Cut the noise.
Know which vulnerabilities demand action.

Monitor and prioritize what really matters — the 1% of vulnerabilities that can cause real impact.

Analytics

EPSS Trending (30d)

Threat Indicators

829
CISA KEV
244
Exploits
493
Proof-of-Concept
19.8%
Average EPSS

EPSS Hot Zone

|
Sort by:
KEV Prediction — Top%
EPSS Percentile — Top%

Emerging Vulnerabilities

09 Jul/26
CVE-2026-56291
CRITICAL

This vulnerability is an unauthenticated arbitrary file upload flaw in the Balbooa Forms extension for Joomla. The root cause lies in insufficient validation and sanitization of uploaded files within the form submission handler, allowing executable files to be accepted and stored. The affected component is the file upload functionality of the Balbooa Forms Joomla extension, which fails to restrict file types or enforce authentication checks before processing uploads.

CVSS 10.0
EPSS N/A
KEV Pred in 29d
Product balbooa.com Balbooa Forms extension for Joomla balbooa.com
CVSS v4.0 CWE-434
08 Jul/26
CVE-2026-58480
CRITICAL

This vulnerability is an unauthenticated arbitrary file upload flaw stemming from improper input validation in the Blocksy Companion Pro WordPress plugin prior to version 2.1.47. The root cause is a flawed substring check using strpos() in the Custom Fonts extension, which incorrectly validates file extensions by allowing double-extension filenames to bypass the extension filter. The affected component is the save_attachments function exposed via the Advanced Reviews feature, which processes uploaded files without adequate sanitization.

CVSS 9.8
EPSS 0.6%
KEV Pred in 28d
Product Creative Themes Blocksy Companion creative
CVSS v3.1 CVSS v4.0 CWE-434
07 Jul/26
CVE-2026-59800
CRITICAL

This vulnerability is an OS command injection caused by improper handling of input in the unauthenticated POST /api/tunnel/tailscale-install endpoint of 9Router. The sudoPassword parameter from the request body is directly passed to the stdin of a 'sudo -S sh' child process without validation or sanitization. The affected component is the tailscale-install API route, which lacks authorization checks due to exclusion from the dashboard middleware matcher.

CVSS 9.8
EPSS 1.4%
KEV Pred in 27d
Product decolua 9router decolua
CVSS v3.1 CVSS v4.0 CWE-78
02 Jul/26
CVE-2026-5524
CRITICAL

This vulnerability is an arbitrary file upload flaw caused by improper validation of file extensions in the Divi Form Builder plugin's do_image_upload() function. The root cause lies in the direct interpolation of user-supplied input from the acceptFileTypes POST parameter into a regular expression used for file validation. This affects the file upload component responsible for restricting executable file types, allowing bypass of intended security controls.

CVSS 9.8
EPSS 0.5%
KEV Pred in 22d
Product Divi Engine Divi Form Builder divi
CVSS v3.1 CWE-434 PoC
02 Jul/26
CVE-2026-57624
CRITICAL

This vulnerability is an unauthenticated remote code execution (RCE) flaw caused by improper handling of user-supplied input in the Blocksy Companion Pro WordPress plugin, specifically versions up to and including 2.1.46. The root cause lies in insecure dynamic code evaluation that allows execution of arbitrary code without authentication. The affected component is the plugin’s backend functionality responsible for processing certain requests, which fails to sanitize or validate input before execution.

CVSS 10.0
EPSS 0.7%
KEV Pred in 22d
Product Creative Themes Blocksy Companion Pro creative
CVSS v3.1 CWE-94
30 Jun/26
CVE-2026-48282
CRITICAL

This vulnerability is a path traversal flaw caused by insufficient validation of user-supplied file path inputs within Adobe ColdFusion. The affected component improperly restricts pathname access, allowing attackers to traverse directories outside intended boundaries. This weakness occurs in ColdFusion versions 2023 and earlier, impacting the file handling mechanisms responsible for directory access control.

