Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
3.7 LOW
CVE-2026-6638 — PostgreSQL REFRESH PUBLICATION allows SQL injection via table name

SQL injection in PostgreSQL logical replication ALTER SUBSCRIPTION ... REFRESH PUBLICATION allows a subscriber table creator to execute arbitrary SQL with the subscription's publication-side credenti…

| Injection
May 14, 2026 May 14, 2026
May 14, 2026
May 14, 2026
8.8 HIGH
CVE-2026-6637 — PostgreSQL refint allows stack buffer overflow and SQL injection

Stack buffer overflow in PostgreSQL module "refint" allows an unprivileged database user to execute arbitrary code as the operating system user running the database. A distinct attack is possible if…

| Memory Corruption
May 14, 2026 May 14, 2026
May 14, 2026
May 14, 2026
4.3 MEDIUM
CVE-2026-6575 — PostgreSQL pg_restore_attribute_stats accepts values that cause query planning to read pa…

Buffer over-read in PostgreSQL function pg_restore_attribute_stats() accepts array values of unmatched length, which causes query planning to read past end of one array. This allows a table maintain…

| Memory Corruption
May 14, 2026 May 14, 2026
May 14, 2026
May 14, 2026
7.5 HIGH
CVE-2026-6479 — PostgreSQL SSL/GSS init causes denial of service, via uncontrolled recursion

Uncontrolled recursion in PostgreSQL SSL and GSS negotiation allows an attacker able to connect to a PostgreSQL AF_UNIX socket to achieve sustained denial of service. If SSL and GSS are both disable…

| Denial of Service
May 14, 2026 May 14, 2026
May 14, 2026
May 14, 2026
6.5 MEDIUM
CVE-2026-6478 — PostgreSQL discloses MD5-hashed passwords via covert timing channel

Covert timing channel in comparison of MD5-hashed password in PostgreSQL authentication allows an attacker to recover user credentials sufficient to authenticate. This does not affect scram-sha-256 …

| Authentication
May 14, 2026 May 14, 2026
May 14, 2026
May 14, 2026
8.8 HIGH
CVE-2026-6477 — PostgreSQL libpq lo_* functions let server superuser overwrite client stack memory

Use of inherently dangerous function PQfn(..., result_is_int=0, ...) in PostgreSQL libpq lo_export(), lo_read(), lo_lseek64(), and lo_tell64() functions allows the server superuser to overwrite a cli…

| Memory Corruption
May 14, 2026 May 14, 2026
May 14, 2026
May 14, 2026
7.2 HIGH
CVE-2026-6476 — PostgreSQL pg_createsubscriber allows SQL injection via subscription name

SQL injection in PostgreSQL pg_createsubscriber allows an attacker with pg_create_subscription rights to execute arbitrary SQL as a superuser. The attack takes effect when pg_createsubscriber next r…

| Injection
May 14, 2026 May 14, 2026
May 14, 2026
May 14, 2026
8.8 HIGH
CVE-2026-6475 — PostgreSQL pg_basebackup and pg_rewind can overwrite unrelated files of origin superuser …

Symlink following in PostgreSQL pg_basebackup plain format and in pg_rewind allows an origin superuser to overwrite local files, e.g. /var/lib/postgres/.bashrc, that hijack the operating system accou…

| Path Traversal
May 14, 2026 May 14, 2026
May 14, 2026
May 14, 2026
4.3 MEDIUM
CVE-2026-6474 — PostgreSQL timeofday() can disclose portions of server memory

Externally-controlled format string in PostgreSQL timeofday() function allows an attacker to retrieve portions of server memory, via crafted timezone zones. Versions before PostgreSQL 18.4, 17.10, 1…

| Information Disclosure
May 14, 2026 May 14, 2026
May 14, 2026
May 14, 2026
8.8 HIGH
CVE-2026-6473 — PostgreSQL server undersizes allocations, via integer wraparound

Integer wraparound in multiple PostgreSQL server features allows an unprivileged database user to cause the server to undersize an allocation and write out-of-bounds. This may execute arbitrary code…

| Memory Corruption
May 14, 2026 May 14, 2026
May 14, 2026
May 14, 2026
5.4 MEDIUM
CVE-2026-6472 — PostgreSQL CREATE TYPE does not check multirange schema CREATE privilege

