Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2026-01-16
CVE-2026-0976 - Red Hat Build of Keycloak Plugin
A flaw was found in Keycloak. This improper input validation vulnerability occurs because Keycloak accepts RFC-compliant matrix parameters in URL path segments, while common reverse proxy configurations may ignore or mishandle them. A remote attacker can craft requests to mask path segments, potentially bypassing proxy-level path filtering. This could expose administrative or sensitive endpoints that operators believe are not externally reachable.
PLUGIN
Red Hat Build of Keycloak
CVE-2026-0976
Risk Score
Threat Entry
Updated 2026-01-23
CVE-2025-14457 - Drag And Drop Multiple File Upload For Contact Form 7 Plugin
The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to unauthorized modification of data due to a missing ownership check in the dnd_codedropz_upload_delete() function in all versions up to, and including, 1.3.9.2. This makes it possible for unauthenticated attackers to delete arbitrary uploaded files when the "Send attachments as links" setting is enabled.
PLUGIN
Drag And Drop Multiple File Upload For Contact Form 7
CVE-2025-14457
Risk Score
Threat Entry
Updated 2026-01-16
CVE-2026-23497 - Lms Plugin
Frappe Learning Management System (LMS) is a learning system that helps users structure their content. In 2.44.0 and earlier, there is a stored XSS vulnerability where a specially crafted image filename could execute malicious JavaScript when rendered on course or jobs pages.
PLUGIN
Lms
CVE-2026-23497
Risk Score
Threat Entry
Updated 2026-01-23
CVE-2026-21889 - Weblate Plugin
Weblate is a web based localization tool. Prior to 5.15.2, the screenshot images were served directly by the HTTP server without proper access control. This could allow an unauthenticated user to access screenshots after guessing their filename. This vulnerability is fixed in 5.15.2.
PLUGIN
Weblate
CVE-2026-21889
Risk Score
Threat Entry
Updated 2026-02-20
CVE-2026-0403 - RBE970 Plugin
An insufficient input validation vulnerability in NETGEAR Orbi routers allows attackers connected to the router's LAN to execute OS command injections.
PLUGIN
RBE970
CVE-2026-0403
Risk Score
Threat Entry
Updated 2026-01-13
CVE-2026-0504 - SAP Identity Management Plugin
Due to insufficient input handling, the SAP Identity Management REST interface allows an authenticated administrator to submit specially crafted malicious REST requests that are processed by JNDI operations without adequate input neutralization. This may lead to limited disclosure or modification of data, resulting in low impact on confidentiality and integrity, with no impact on application availability.
PLUGIN
SAP Identity Management
CVE-2026-0504
Risk Score
Threat Entry
Updated 2026-01-13
CVE-2026-0510 - NW AS Java UME User Mapping Plugin
The User Management Engine (UME) in NetWeaver Application Server for Java (NW AS Java) utilizes an obsolete cryptographic algorithm for encrypting User Mapping data. This weakness could allow an attacker with high-privileged access to exploit the vulnerability under specific conditions potentially leading to partial disclosure of sensitive information.This has low impact on confidentiality with no impact on integrity and availability of the application.
PLUGIN
NW AS Java UME User Mapping
CVE-2026-0510
Risk Score
Threat Entry
Updated 2026-01-13
CVE-2026-22805 - Metabase Plugin
Metabase is an open-source data analytics platform. Prior to 55.13, 56.3, and 57.1, self-hosted Metabase instances that allow users to create subscriptions could be potentially impacted if their Metabase is colocated with other unsecured resources. This vulnerability is fixed in 55.13, 56.3, and 57.1.
PLUGIN
Metabase
CVE-2026-22805
Risk Score
Threat Entry
Updated 2026-01-21
CVE-2026-22800 - PILOS Plugin
PILOS (Platform for Interactive Live-Online Seminars) is a frontend for BigBlueButton. Prior to 4.10.0, Cross-Site Request Forgery (CSRF) vulnerability exists in an administrative API endpoint responsible for terminating all active video conferences on a single server. The affected endpoint performs a destructive action but is exposed via an HTTP GET request. Although proper authorization checks are enforced and the endpoint cannot be triggered cross-site, the use of GET allows the action to be implicitly invoked through same-site content (e.g. embedded resources rendered within the application). As a result, an authenticated…
PLUGIN
PILOS
CVE-2026-22800
Risk Score
Threat Entry
Updated 2026-01-21
CVE-2026-22213 - RIOT OS Plugin
RIOT OS versions up to and including 2026.01-devel-317 contain a stack-based buffer overflow vulnerability in the tapslip6 utility. The vulnerability is caused by unsafe string concatenation in the devopen() function, which constructs a device path using unbounded user-controlled input. The utility uses strcpy() and strcat() to concatenate the fixed prefix '/dev/' with a user-supplied device name provided via the -s command-line option without bounds checking. This allows an attacker to supply an excessively long device name and overflow a fixed-size stack buffer, leading to process crashes and memory corruption.