CVSS 10.0
EPSS 28.6%
KEV Pred in 20d
Product Adobe ColdFusion adobe
CVSS v3.1 KEV CWE-22 PoC RANSOMWARE
29 Jun/26
CVE-2026-56290
CRITICAL

This vulnerability is an unauthenticated arbitrary file upload flaw in the JoomlaCK.fr Page Builder CK extension for Joomla. The root cause lies in insufficient validation and filtering of uploaded files within the extension's file upload functionality. The affected component is the file upload handler that processes incoming files without proper authentication or content-type restrictions, enabling malicious payloads to be uploaded.

CVSS 9.8
EPSS 2.9%
KEV Pred in 19d
Product JoomlaCK.fr Page Builder CK extension for Joomla joomlack.fr
CVSS v3.1 CVSS v4.0 KEV CWE-434 PoC
26 Jun/26
CVE-2026-56011
HIGH

This vulnerability is an unauthenticated Cross-Site Scripting (XSS) flaw arising from improper sanitization of user-supplied input in the MapPress Maps for WordPress plugin, specifically versions up to 2.97.3. The issue resides in the plugin's handling of map-related parameters that are rendered in the frontend without adequate encoding or filtering, affecting the map display component responsible for embedding Google Maps within WordPress posts or pages.

CVSS 7.1
EPSS 0.2%
KEV Pred in 16d
Product chrisvrichardson MapPress Maps for WordPress chrisvrichardson
CVSS v3.1 CWE-79 PoC
23 Jun/26
CVE-2026-55255
HIGH

The vulnerability is an Insecure Direct Object Reference (IDOR) affecting the /api/v1/responses endpoint of the langflow-ai langflow product. The root cause is insufficient authorization validation allowing authenticated users to specify arbitrary flow IDs belonging to other users. This flaw resides in the API's access control mechanism for flow execution requests prior to version 1.9.1.

CVSS 8.4
EPSS 0.5%
KEV Pred in 13d
Product langflow-ai langflow langflow-ai
CVSS v3.1 KEV CWE-639 PoC
20 Jun/26
CVE-2026-48908
CRITICAL

This vulnerability is an unrestricted file upload flaw in the SP Page Builder extension for Joomla. The root cause is insufficient validation and sanitization of uploaded files, allowing unauthenticated users to upload arbitrary files, including executable PHP scripts. The affected component is the file upload functionality within the SP Page Builder extension.

CVSS 9.8
EPSS 1.6%
KEV Pred in 10d
Product joomshaper.net SP Page Builder extension for Joomla joomshaper.net
CVSS v3.1 CVSS v4.0 KEV CWE-434 PoC
19 Jun/26
CVE-2026-7515
CRITICAL

This vulnerability is a Local File Inclusion (LFI) flaw in the BetterDocs Pro WordPress plugin, specifically affecting versions up to 3.8.0. The root cause lies in insufficient input validation of the `doc_style` parameter, which allows an attacker to manipulate file inclusion logic. The affected component is the file inclusion mechanism within the plugin that processes the `doc_style` parameter without proper sanitization, enabling arbitrary file inclusion on the server.

CVSS 9.8
EPSS 0.9%
KEV Pred in 9d
Product BetterDocs Pro betterdocs
CVSS v3.1 CWE-98 PoC
19 Jun/26
CVE-2026-8713
CRITICAL

This vulnerability is an arbitrary file deletion flaw rooted in improper validation of file paths within the maybe_delete_files function of the Avada (Fusion) Builder plugin for WordPress. The issue arises from insufficient sanitization of user-supplied input, enabling path traversal attacks. The affected component is the Fusion_Form_DB_Privacy cleanup routine triggered during shutdown, which processes database entries related to form submissions.

