Search

Search Results (361769 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-58652 2026-07-02 7.5 High
luci-app-travelmate (and the travelmate package) contain a privilege-escalation flaw: a LuCI/rpcd session holding the luci-app-travelmate write ACL is granted config-wide UCI write access to the travelmate configuration. While the LuCI UI restricts the auto-login script picker to /etc/travelmate/*.login, this is only a frontend restriction. The backend travelmate service (running as root) reads the raw UCI 'script' and 'script_args' values and executes the configured path when the captive-portal auto-login branch (f_check() in travelmate-functions.sh) is reached. An attacker with delegated write permissions can set script to /bin/sh and script_args to attacker-controlled arguments, resulting in arbitrary command execution as root. Confirmed in luci-app-travelmate/travelmate 2.4.5-r3; the sink is still present in travelmate 2.4.6-1 and no patched version is known.
CVE-2026-54431 2026-07-02 N/A
In liboauth2 the Demonstrating Proof-of-Possession (DPoP) verifier accepts a proof whose JSON Web Key (jwk) header contains private key material. RFC 9449 section 4.3 step 7 requires the verifier to reject such a proof but oauth2_token_verify() function returns success for a malformed DPoP proof that embeds the private Elliptic Curve (EC) key in the header. This issue was fixed in version 2.3.0
CVE-2026-57345 2026-07-02 7.1 High
Unauthenticated Cross Site Scripting (XSS) in Internal Links Manager <= 3.0.3 versions.
CVE-2025-69134 2026-07-02 7.5 High
Unauthenticated Arbitrary Content Deletion in OpenAI Chatbot for WordPress – Helper <= 1.1.4 versions.
CVE-2026-27060 2026-07-02 8.8 High
Contributor PHP Object Injection in ARMember Premium <= 7.0 versions.
CVE-2026-39448 2026-07-02 7.5 High
Unauthenticated Broken Access Control in NOWPayments for WooCommerce <= 1.4.0 versions.
CVE-2026-57352 2026-07-02 4.8 Medium
Unauthenticated Broken Authentication in ALD – Dropshipping and Fulfillment for AliExpress and WooCommerce <= 2.2.0 versions.
CVE-2026-57358 2026-07-02 7.1 High
Unauthenticated Cross Site Scripting (XSS) in Customize My Account for WooCommerce <= 4.3.9 versions.
CVE-2026-57426 2026-07-02 7.1 High
Unauthenticated Cross Site Scripting (XSS) in Modula - PRO <= 2.10.8 versions.
CVE-2026-57677 2026-07-02 9.8 Critical
Unauthenticated PHP Object Injection in Novalnet Payment Gateway for WooCommerce <= 12.10.3 versions.
CVE-2026-57684 2026-07-02 6.5 Medium
Contributor Cross Site Scripting (XSS) in TheFox <= 3.9.70 versions.
CVE-2026-57690 2026-07-02 4.3 Medium
Unauthenticated Cross Site Request Forgery (CSRF) in Werkstatt <= 4.7.2 versions.
CVE-2026-57749 2026-07-02 7.5 High
Contributor Local File Inclusion in SportsPress Pro <= 2.7.29 versions.
CVE-2026-32280 2 Go Standard Library, Golang 2 Crypto/x509, Go 2026-07-02 7.5 High
During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions.Intermediates, which can lead to a denial of service. This affects both direct users of crypto/x509 and users of crypto/tls.
CVE-2026-57755 2026-07-02 6.5 Medium
Contributor Cross Site Scripting (XSS) in Mosaic Gallery &#8211; Advanced Gallery <= 1.2.0 versions.
CVE-2026-52197 1 Utt 1 Nv518g 2026-07-02 7.5 High
An issue in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub_44af70 component
CVE-2026-37106 1 Dokuwiki 1 Dokuwiki 2026-07-02 9.8 Critical
An issue in DokuWiki 2025-05-14b "Librarian" 56.2 allows a remote attacker to create an account via the register function in inc/auth.php. NOTE: this is disputed by the Supplier because this is the intentional behavior when the product is configured for self-registration (a non-default feature).
CVE-2026-13778 1 Google 1 Chrome 2026-07-02 7.8 High
Use after free in WebUSB in Google Chrome on Mac prior to 150.0.7871.47 allowed a local attacker to execute arbitrary code via a malicious peripheral. (Chromium security severity: Critical)
CVE-2026-13785 1 Google 1 Chrome 2026-07-02 9.6 Critical
Use after free in Bluetooth in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-13786 1 Google 1 Chrome 2026-07-02 8.8 High
Use after free in Ozone in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)