Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
7.8 HIGH
CVE-2026-55693 — Vim: Out-of-bounds Write in Spell File Word Count

Vim is an open source, command line text editor. Prior to 9.2.0653, the tree_count_words() function in src/spellfile.c fills in the word-count fields of a spell-file word trie by walking it iterative…

vim | Memory Corruption
Jun 25, 2026 Jun 26, 2026
Jun 25, 2026
Jun 26, 2026
7.2 HIGH
CVE-2026-55477 — Authenticated Arbitrary File Write via Database Import and Xray Log Path Manipulation

3X-UI is a web control panel for managing Xray-core servers. Prior to 3.3.1, an authenticated administrator can abuse the database import functionality to achieve arbitrary file write on the host by …

3x-ui | Remote | Path Traversal
Jun 25, 2026 Jun 25, 2026
Jun 25, 2026
Jun 25, 2026
8.1 HIGH
CVE-2026-54036 — LibreChat: 2FA Re-enrollment Allows Full Account 2FA Takeover Without OTP Verification

LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the GET /api/auth/2fa/enable endpoint can be called by an authenticated user (or attacker with a stolen…

librechat | Remote | Authentication
Jun 25, 2026 Jun 26, 2026
Jun 25, 2026
Jun 26, 2026
6.7 MEDIUM
CVE-2026-4522 — HYPR Passwordless: Missing Authentication for Critical Function

Missing authentication for critical function vulnerability in HYPR Passwordless on Windows allows Credentials Interception. This issue affects HYPR Passwordless: before 11.1.1.

| Authentication
Jun 25, 2026 Jun 25, 2026
Jun 25, 2026
Jun 25, 2026
6.3 MEDIUM
CVE-2026-48946 — Joomla Extension - getk2.org - Privileged RCE vulnerability in K2 extension for Joomla < …

The K2 frontend article-attachment upload path accepts files whose extension is `.php`, and Apache's standard mod_php matches `\.php$` and executes them under the K2 web user. A K2 Author can upload …

k2 | Remote | Misconfiguration
Jun 25, 2026 Jun 28, 2026
Jun 25, 2026
Jun 28, 2026
5.3 MEDIUM
CVE-2026-48945 — Joomla Extension - getk2.org - Privileged RCE vulnerability in K2 extension for Joomla < …

The K2 article gallery upload path accepts a zip/tar archive, extracts it under `/media/k2/galleries/<id>/`, and only renames image files (gif/jpg/jpeg/png/webp) to safe names — non-image files (incl…

k2 | Remote | Misconfiguration
Jun 25, 2026 Jun 28, 2026
Jun 25, 2026
Jun 28, 2026
6.5 MEDIUM
CVE-2026-48944 — Joomla Extension - getk2.org - Exposure of sensitive files via attachment copy in K2 exte…

The K2 frontend article-save handler accepts an `attachment[N][existing]` POST field that is concatenated with `JPATH_SITE/` and passed to `JFile::copy()`. `JPath::clean` does NOT strip `..`, and the…

k2 | Remote | Path Traversal
Jun 25, 2026 Jun 28, 2026
Jun 25, 2026
Jun 28, 2026
6.5 MEDIUM
CVE-2026-48943 — Joomla Extension - getk2.org - Authenticated user property mass-assignment in K2 extensio…

K2 ≤ 2.24 contains a mass-assignment defect in the K2 system user plugin `plg_user_k2`. A Registered Joomla user, by including the field `K2UserForm=1` in a standard `com_users` `profile.save` POST, …

k2 | Remote | Authentication
Jun 25, 2026 Jun 28, 2026
Jun 25, 2026
Jun 28, 2026
6.1 MEDIUM
CVE-2026-48942 — Joomla Extension - getk2.org - Stored-XSS in K2 extension for Joomla < 2.26

K2 ≤ 2.26 renders the `#__k2_users.image` column directly into HTML `src` attributes via two distinct templates, in both cases without HTML escaping.

k2 | Remote | Cross-Site Scripting
Jun 25, 2026 Jun 28, 2026
Jun 25, 2026
Jun 28, 2026
6.5 MEDIUM
CVE-2026-48941 — Joomla Extension - getk2.org - Unauthenticated folder delete in K2 extension for Joomla <…