CVSS 9.1
EPSS 1.2%
KEV Pred in 9d
Product themefusion Avada (Fusion) Builder themefusion
CVSS v3.1 CWE-22 PoC
18 Jun/26
CVE-2026-12569
CRITICAL

This vulnerability is a remote code execution flaw resulting from insecure deserialization of untrusted data within PTC Windchill PDMLink and FlexPLM components. Specifically, the deserialization process fails to properly validate or sanitize incoming serialized objects, allowing malicious payloads to be executed during object reconstruction. The affected components include all CPS versions and Windchill/FlexPLM releases prior to 11.0 M030, where the deserialization functionality is exposed to network input.

CVSS 9.3
EPSS 1.2%
KEV Pred in 8d
Product PTC Windchill PDMLink ptc
CVSS v4.0 KEV CWE-20
15 Jun/26
CVE-2026-20262
MEDIUM

This vulnerability is a path traversal flaw (CWE-22) in the file upload functionality of Cisco Catalyst SD-WAN Manager's web UI. The root cause is improper validation of user-supplied input during the file upload process, allowing crafted input to manipulate file paths. The affected component is the API endpoint handling file uploads within the web management interface.

CVSS 6.5
EPSS 7.7%
KEV Pred in 5d
Product Cisco Catalyst SD-WAN Manager cisco
CVSS v3.1 KEV CWE-22 PoC
15 Jun/26
CVE-2026-48969
MEDIUM

This vulnerability is a Broken Access Control flaw affecting Really Simple SSL plugin versions up to 9.5.9. The root cause lies in improper enforcement of subscriber-level permissions, allowing unauthorized users to access or manipulate functions intended for higher privilege roles. The affected component is the subscriber access control mechanism within the plugin's permission validation logic.

CVSS 6.5
EPSS 0.2%
KEV Pred in 5d
Product Really Simple Plugins B.V. Really Simple SSL really
CVSS v3.1 CWE-862
14 Jun/26
CVE-2026-54420
HIGH

This vulnerability is a symbolic link (symlink) traversal issue in the LiteSpeed cPanel plugin and LiteSpeed WHM plugin components. The root cause lies in improper validation and handling of user-supplied symlink paths within the plugin's file management routines. Specifically, the plugin fails to correctly restrict symlink resolution for users with FTP or web shell access on shared hosting environments using CloudLinux/CageFS, enabling unauthorized access to filesystem locations outside intended boundaries.

CVSS 8.5
EPSS 1.3%
KEV Pred in 4d
Product LiteSpeed Technologies cPanel Plugin litespeed
CVSS v3.1 KEV CWE-61 PoC
12 Jun/26
CVE-2026-48558
CRITICAL

This vulnerability is an authentication bypass caused by improper validation of OIDC identity tokens within SimpleHelp's authentication flow. The flaw arises because the system accepts identity tokens without verifying their cryptographic signatures. The affected component is the OIDC authentication mechanism in SimpleHelp versions 5.5.15 and earlier, as well as 6.0 pre-release versions.

CVSS 10.0
EPSS 1.2%
KEV Pred in 2d
Product SimpleHelp simplehelp
CVSS v3.1 CVSS v4.0 KEV CWE-347 PoC RANSOMWARE
11 Jun/26
CVE-2026-42653
HIGH

This vulnerability is a Stored Cross-site Scripting (XSS) flaw caused by improper neutralization of user-supplied input during web page generation in the SliceWP WordPress plugin. The root cause lies in the plugin's failure to sanitize or encode input data before rendering it in the affected component, allowing malicious scripts to be stored and executed in users' browsers. The issue affects SliceWP versions up to and including 1.2.6.

CVSS 7.1
EPSS 0.1%
KEV Pred in 1d
Product iova.mihai SliceWP iova.mihai
CVSS v3.1 CWE-79
11 Jun/26
CVE-2026-39494
CRITICAL

This vulnerability is a Blind SQL Injection affecting the Product Filter by WBW WordPress plugin up to version 3.1.2. The root cause is improper neutralization of special SQL command elements within user-supplied input, allowing crafted queries to be injected into the backend database. The flaw resides in the plugin's filtering functionality that processes user input without adequate sanitization or parameterization.

