Medium · CVSS 6.8
Stack traces in Grafana's Explore Traces view can be rendered as raw HTML, and thus inject malicious JavaScript in the browser. This would require malicious JavaScript to be entered into the stack trace field.
Only datasources with the Jaeger HTTP API appear to be affected; Jaeger gRPC and Tempo do not appear affected whatsoever.
Published Feb 12, 2026 · Updated Jul 10, 2026
High · CVSS 8.6
A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary.
Published Feb 5, 2026 · Updated Jul 9, 2026
High · CVSS 7.5
ajv (Another JSON Schema Validator) before 8.18.0 is vulnerable to Regular Expression Denial of Service (ReDoS) when the $data option is enabled. The pattern keyword accepts runtime data via JSON Pointer syntax ($data reference), which is passed directly to the JavaScript RegExp() constructor without validation. An attacker can inject a malicious regex pattern (e.g., "^(a|a)*$") combined with crafted input to cause catastrophic backtracking. A 31-character payload causes approximately 44 seconds of CPU blocking, with each additional character doubling execution time. This enables complete denial of service with a single HTTP request against any API using ajv with $data: true for dynamic schema validation. This issue is also fixed in version 6.14.0.
Published Feb 11, 2026 · Updated Jul 9, 2026
Medium · CVSS 6.1
The read command is used to read the keyboard input from the user, while reads it keeps the input length in a 32-bit integer value which is further used to reallocate the line buffer to accept the next character. During this process, with a line big enough it's possible to make this variable to overflow leading to a out-of-bounds write in the heap based buffer. This flaw may be leveraged to corrupt grub's internal critical data and secure boot bypass is not discarded as consequence.
Published Feb 24, 2025 · Updated Jul 8, 2026
High · CVSS 8.1 · CISA KEV
An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS 7.0.0 through 7.0.16 and FortiProxy 7.2.0 through 7.2.12, 7.0.0 through 7.0.19 may allow a remote unauthenticated attacker with prior knowledge of upstream and downstream devices serial numbers to gain super-admin privileges on the downstream device, if the Security Fabric is enabled, via crafted CSF proxy requests.
Published Feb 11, 2025 · Updated Jul 8, 2026
Critical · CVSS 9.8
DiskCache (python-diskcache) through 5.6.3 uses Python pickle for serialization by default. An attacker with write access to the cache directory can achieve arbitrary code execution when a victim application reads from the cache.
Published Feb 11, 2026 · Updated Jul 8, 2026
Medium · CVSS 4.3
An issue in the "My Details" user profile functionality of Ideagen Q-Pulse 7.1.0.32 allows an authenticated user to view other users' profile information by modifying the objectKey HTTP parameter in the My Details page URL.
Published Feb 12, 2026 · Updated Jul 5, 2026
High · CVSS 7.5
Improper handling of input variables lead to multiple path traversal vulnerabilities in the Admiror Gallery extension for Joomla in version branch 4.x.
Published Feb 4, 2025 · Updated Jul 5, 2026
High · CVSS 7.2
jizhicms 2.5.6 is vulnerable to SQL Injection in Article/deleteAll and Extmolds/deleteAll via the data parameter.
Published Feb 17, 2026 · Updated Jul 5, 2026
High · CVSS 8.8
Privilege escalation and improper access control in GCOM EPON 1GE C00R371V00B01 allows remote authenticated users to modify administrator only settings and extract administrator credentials.
Published Feb 24, 2026 · Updated Jul 5, 2026
High · CVSS 7.5
An issue in the TLS certification mechanism of Guardian Gryphon v01.06.0006.22 allows attackers to execute commands as root.
Published Feb 17, 2026 · Updated Jul 5, 2026
Medium · CVSS 6.5
TOTOLINK X5000R V9.1.0cu.2415_B20250515 contains a denial-of-service vulnerability in /cgi-bin/cstecgi.cgi. The CGI reads the CONTENT_LENGTH environment variable and allocates memory using malloc (CONTENT_LENGTH + 1) without sufficient bounds checking. When lighttpd s request size limit is not enforced, a crafted large POST request can cause memory exhaustion or a segmentation fault, leading to a crash of the management CGI and loss of availability of the web interface.
Published Feb 24, 2026 · Updated Jul 5, 2026
Medium · CVSS 4.7
An Open Redirect vulnerability in the go-chi/chi >=5.2.2 RedirectSlashes function allows remote attackers to redirect victim users to malicious websites using the legitimate website domain.
Published Feb 19, 2026 · Updated Jul 5, 2026
High · CVSS 8.2
Improper session management in D-Link Wireless N 300 ADSL2+ Modem Router DSL-124 ME_1.00 allows attackers to execute a session hijacking attack via spoofing the IP address of an authenticated user.
