Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
0.0 NA
CVE-2026-4392 — TeamSpeak 3 Server clientek Handshake assertion

A vulnerability was detected in TeamSpeak 3 Server up to 3.13.7. This issue affects some unknown processing of the component clientek Handshake Handler. Performing a manipulation of the argument proo…

| Denial of Service
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
0.0 NA
CVE-2026-48149 — Budibase: Stored XSS in Text component: BASIC users execute JS in admin session via Markd…

Budibase is an open-source low-code platform. Prior to 3.39.0, the Budibase Text component renders markdown by assigning marked.parse(markdown) straight to innerHTML with no sanitizer (packages/bbui/…

| Cross-Site Scripting
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
0.0 NA
CVE-2026-48150 — Budibase: Workspace-scoped builder escalates to global admin via /api/public/v1/roles/ass…

Budibase is an open-source low-code platform. Prior to 3.39.0, /api/public/v1/roles/assign is guarded by the builderOrAdmin middleware, which passes any user who is a builder for the app id in the x-…

| Authorization
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
0.0 NA
CVE-2026-48151 — Budibase: Webhook schema endpoint authorization bypass allows unauthenticated mutation of…

Budibase is an open-source low-code platform. Prior to 3.39.0, the webhook schema-building endpoint is registered under builderRoutes, but the generic authorization middleware skips authorization for…

| Authorization
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
0.0 NA
CVE-2026-48152 — Budibase: Basic app users can exfiltrate stored REST datasource auth by rewriting datasou…

Budibase is an open-source low-code platform. Prior to 3.39.0, the single-datasource GET and PUT routes are guarded by generic TABLE READ, not by Builder/Admin permission or datasource-specific owner…

| Authorization
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
0.0 NA
CVE-2026-48153 — Budibase: SSRF via OAuth2 token endpoint URL reaches internal hosts and cloud metadata

Budibase is an open-source low-code platform. Prior to 3.39.0, fetchToken in the OAuth2 SDK makes a POST to a builder-supplied URL with plain node-fetch, skipping the blacklist.isBlacklisted check th…

| Server-Side Request Forgery
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
0.0 NA
CVE-2026-45061 — Budibase: SSRF via trivial `.tar.gz` substring bypass in Plugin URL upload (`/api/plugin`)

Budibase is an open-source low-code platform. Prior to 3.35.10, the Plugin URL upload endpoint (POST /api/plugin) validates the submitted URL with a single substring check: url.includes(".tar.gz"). A…

| Server-Side Request Forgery
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
0.0 NA
CVE-2026-4391 — TeamSpeak 3 Server ECC Key heap-based overflow

A security vulnerability has been detected in TeamSpeak 3 Server up to 3.13.7. This vulnerability affects unknown code of the component ECC Key Parser. Such manipulation leads to heap-based buffer ov…

| Memory Corruption
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
0.0 NA
CVE-2026-44460 — FileRise: TOTP Bypass via Setup Endpoint Disclosing Existing Secret

FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operations. Prior to 3.12.0, /api/totp_setup.php is callable from a session that has only passed the passwo…

| Authentication
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
0.0 NA
CVE-2026-45047 — bird-lg-go: Fatal Out-of-Memory (OOM) Denial of Service via Unbounded JSON Decoding

bird-lg-go is a BIRD looking glass in Go. Prior to 1.4.5, the apiHandler (and similarly webHandlerTelegramBot) processes user-provided JSON payloads by directly using json.NewDecoder(r.Body).Decode(&…

| Denial of Service
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
0.0 NA
CVE-2026-44378 — Botan: Quadratic complexity decoding BER indefinite length encodings

Botan is a C++ cryptography library. Prior to 3.12.0, certain patterns of indefinite length encodings in BER data could cause quadratic behavior in the parser, resulting in a denial of service. Such …

| Denial of Service
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
0.0 NA
CVE-2026-42328 — go-ipld-prime: DAG-CBOR and DAG-JSON decoders unbounded recursion depth

go-ipld-prime is an implementation of the InterPlanetary Linked Data (IPLD) spec interfaces, a batteries-included codec implementations of IPLD for CBOR and JSON, and tooling for basic operations on …

| Denial of Service
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
0.0 NA
CVE-2026-4390 — TeamSpeak 3 Server Connection State Management process_resend_queue use after free

A weakness has been identified in TeamSpeak 3 Server up to 3.13.7. This affects the function process_resend_queue of the component Connection State Management. This manipulation causes use after free…

| Memory Corruption
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
3.8 LOW
CVE-2026-9712 — Insecure direct object reference

When creating an export through the pretix API, API clients are returned an UUID value for their export job (a long, random string like 35742818-c375-4d15-839f-d49aecce94d6). Using this UUID, the A…

Remote | Authorization
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
4.3 MEDIUM
CVE-2026-9674 — Jenkins Multijob Plugin CSRF Vulnerability

A cross-site request forgery (CSRF) vulnerability in Jenkins Multijob Plugin 662.vd2e0001f6b_b_d and earlier allows attackers to resume failed Multijob builds.

Remote | Cross-Site Request Forgery
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
8.0 HIGH
CVE-2026-6957 — Path traversal in Mattermost Legal Hold plugin via unsanitized file name from federated p…

Mattermost Plugins versions <=1.1.5 fail to sanitize filenames received from federated peers before using them to construct export destination paths, which allows an administrator of a remote federat…

Remote | Path Traversal
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
9.4 CRITICAL
CVE-2026-49103 — Webmin File Name Injection Vulnerability

Webmin before 2.640 does not safely construct a filename for saving of an attachment within the mailboxes component. This occurs in mailboxes/detachall.cgi.

Remote | Path Traversal
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
6.1 MEDIUM
CVE-2026-49102 — Webmin SVG Attachment XSS

Webmin before 2.640 allows mailboxes/detach.cgi XSS via an SVG document attachment that is viewed in the mailboxes component, because image/svg+xml is used instead of a safe type (e.g., text/plain).

Remote | Cross-Site Scripting
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
4.7 MEDIUM
CVE-2026-49059 — WordPress Facebook for WooCommerce plugin <= 3.7.0 - Open Redirection vulnerability

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Facebook Facebook for WooCommerce allows Phishing. This issue affects Facebook for WooCommerce: from n/a through 3.7.0.

Remote | Misconfiguration
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
5.3 MEDIUM
CVE-2026-49053 — WordPress ElementsKit Elementor addons Lite plugin <= 3.9.6 - Broken Access Control vulne…

Missing Authorization vulnerability in Wpmet ElementsKit Elementor addons Lite allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects ElementsKit Elementor addon…

Remote | Authorization
May 27, 2026 May 27, 2026
May 27, 2026
May 27, 2026
Showing 20 of 6573 Results