CVSS 9.3
EPSS 0.4%
KEV Pred in 1d
Product WBW Plugins Product Filter by WBW wbw
CVSS v3.1 CWE-89
11 Jun/26
CVE-2026-42647
CRITICAL

This vulnerability is a Blind SQL Injection resulting from improper neutralization of special elements in SQL commands within Beardev JoomSport. The root cause lies in insufficient input sanitization of user-supplied data that is directly incorporated into SQL queries without parameterization or escaping. The affected component is the JoomSport plugin for WordPress, specifically versions up to and including 5.7.7, where database query construction fails to properly handle malicious input.

CVSS 9.3
EPSS 1.3%
KEV Pred in 1d
Product Beardev JoomSport beardev
CVSS v3.1 CWE-89 PoC
11 Jun/26
CVE-2026-49060
CRITICAL

This vulnerability is an Incorrect Privilege Assignment flaw rooted in improper access control mechanisms within the Hippoo Mobile App for WooCommerce plugin. The issue arises because certain privileged functions or administrative features are accessible without proper authorization checks. The affected component is the privilege management system in versions up to 1.9.4, which fails to enforce restrictions on user capabilities, allowing unauthorized privilege escalation.

CVSS 9.8
EPSS 0.5%
KEV Pred in 1d
Product Hippoo Mobile App for WooCommerce hippoo
CVSS v3.1 CWE-266 PoC
11 Jun/26
CVE-2026-35273
CRITICAL

This vulnerability is an authentication bypass affecting the Updates Environment Management component of Oracle PeopleSoft Enterprise PeopleTools versions 8.61 and 8.62. The root cause lies in improper access control mechanisms that allow unauthenticated network requests over HTTP to interact with privileged environment management functions. This flaw enables attackers to bypass normal authentication checks within the PeopleTools update management interface.

CVSS 9.8
EPSS 92.3%
KEV Pred in 1d
Product Oracle Corporation PeopleSoft Enterprise PeopleTools oracle
CVSS v3.1 KEV CWE-306 PoC RANSOMWARE
10 Jun/26
CVE-2026-20253
CRITICAL

This vulnerability is an authentication bypass affecting the PostgreSQL sidecar service endpoint in Splunk Enterprise. The root cause is the absence of authentication controls on this endpoint, which allows unauthenticated network users to invoke file operations. The affected component is the PostgreSQL sidecar service integrated within Splunk Enterprise versions prior to 10.2.4 and 10.0.7.

CVSS 9.8
EPSS 88.2%
KEV Pred N/A
Product Splunk Enterprise splunk
CVSS v3.1 KEV CWE-306 PoC
10 Jun/26
CVE-2026-53435
HIGH

This vulnerability is a deserialization flaw in Jenkins core and plugins, allowing unsafe processing of attacker-controlled XML data. The root cause is insecure deserialization of arbitrary types from the `config.xml` submission, which is part of Jenkins' configuration management. The affected components include Jenkins versions 2.567 and earlier, and LTS 2.555.2 and earlier, specifically the configuration XML handling mechanism.

CVSS 8.8
EPSS 14.9%
KEV Pred N/A
Product Jenkins Project Jenkins jenkins
CVSS v3.1 CWE-502 PoC
09 Jun/26
CVE-2026-10520
CRITICAL

The vulnerability is an OS command injection rooted in improper input validation within Ivanti Sentry's command execution routines. Specifically, the affected component fails to sanitize user-supplied input before passing it to underlying system shell commands. This flaw exists in versions prior to R10.5.2, R10.6.2, and R10.7.1, impacting the command processing mechanism that interfaces with the operating system shell.