Published Feb 26, 2026 · Updated Jul 5, 2026
High · CVSS 8.1
Improper session management in GCOM EPON 1GE ONU version C00R371V00B01 allows attackers to execute a session hijacking attack via spoofing the IP address of an authenticated user.
Published Feb 23, 2026 · Updated Jul 5, 2026
High · CVSS 8.8
An issue was discovered in Pacom Unison Client 5.13.1. Authenticated users can inject malicious scripts in the Report Templates which are executed when certain script conditions are fulfilled, leading to Remote Code Execution.
Published Feb 11, 2026 · Updated Jul 5, 2026
Medium · CVSS 6.1
A stored cross-site scripting (XSS) vulnerability exists in the web management interface of the PPC (Belden) ONT 2K05X router running firmware v1.1.9_206L. The Common Gateway Interface (CGI) component improperly handles user-supplied input, allowing a remote, unauthenticated attacker to inject arbitrary JavaScript that is persistently stored and executed when the affected interface is accessed.
Published Feb 4, 2026 · Updated Jul 5, 2026
High · CVSS 8.1
An arbitrary file overwrite vulnerability in the file import process of Comic Book Reader v1.0.95 allows attackers to overwrite critical internal files, potentially leading to arbitrary code execution or exposure of sensitive information.
Published Feb 4, 2026 · Updated Jul 5, 2026
Medium · CVSS 5
A path traversal in Moo Chan Song v4.5.7 allows attackers to cause a Denial of Service (DoS) via writing files to the internal storage.
Published Feb 4, 2026 · Updated Jul 5, 2026
Medium · CVSS 5.5
A path traversal in My Text Editor v1.6.2 allows attackers to cause a Denial of Service (DoS) via writing files to the internal storage.
Published Feb 5, 2026 · Updated Jul 5, 2026
High · CVSS 8.1
An arbitrary file overwrite vulnerability in the file import process of Tarot, Astro & Healing v11.4.0 allows attackers to overwrite critical internal files, potentially leading to arbitrary code execution or exposure of sensitive information.
Published Feb 4, 2026 · Updated Jul 5, 2026
Critical · CVSS 9.1
Credential disclosure vulnerability via the /staff route in GreaterWMS <= 2.1.49 allows a remote unauthenticated attackers to bypass authentication and escalate privileges.
Published Feb 24, 2025 · Updated Jul 5, 2026
Medium · CVSS 6.8
A Server-Side Request Forgery (SSRF) in the component sort.php of Emlog Pro v2.5.4 allows attackers to scan local and internal ports via supplying a crafted URL.
Published Feb 26, 2025 · Updated Jul 5, 2026
High · CVSS 7.1
A cross-site scripting (XSS) vulnerability in Emlog Pro v2.5.4 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Titile in the article category section.
Published Feb 26, 2025 · Updated Jul 5, 2026
High · CVSS 7.3
A cross-site scripting (XSS) vulnerability in Emlog Pro v2.5.4 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the article header at /admin/article.php.
Published Feb 26, 2025 · Updated Jul 5, 2026
Medium · CVSS 5.1
A cross-site scripting (XSS) vulnerability in Emlog Pro v2.5.4 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the postStrVar function at article_save.php.
Published Feb 26, 2025 · Updated Jul 5, 2026
Medium · CVSS 5.1
SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the component admin_files.php.
Published Feb 26, 2025 · Updated Jul 5, 2026
Medium · CVSS 5.1
SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the component admin_ip.php.
Published Feb 26, 2025 · Updated Jul 5, 2026
Medium · CVSS 5.3
SeaCMS 13.3 was discovered to contain an arbitrary file read vulnerability in the file_get_contents function at admin_safe_file.php.
Published Feb 26, 2025 · Updated Jul 5, 2026
Medium · CVSS 6
SeaCMS 13.3 was discovered to contain an arbitrary file read vulnerability in the file_get_contents function at admin_safe.php.
Published Feb 26, 2025 · Updated Jul 5, 2026
Medium · CVSS 5.1
SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the component admin_smtp.php.
Published Feb 26, 2025 · Updated Jul 5, 2026
Medium · CVSS 5.1
SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the component admin_template.php.
Published Feb 26, 2025 · Updated Jul 5, 2026
Medium · CVSS 5.1
SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the component admin_ping.php.
Published Feb 26, 2025 · Updated Jul 5, 2026
Medium · CVSS 5.1
SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the component admin_notify.php.
Published Feb 26, 2025 · Updated Jul 5, 2026
Medium · CVSS 4.4
SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the isopen parameter at admin_weixin.php.
Published Feb 26, 2025 · Updated Jul 5, 2026
Medium · CVSS 4.4
An arbitrary file upload vulnerability in the plugin installation feature of YZNCMS v2.0.1 allows attackers to execute arbitrary code via uploading a crafted Zip file.
