SQL execution. By supplying crafted repository content, project configuration, manife…
Jun 29, 2026
Jun 30, 2026
Jun 29, 2026
Jun 30, 2026
CVE-2026-13742
— Lack of signature verification before execution of downloaded content
Honeywell IQ MultiAccess, all versions prior to and including version 28, contain an improper digital signature verification vulnerability. An attacker could potentially exploit this vulnerability, l…
|
Misconfiguration
Jun 29, 2026
Jun 29, 2026
Jun 29, 2026
Jun 29, 2026
CVE-2026-13587
— seladb PcapPlusPlus LightPcapNg light_pcapng.c parse_by_block_type heap-based overflow
A vulnerability was found in seladb PcapPlusPlus 25.05. The affected element is the function parse_by_block_type of the file light_pcapng.c of the component LightPcapNg Parser. Performing a manipulat…
Jun 29, 2026
Jun 29, 2026
Jun 29, 2026
Jun 29, 2026
CVE-2026-13583
— Edimax EW-7478APC POST Request formUSBFolder buffer overflow
A vulnerability has been found in Edimax EW-7478APC 1.04. Impacted is the function formUSBFolder of the file /goform/formUSBFolder of the component POST Request Handler. Such manipulation of the argu…
Jun 29, 2026
Jul 01, 2026
Jun 29, 2026
Jul 01, 2026
CVE-2026-13582
— Edimax EW-7478APC POST Request formUSBAccount buffer overflow
A flaw has been found in Edimax EW-7478APC 1.04. This issue affects the function formUSBAccount of the file /goform/formUSBAccount of the component POST Request Handler. This manipulation of the argu…
Jun 29, 2026
Jun 29, 2026
Jun 29, 2026
Jun 29, 2026
CVE-2026-13581
— Edimax EW-7478APC POST Request formStaDrvSetup os command injection
A vulnerability was detected in Edimax EW-7478APC 1.04. This vulnerability affects the function formStaDrvSetup of the file /goform/formStaDrvSetup of the component POST Request Handler. The manipula…
Jun 29, 2026
Jun 30, 2026
Jun 29, 2026
Jun 30, 2026
CVE-2026-13580
— Edimax EW-7478APC POST Request formQoS buffer overflow
A security vulnerability has been detected in Edimax EW-7478APC 1.04. This affects the function formQoS of the file /goform/formQoS of the component POST Request Handler. The manipulation of the argu…
Jun 29, 2026
Jun 29, 2026
Jun 29, 2026
Jun 29, 2026
CVE-2026-13437
— Devolutions PowerShell Universal: Information Disclosure in AI Agent Job API
Insertion of sensitive information into sent data in the AI Agent job API in Devolutions PowerShell Universal 2026.2.0 allows an authenticated user with AI Agent read access to obtain reusable, poten…
Jun 29, 2026
Jul 02, 2026
Jun 29, 2026
Jul 02, 2026
CVE-2026-41052
— Rancher Privilege Escalation from Project Owner to Host
Improper privilege handling could be used by users with Project Owner role to escalate privileges, in Rancher versions 2.14 before 2.14.2, 2.13 before 2.13.6, and 2.12 before 2.12.10.
Jun 29, 2026
Jun 29, 2026
Jun 29, 2026
Jun 29, 2026
CVE-2026-57341
— WordPress Colissimo Officiel : Méthodes de livraison pour WooCommerce plugin <= 2.9.0 - I…
Unauthenticated Insecure Direct Object References (IDOR) in Colissimo Officiel : Méthodes de livraison pour WooCommerce <= 2.9.0 versions.
Remote
|
Authorization
Jun 29, 2026
Jul 01, 2026
Jun 29, 2026
Jul 01, 2026
CVE-2026-57340
— WordPress Japanized For WooCommerce plugin <= 2.9.12 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in Japanized For WooCommerce <= 2.9.12 versions.
Remote
|
Authorization
Jun 29, 2026
Jun 29, 2026
Jun 29, 2026
Jun 29, 2026
CVE-2026-57339
— WordPress Business Directory plugin <= 6.4.23 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in Business Directory <= 6.4.23 versions.
Remote
|
Authorization
Jun 29, 2026
Jun 29, 2026
Jun 29, 2026
Jun 29, 2026
CVE-2026-57338
— WordPress ARForms plugin <= 7.1.2 - Reflected Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting (XSS) in ARForms <= 7.1.2 versions.
arforms
|
Remote
|
Cross-Site Scripting
Jun 29, 2026
Jun 29, 2026
Jun 29, 2026
Jun 29, 2026
CVE-2026-57337
— WordPress Landing Page Builder plugin <= 1.5.3.5 - Cross Site Scripting (XSS) vulnerabili…
Unauthenticated Cross Site Scripting (XSS) in Landing Page Builder <= 1.5.3.5 versions.
Jun 29, 2026
Jun 29, 2026
Jun 29, 2026
Jun 29, 2026
CVE-2026-57336
— WordPress Jobify theme <= 4.3.2 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting (XSS) in Jobify <= 4.3.2 versions.
jobify
|
Remote
|
Cross-Site Scripting
Jun 29, 2026
Jun 29, 2026
Jun 29, 2026
Jun 29, 2026
CVE-2026-57335
— WordPress Ads by WPQuads plugin <= 3.0.3 - Broken Access Control vulnerability
Subscriber Broken Access Control in Ads by WPQuads <= 3.0.3 versions.
Remote
|
Authorization
Jun 29, 2026
Jul 01, 2026
Jun 29, 2026
Jul 01, 2026
CVE-2026-57334
— WordPress WP User Frontend plugin <= 4.3.7 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in WP User Frontend <= 4.3.7 versions.
Jun 29, 2026
Jun 29, 2026
Jun 29, 2026
Jun 29, 2026
CVE-2026-57333
— WordPress Link Whisper Free plugin <= 0.9.4 - Reflected Cross Site Scripting (XSS) vulner…
Unauthenticated Cross Site Scripting (XSS) in Link Whisper Free <= 0.9.4 versions.
Remote
|
Cross-Site Scripting
Jun 29, 2026
Jun 29, 2026
Jun 29, 2026
Jun 29, 2026
CVE-2026-57332
— WordPress Wallet System for WooCommerce plugin <= 2.7.6 - Broken Access Control vulnerabi…
Subscriber Broken Access Control in Wallet System for WooCommerce <= 2.7.6 versions.
Jun 29, 2026
Jun 29, 2026
Jun 29, 2026
Jun 29, 2026