CVSS 10.0
EPSS 99.0%
KEV Pred 72%
Product ivanti Sentry ivanti
CVSS v3.1 KEV CWE-78 PoC RANSOMWARE
08 Jun/26
CVE-2026-11645
HIGH

This vulnerability is an out-of-bounds read and write flaw occurring within the V8 JavaScript engine of Google Chrome. The root cause lies in improper bounds checking during memory operations, allowing access beyond allocated buffer limits. The affected component is the V8 engine, which handles JavaScript execution within the browser sandbox environment.

CVSS 8.8
EPSS 1.7%
KEV Pred 58%
Product Google Chrome google
CVSS v3.1 KEV CWE-125 PoC
08 Jun/26
CVE-2026-50751
CRITICAL

This vulnerability is an authentication bypass caused by a logic flaw in the certificate validation process within the deprecated IKEv1 key exchange protocol. The affected component is the Remote Access and Mobile Access feature of the Check Point Quantum Security Gateway. The root cause lies in improper handling of certificate validation logic flow, which allows bypassing normal authentication checks during VPN establishment.

CVSS 9.3
EPSS 70.1%
KEV Pred 68%
Product checkpoint Quantum Security Gateway checkpoint
CVSS v3.1 KEV CWE-287 PoC RANSOMWARE
05 Jun/26
CVE-2026-7473
MEDIUM

This vulnerability is a protocol decapsulation validation flaw affecting Arista Networks EOS tunnel processing components. Specifically, the switch fails to verify the tunnel protocol type when decapsulating packets on VXLAN, decap-groups, or GRE tunnel interfaces. This improper validation causes the device to incorrectly process tunneled packets with a destination IP matching its configured decapsulation IP regardless of the actual tunnel protocol, leading to unintended packet forwarding behavior.

CVSS 5.8
EPSS 0.8%
KEV Pred 64%
Product Arista Networks EOS arista
CVSS v3.1 CVSS v4.0 KEV CWE-1023 PoC
05 Jun/26
CVE-2026-49777
CRITICAL

The vulnerability is an improper validation flaw related to the specified quantity input within the Product Slider Pro for WooCommerce plugin by ShapedPlugin, LLC. The root cause lies in insufficient sanitization and verification of user-supplied quantity parameters, allowing malicious data to bypass input controls. This flaw affects the input handling logic of the product quantity specification feature in versions prior to 3.5.4.

CVSS 10.0
EPSS 1.7%
KEV Pred 76%
Product ShapedPlugin, LLC Product Slider Pro for WooCommerce shapedplugin,
CVSS v3.1 CWE-1284 PoC
05 Jun/26
CVE-2026-48907
CRITICAL

The vulnerability is an authentication bypass in the Joomla Content Editor (JCE) extension for Joomla, allowing unauthenticated users to create new editor profiles. This flaw arises from improper access control validation in the profile creation component of the JCE editor. The affected feature is the editor profile management functionality within the JCE extension, which fails to restrict profile creation to authorized users only.

CVSS 9.8
EPSS 80.4%
KEV Pred 60%
Product joomlacontenteditor.net Joomla Content Editor (JCE) extension for Joomla joomlacontenteditor.net
CVSS v3.1 CVSS v4.0 KEV CWE-284 PoC
04 Jun/26
CVE-2026-28318
HIGH

This vulnerability is a denial-of-service condition caused by improper handling of HTTP POST requests with Content-Encoding set to deflate. The root cause lies in the Serv-U service's inability to correctly process specially crafted compressed payloads, leading to resource exhaustion or crash. The affected component is the Serv-U FTP server's HTTP request parsing logic, which does not require authentication to be triggered.

CVSS 7.5
EPSS 10.7%
KEV Pred 70%
Product SolarWinds Serv-U solarwinds
CVSS v3.1 KEV CWE-400 PoC
03 Jun/26
CVE-2026-20230
HIGH

This vulnerability is a server-side request forgery (SSRF) arising from improper input validation of specific HTTP requests in Cisco Unified Communications Manager and its Session Management Edition. The flaw exists within the WebDialer service component, which processes HTTP requests without sufficient sanitization, allowing crafted requests to manipulate internal server behavior. The root cause is the lack of validation on input parameters that control file operations on the underlying operating system.