The K2 frontend `item.checkin` task accepts an unauthenticated `sigProFolder` query parameter and uses it directly to address a `JFolder::delete()` call under `/media/k2/galleries/`

k2 | Remote | Path Traversal
Jun 25, 2026 Jun 28, 2026
Jun 25, 2026
Jun 28, 2026
3.4 LOW
CVE-2026-48940 — Joomla Extension - getk2.org - Stored-XSS in K2 extension for Joomla < 2.26

A Joomla user with K2 "create item" rights (Author tier by default) can submit an article whose `embedVideo` POST field contains a raw `<script>` tag; K2 stores it verbatim and renders it unescaped t…

k2 | Remote | Cross-Site Scripting
Jun 25, 2026 Jun 28, 2026
Jun 25, 2026
Jun 28, 2026
7.5 HIGH
CVE-2026-12844 — List::SomeUtils::XS versions before 0.59 for Perl have a heap buffer overflow in the pair…

List::SomeUtils::XS versions before 0.59 for Perl have a heap buffer overflow in the pairwise function. pairwise() collects the values returned by the block into a heap buffer sized to the longer in…

Remote | Memory Corruption
Jun 25, 2026 Jun 25, 2026
Jun 25, 2026
Jun 25, 2026
5.3 MEDIUM
CVE-2026-6432 — Improper bounds validation in EmberZNet SDK

Improper bounds validation in EmberZNet SDK versions 9.0.2 and earlier may result in crashes or dynamic memory leakage.

Remote | Memory Corruption
Jun 25, 2026 Jun 25, 2026
Jun 25, 2026
Jun 25, 2026
3.3 LOW
CVE-2026-57588 — SQL Injection in Nessus via Malicious Scan Result File Import

A SQL injection vulnerability in Nessus allows an attacker to craft a malicious scan result file that, when imported by a privileged user, injects malicious SQL into the scan results database, potent…

nessus | Injection
Jun 25, 2026 Jun 26, 2026
Jun 25, 2026
Jun 26, 2026
5.3 MEDIUM
CVE-2026-57587 — SQL Injection in Nessus via Reverse DNS Lookup

A SQL injection vulnerability in Nessus allows a remote, unauthenticated attacker who controls reverse DNS records for a scanned host to inject malicious SQL into the scan results database, potential…

nessus | Remote | Injection
Jun 25, 2026 Jun 26, 2026
Jun 25, 2026
Jun 26, 2026
6.3 MEDIUM
CVE-2026-57536 — Insufficient validation of payment status in pretix-mollie

Our payment integration with Mollie did not properly validate payment status responses. An attacker could use a successful payment status response from one payment and supply it to the system for a…

Remote | Authentication
Jun 25, 2026 Jun 25, 2026
Jun 25, 2026
Jun 25, 2026
2.1 LOW
CVE-2026-57535 — Adobe Reader SSRF

Content injected to PDF rendering contexts could, in many places, include HTML content including <img> tags. If the src attribute of these images pointed to an URL, the PDF rendering engine would d…

pretix | Remote | Server-Side Request Forgery
Jun 25, 2026 Jun 25, 2026
Jun 25, 2026
Jun 25, 2026
2.1 LOW
CVE-2026-57534 — Stored XSS in pretix-pages

Malicious HTML content could be injected into the content of a page in the pretix-pages plugin.

Remote | Cross-Site Scripting
Jun 25, 2026 Jun 25, 2026
Jun 25, 2026
Jun 25, 2026
2.1 LOW
CVE-2026-57533 — Pretix HTML Injection

Malicious HTML content could be injected into the page pretix shows when redirection to an untrusted page occurs. Since this page has a Content-Security-Policy, this can mainly be used for phishing…

pretix | Remote | Cross-Site Scripting
Jun 25, 2026 Jun 25, 2026
Jun 25, 2026
Jun 25, 2026
8.8 HIGH
CVE-2026-57532 — Adobe Acrobat Reader PDF Ticket HTML Injection

Malicious HTML content contained in the layout specification of a PDF ticket or badge layout was executed when the PDF editor is opened in the browser. This could allow one backend user to inject J…

pretix | Remote | Cross-Site Scripting
Jun 25, 2026 Jun 25, 2026
Jun 25, 2026
Jun 25, 2026
Showing 20 of 7988 Results