PLUGIN
RIOT OS
CVE-2026-22213
Risk Score
Threat Entry
Updated 2026-01-16
CVE-2026-22784 - Lychee Plugin
Lychee is a free, open-source photo-management tool. Prior to 7.1.0, an authorization vulnerability exists in Lychee's album password unlock functionality that allows users to gain possibly unauthorized access to other users' password-protected albums. When a user unlocks a password-protected public album, the system automatically unlocks ALL other public albums that share the same password, resulting in a complete authorization bypass. This vulnerability is fixed in 7.1.0.
PLUGIN
Lychee
CVE-2026-22784
Risk Score
Threat Entry
Updated 2026-01-27
CVE-2026-22250 - Wlc Plugin
wlc is a Weblate command-line client using Weblate's REST API. Prior to 1.17.0, the SSL verification would be skipped for some crafted URLs. This vulnerability is fixed in 1.17.0.
PLUGIN
Wlc
CVE-2026-22250
Risk Score
Threat Entry
Updated 2026-01-13
CVE-2026-22611 - Aws Sdk Net Plugin
AWS SDK for .NET works with Amazon Web Services to help build scalable solutions with Amazon S3, Amazon DynamoDB, Amazon Glacier, and more. From versions 4.0.0 to before 4.0.3.3, Customer applications could be configured to improperly route AWS API calls to non-existent or non-AWS hosts. This notification is related to the use of specific values for the region input field when calling AWS services. An actor with access to the environment in which the SDK is used could set the region input field to an invalid value. This issue has…
PLUGIN
Aws Sdk Net
CVE-2026-22611
Risk Score
Threat Entry
Updated 2026-01-22
CVE-2026-22691 - Pypdf Plugin
pypdf is a free and open-source pure-python PDF library. Prior to version 6.6.0, pypdf has possible long runtimes for malformed startxref. An attacker who uses this vulnerability can craft a PDF which leads to possibly long runtimes for invalid startxref entries. When rebuilding the cross-reference table, PDF files with lots of whitespace characters become problematic. Only the non-strict reading mode is affected. Only the non-strict reading mode is affected. This issue has been patched in version 6.6.0.
PLUGIN
Pypdf
CVE-2026-22691
Risk Score
Threat Entry
Updated 2026-01-22
CVE-2026-22690 - Pypdf Plugin
pypdf is a free and open-source pure-python PDF library. Prior to version 6.6.0, pypdf has possible long runtimes for missing /Root object with large /Size values. An attacker who uses this vulnerability can craft a PDF which leads to possibly long runtimes for actually invalid files. This can be achieved by omitting the /Root entry in the trailer, while using a rather large /Size value. Only the non-strict reading mode is affected. This issue has been patched in version 6.6.0.
PLUGIN
Pypdf
CVE-2026-22690
Risk Score
Threat Entry
Updated 2026-01-15
CVE-2026-22597 - Ghost Plugin
Ghost is a Node.js content management system. In versions 5.38.0 through 5.130.5 and 6.0.0 through 6.10.3, a vulnerability in Ghost’s media inliner mechanism allows staff users in possession of a valid authentication token for the Ghost Admin API to exfiltrate data from internal systems via SSRF. This issue has been patched in versions 5.130.6 and 6.11.0.
PLUGIN
Ghost
CVE-2026-22597
Risk Score
Threat Entry
Updated 2026-01-14
CVE-2026-22602 - Openproject Plugin
OpenProject is an open-source, web-based project management software. Prior to version 16.6.2, a low‑privileged logged-in user can view the full names of other users. Since user IDs are assigned sequentially and predictably (e.g., 1 to 1000), an attacker can extract a complete list of all users’ full names by iterating through these URLs. The same behavior can also be reproduced via the OpenProject API, allowing automated retrieval of full names through the API as well. This issue has been patched in version 16.6.2. Those who are unable to upgrade may…
PLUGIN
Openproject
CVE-2026-22602
Risk Score
Threat Entry
Updated 2026-01-15
CVE-2026-20975 - Samsung Cloud Plugin
Improper handling of insufficient permission in Samsung Cloud prior to version 5.6.11 allows local attackers to access specific files in arbitrary path.
PLUGIN
Samsung Cloud
CVE-2026-20975
Risk Score
Threat Entry
Updated 2026-01-15
CVE-2026-20969 - Samsung Mobile Devices Plugin
Improper input validation in SecSettings prior to SMR Jan-2026 Release 1 allows local attacker to access file with system privilege. User interaction is required for triggering this vulnerability.
PLUGIN
Samsung Mobile Devices
CVE-2026-20969
Risk Score
Threat Entry
Updated 2026-01-13
CVE-2026-22714 - Mediawiki - Monaco Skin Plugin
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation Mediawiki - Monaco Skin allows Cross-Site Scripting (XSS).This issue affects Mediawiki - Monaco Skin: 1.45, 1.44, 1.43, 1.39.
PLUGIN
Mediawiki - Monaco Skin
CVE-2026-22714
Risk Score