CVSS 8.6
EPSS 41.7%
KEV Pred 76%
Product Cisco Unified Communications Manager cisco
CVSS v3.1 KEV CWE-918 PoC
02 Jun/26
CVE-2026-5073
HIGH

This vulnerability is a SQL Injection affecting the ARMember Premium WordPress plugin, specifically within the arm_get_directory_members() function. The root cause is insufficient escaping and lack of proper parameterization of user-supplied 'order' and 'orderby' inputs in the SQL query construction. The flaw resides in the 'arm_directory_paging_action' AJAX handler, which processes these parameters without adequate sanitization.

CVSS 7.5
EPSS 1.4%
KEV Pred 67%
Product ARMember Premium – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup armember
CVSS v3.1 CWE-89
02 Jun/26
CVE-2026-8206
CRITICAL

This vulnerability is a privilege escalation flaw caused by improper validation in the password reset functionality of the Kirki – Freeform Page Builder plugin for WordPress. The root cause lies in the plugin accepting an arbitrary email address when a username is submitted during a password reset request. The affected component is the password reset handler within the plugin's form processing logic, which fails to verify that the email corresponds to the username provided.

CVSS 9.8
EPSS 1.3%
KEV Pred 52%
Product themeum Kirki – Freeform Page Builder, Website Builder & Customizer themeum
CVSS v3.1 CWE-269 PoC
30 May/26
CVE-2026-7465
HIGH

This vulnerability is a remote code execution flaw arising from improper handling of block registration and rendering in the Spectra Gutenberg Blocks plugin. The root cause is the ability for authenticated users with Contributor-level privileges or higher to register arbitrary block types prefixed with 'uagb-' and assign attacker-controlled render callbacks. During sequential block rendering, the plugin invokes these callbacks via call_user_func(), enabling execution of arbitrary PHP code on the server.

CVSS 8.8
EPSS 1.2%
KEV Pred 34%
Product brainstormforce Spectra Gutenberg Blocks – Website Builder for the Block Editor brainstormforce
CVSS v3.1 CWE-269 PoC
29 May/26
CVE-2026-8732
CRITICAL

This vulnerability is a privilege escalation flaw caused by improper access control in the WP Maps Pro WordPress plugin. The root cause lies in the wpgmp_temp_access_ajax AJAX action being registered with wp_ajax_nopriv_, allowing unauthenticated access. The protection relies solely on a nonce embedded in the frontend JavaScript, which is publicly accessible, rendering the nonce check ineffective as an authentication barrier.

CVSS 9.8
EPSS 9.5%
KEV Pred 71%
Product flippercode WP Maps Pro flippercode
CVSS v3.1 CWE-306 PoC
27 May/26
CVE-2026-48027
CRITICAL

This vulnerability arises from the publication of a maliciously altered version of the Nx Console extension (version 18.95.0) for Visual Studio Code and OpenVSX. The root cause is the distribution of a compromised package through official extension marketplaces, affecting the integrity verification and supply chain of the Nx Console user interface component. The compromised version contains unauthorized code introduced during the build or publishing process, impacting the extension's execution environment within the IDE.

CVSS 9.8
EPSS 1.8%
KEV Pred 66%
Product nrwl nx-console nrwl
CVSS v3.1 CVSS v4.0 KEV CWE-506 RANSOMWARE
26 May/26
CVE-2026-45247
CRITICAL

This vulnerability is a PHP object injection caused by the unsafe use of PHP's native unserialize() function on user-controlled input. Specifically, the CacheWarmer cookie in Mirasvit Full Page Cache Warmer for Magento 2 versions prior to 1.11.12 is processed without validation, allowing deserialization of crafted serialized PHP objects. The flaw resides in the cache warming component responsible for handling cache refresh requests and related cookie data.