Missing authorization in PostgreSQL CREATE TYPE allows an object creator to hijack other queries that use search_path to find user-defined types, including extension-defined types. That is to say, t…

| Authorization
May 14, 2026 May 14, 2026
May 14, 2026
May 14, 2026
5.1 MEDIUM
CVE-2026-1630 — Reflected XSS in WEBCON BPS

WEBCON BPS is vulnerable to Reflected XSS via one of parameters used by "/openinmobileapp" endpoint. An attacker can send a specially crafted URL that, when opened by an authenticated user, results i…

Remote | Cross-Site Scripting
May 14, 2026 May 14, 2026
May 14, 2026
May 14, 2026
8.8 HIGH
CVE-2025-15025 — IDOR in Yordam Informatics' Library Automation System

Authorization bypass through User-Controlled key vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. Library Automation System allows Ex…

Remote | Authorization
May 14, 2026 May 14, 2026
May 14, 2026
May 14, 2026
5.3 MEDIUM
CVE-2026-21730 — Stored XSS in Verba

Verba is affected by a Stored Cross-Site Scripting (XSS) vulnerability within its login logging mechanism. When an unauthenticated remote attacker attempts to log in using an incorrect username and p…

Remote | Cross-Site Scripting
May 14, 2026 May 14, 2026
May 14, 2026
May 14, 2026
6.8 MEDIUM
CVE-2026-6008 — IDOR in Im Park's DijiDemi

Authorization bypass through User-Controlled key vulnerability in Im Park Information Technology, Electronics, Press, Publishing and Advertising, Education Ltd. Co. DijiDemi allows Privilege Abuse. …

Remote | Authorization
May 14, 2026 May 14, 2026
May 14, 2026
May 14, 2026
7.1 HIGH
CVE-2026-5798 — Unsafe Object Reference (IDOR) vulnerability in Stel Order

Unsafe object reference (IDOR) in Stel Order v3.25.1 and earlier versions, specifically in the ‘/app/FrontController’ endpoint, through manipulation of the ‘employeeID’ parameter. An authenticated at…

Remote | Authorization
May 14, 2026 May 14, 2026
May 14, 2026
May 14, 2026
5.1 MEDIUM
CVE-2026-5790 — Stored Cross-Site Scripting (XSS) vulnerability in Stel Order

Stored Cross-Site Scripting (XSS) in Stel Order v3.25.1 and earlier, located at the ‘/app/FrontController’ endpoint via the ‘legalName’ and ‘employeeID’ parameters. The lack of proper input sanitizat…

Remote | Cross-Site Scripting
May 14, 2026 May 14, 2026
May 14, 2026
May 14, 2026
7.5 HIGH
CVE-2026-4031 — Database Backup for WordPress <= 2.5.2 - Missing Authorization to Unauthenticated Databas…

The Database Backup for WordPress plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.5.2. This is due to the plugin not restricting access to the wp_db…

Remote | Authorization
May 14, 2026 May 14, 2026
May 14, 2026
May 14, 2026
8.1 HIGH
CVE-2026-4030 — Database Backup for WordPress <= 2.5.2 - Missing Authorization to Unauthenticated Arbitra…

The Database Backup for WordPress plugin for WordPress is vulnerable to unauthorized arbitrary file read and deletion in all versions up to, and including, 2.5.2. This is due to the plugin not proper…

Remote | Information Disclosure
May 14, 2026 May 14, 2026
May 14, 2026
May 14, 2026
7.5 HIGH
CVE-2026-4029 — Database Backup for WordPress <= 2.5.2 - Missing Authorization to Unauthenticated Databas…

The Database Backup for WordPress plugin for WordPress is vulnerable to unauthorized database export in all versions up to, and including, 2.5.2. This is due to the plugin not properly enforcing the …

Remote | Authorization
May 14, 2026 May 14, 2026
May 14, 2026
May 14, 2026
Showing 20 of 6438 Results