Published Feb 26, 2025 · Updated Jul 5, 2026
Critical · CVSS 9.8
An arbitrary file upload vulnerability in the component \controller\LocalTemplate.php of FoxCMS v1.2.5 allows attackers to execute arbitrary code via uploading a crafted Zip file.
Published Feb 26, 2025 · Updated Jul 5, 2026
Critical · CVSS 9.8
FoxCMS v1.2.5 was discovered to contain a remote code execution (RCE) vulnerability via the index() method at \controller\Sitemap.php.
Published Feb 26, 2025 · Updated Jul 5, 2026
Critical · CVSS 9.1
JizhiCMS v2.5.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the component \c\PluginsController.php. This vulnerability allows attackers to perform an intranet scan via a crafted request.
Published Feb 26, 2025 · Updated Jul 5, 2026
Critical · CVSS 9.8
An arbitrary file upload vulnerability in the component \c\TemplateController.php of Jizhicms v2.5.4 allows attackers to execute arbitrary code via uploading a crafted Zip file.
Published Feb 26, 2025 · Updated Jul 5, 2026
Critical · CVSS 9.8
An arbitrary file upload vulnerability in the component admin\plugin.php of Emlog Pro v2.5.3 allows attackers to execute arbitrary code via uploading a crafted Zip file.
Published Feb 26, 2025 · Updated Jul 5, 2026
Medium · CVSS 6
DDSN Interactive cm3 Acora CMS version 10.1.1 contains an improper access control vulnerability. An editor-privileged user can access sensitive information, such as system administrator credentials, by force browsing the endpoint and exploiting the 'file' parameter. By referencing specific files (e.g., cm3.xml), attackers can bypass access controls, leading to account takeover and potential privilege escalation.
Published Feb 20, 2025 · Updated Jul 5, 2026
Medium · CVSS 5.7
An issue in Smartcom Bulgaria AD Smartcom Ralink CPE/WiFi router SAM-4G1G-TT-W-VC, SAM-4F1F-TT-W-A1 allows a remote attacker to obtain sensitive information via the Weak default WiFi password generation algorithm in WiFi routers.
Published Feb 6, 2025 · Updated Jul 5, 2026
Critical · CVSS 10
A critical vulnerability exists in the NLTK downloader component of nltk/nltk, affecting all versions. The _unzip_iter function in nltk/downloader.py uses zipfile.extractall() without performing path validation or security checks. This allows attackers to craft malicious zip packages that, when downloaded and extracted by NLTK, can execute arbitrary code. The vulnerability arises because NLTK assumes all downloaded packages are trusted and extracts them without validation. If a malicious package contains Python files, such as __init__.py, these files are executed automatically upon import, leading to remote code execution. This issue can result in full system compromise, including file system access, network access, and potential persistence mechanisms.
Published Feb 18, 2026 · Updated Jun 30, 2026
High · CVSS 7.9
Missing protection mechanism for alternate hardware interface in the Intel(R) Quick Assist Technology for some Intel(R) Platforms within Ring 0: Kernel may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present with special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.
Published Feb 10, 2026 · Updated Jun 30, 2026
High · CVSS 8.5
Valkey is a distributed key-value database. Prior to versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12, a malicious user can use scripting commands to inject arbitrary information into the response stream for the given client, potentially corrupting or returning tampered data to other users on the same connection. The error handling code for lua scripts does not properly handle null characters. Versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12 fix the issue.
Published Feb 23, 2026 · Updated Jun 30, 2026
Medium · CVSS 5.9
A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to an uncontrolled increase in memory consumption on the server side. Consequently, the server may become unavailable, resulting in a denial of service attack.
Published Feb 28, 2025 · Updated Jun 30, 2026
High · CVSS 7.2
A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the `schema_attr_enum_callback` function within the `schema.c` file. This occurs because the code incorrectly calculates the buffer size by summing alias string lengths without accounting for additional formatting characters. When a large number of aliases are processed, this oversight can lead to a heap overflow, potentially allowing a remote attacker to cause a Denial of Service (DoS) or achieve Remote Code Execution (RCE).
Published Feb 23, 2026 · Updated Jun 29, 2026
Medium · CVSS 5.3
A flaw was found in GnuTLS. This vulnerability allows a denial of service (DoS) by excessive CPU (Central Processing Unit) and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names (SANs).
Published Feb 9, 2026 · Updated Jun 29, 2026
Medium · CVSS 4.4
A flaw was found in grub2. Grub's dump command is not blocked when grub is in lockdown mode, which allows the user to read any memory information, and an attacker may leverage this in order to extract signatures, salts, and other sensitive information from the memory.
Published Feb 19, 2025 · Updated Jun 29, 2026