CVSS 9.8
EPSS 27.5%
KEV Pred 61%
Product Mirasvit Full Page Cache Warmer for Magento 2 mirasvit
CVSS v3.1 CVSS v4.0 KEV CWE-502 PoC
22 May/26
CVE-2026-45659
HIGH

This vulnerability is a deserialization flaw in Microsoft Office SharePoint Enterprise Server 2016. It arises from improper handling of untrusted serialized data within SharePoint's data processing components, allowing maliciously crafted input to be deserialized. The affected component is the SharePoint server's deserialization mechanism responsible for processing serialized objects received over the network from authorized users.

CVSS 8.8
EPSS 3.2%
KEV Pred 69%
Product Microsoft SharePoint Enterprise Server 2016 microsoft
CVSS v3.1 KEV CWE-502 PoC RANSOMWARE
22 May/26
CVE-2026-34910
CRITICAL

This vulnerability is a command injection flaw resulting from improper input validation in UniFi OS Server and related UniFi firmware components. The root cause lies in the failure to sanitize user-supplied input before passing it to system-level command execution functions. Affected components include UniFi OS Server and multiple UniFi device firmware versions, where network-accessible interfaces process untrusted input without adequate validation.

CVSS 10.0
EPSS 78.6%
KEV Pred 76%
Product Ubiquiti Inc UniFi OS Server ubiquiti
CVSS v3.1 KEV CWE-20
22 May/26
CVE-2026-34908
CRITICAL

This vulnerability is an Improper Access Control flaw affecting Ubiquiti UniFi OS Server and related firmware components. The root cause lies in insufficient enforcement of authorization checks within system management interfaces, allowing unauthorized network actors to interact with privileged functions. The affected components include UniFi OS devices and various UniFi Dream Machine firmware variants, where control mechanisms fail to restrict access to critical configuration endpoints.

CVSS 10.0
EPSS 2.5%
KEV Pred 72%
Product Ubiquiti Inc UniFi OS Server ubiquiti
CVSS v3.1 KEV CWE-284 PoC
22 May/26
CVE-2026-34909
CRITICAL

This vulnerability is a Path Traversal flaw (CWE-22) in Ubiquiti UniFi OS Server and related firmware components. The root cause is insufficient validation of user-supplied file path inputs, allowing traversal sequences to access files outside the intended directory scope. The affected components include UniFi OS Server and various UniFi device firmware versions that handle file requests without proper sanitization.

CVSS 10.0
EPSS 2.3%
KEV Pred 83%
Product Ubiquiti Inc UniFi OS Server ubiquiti
CVSS v3.1 KEV CWE-22
21 May/26
CVE-2026-48172
CRITICAL

This vulnerability is a privilege escalation flaw rooted in improper handling of Redis enable/disable features within the LiteSpeed User-End cPanel Plugin. The affected component mismanages internal API calls related to the "cpanel_jsonapi_func=redisAble" parameter, allowing unauthorized elevation of privileges. The flaw resides in the plugin's logic that controls Redis functionality toggling, leading to escalation beyond intended permission boundaries.

CVSS 9.8
EPSS 18.9%
KEV Pred 67%
Product LiteSpeed Technologies cPanel Plugin litespeed
CVSS v3.1 CVSS v4.0 KEV CWE-266 PoC RANSOMWARE
20 May/26
CVE-2026-9082
CRITICAL

This vulnerability is a SQL Injection flaw resulting from improper neutralization of special elements within SQL commands in Drupal core. The root cause lies in insufficient input sanitization allowing crafted input to alter SQL queries. The affected component is Drupal core versions from 8.9.0 up to but not including specified patched releases across multiple major versions, impacting database query handling mechanisms.

CVSS 9.8
EPSS 84.6%
KEV Pred 74%
Product Drupal core drupal
CVSS v3.1 KEV CWE-89 PoC
20 May/26
CVE-2026-45444
CRITICAL

This vulnerability is an unrestricted file upload flaw classified under CWE-434. It arises from insufficient validation of file types during the upload process within the WP Swings Gift Cards For WooCommerce Pro plugin. The affected component is the file upload handler in the Gift Cards For WooCommerce Pro plugin versions up to 4.2.6, which fails to restrict dangerous file types, allowing arbitrary files to be uploaded.

CVSS 10.0
EPSS 0.3%
KEV Pred 72%
Product WP Swings Gift Cards For WooCommerce Pro wp
CVSS v3.1 CWE-434
19 May/26
CVE-2026-47100
HIGH

This vulnerability is a missing authorization flaw in the FunnelKit Funnel Builder for WooCommerce Checkout plugin prior to version 3.15.0.3. The root cause is the lack of access control on the public AJAX checkout endpoint, which permits unauthenticated requests to invoke internal methods. The affected component is the plugin's External Scripts global setting, which can be manipulated through this unauthorized access vector.

CVSS 7.5
EPSS 0.5%
KEV Pred 69%
Product FunnelKit Funnel Builder for WooCommerce Checkout funnelkit
CVSS v3.1 CVSS v4.0 CWE-862 PoC
15 May/26
CVE-2026-8398
CRITICAL

This vulnerability is a supply chain compromise affecting the build and distribution process of AVB Disc Soft's DAEMON Tools Lite Windows installer packages, specifically versions 12.5.0.2421 through 12.5.0.2434. The root cause is unauthorized access to the vendor's build infrastructure, allowing attackers to inject malicious code into three signed binaries (DTHelper.exe, DiscSoftBusServiceLite.exe, DTShellHlp.exe). The trojanized binaries maintain valid digital signatures, impacting the integrity verification mechanism of the installation process.

CVSS 9.8
EPSS 1.5%
KEV Pred 51%
Product AVB Disc Soft DAEMON Tools Lite avb
CVSS v3.1 CVSS v4.0 KEV CWE-506
14 May/26
CVE-2026-42897
MEDIUM

The vulnerability is a cross-site scripting (XSS) flaw caused by improper neutralization of user-supplied input during web page generation in Microsoft Exchange Server 2016 Cumulative Update 23. This occurs due to insufficient sanitization of input data processed by the web interface, allowing malicious scripts to be injected into dynamically generated pages. The affected component is the web-based management interface of Microsoft Exchange Server 2016 CU23.

CVSS 6.1
EPSS 5.6%
KEV Pred 84%
Product Microsoft Exchange Server 2016 Cumulative Update 23 microsoft
CVSS v3.1 KEV CWE-79 PoC RANSOMWARE
14 May/26
CVE-2026-20182
CRITICAL

This vulnerability is an authentication bypass in the peering authentication mechanism of Cisco Catalyst SD-WAN Controller and Manager. The root cause lies in improper validation during the control connection handshaking process, allowing crafted requests to circumvent authentication checks. The affected component is the peering authentication feature responsible for establishing secure control connections within the SD-WAN fabric.

CVSS 10.0
EPSS 88.5%
KEV Pred 67%
Product Cisco Catalyst SD-WAN Manager cisco
CVSS v3.1 KEV CWE-287 Exploit PoC RANSOMWARE
13 May/26
CVE-2026-0257
CRITICAL

This vulnerability is an authentication bypass affecting the GlobalProtect portal and gateway components within Palo Alto Networks PAN-OS software. The root cause lies in improper validation of authentication mechanisms, allowing unauthorized users to circumvent security controls. The flaw specifically targets the authentication logic in the VPN access control process, enabling bypass without valid credentials.

CVSS 9.1
EPSS 86.7%
KEV Pred 72%
Product Palo Alto Networks Cloud NGFW palo
CVSS v3.1 CVSS v4.0 KEV CWE-565 PoC
Page 1 of 18 (871 total)