CVE

247.8K posts

CVE banner
CVE

CVE

@CVEnew

Official account maintained by the CVE™ Program to notify the community of new CVE IDs. Posts contain abbreviated details. Full CVE Records on https://t.co/ALn4YvUtom

Katılım Ocak 2017
3 Takip Edilen57.7K Takipçiler
CVE
CVE@CVEnew·
CVE-2026-15535 A vulnerability was determined in AkariAsai self-rag up to 1fcdc420e48f50a7d7ab1ece5494221b93252e99. Affected by this issue is the function Indexer.deserialize_from o… cve.org/CVERecord?id=C…
English
0
0
3
786
CVE
CVE@CVEnew·
CVE-2026-15536 A vulnerability was identified in itsourcecode Hospital Management System 1.0. This affects an unknown part of the file /patviewprescription.php. The manipulation of … cve.org/CVERecord?id=C…
English
0
0
1
241
CVE
CVE@CVEnew·
CVE-2026-15537 A security flaw has been discovered in SourceCodester Online Book Store System 1.0. This vulnerability affects unknown code of the file admin/login.php. The manipulat… cve.org/CVERecord?id=C…
English
0
0
1
234
CVE
CVE@CVEnew·
CVE-2026-10551 The Breeze Cache WordPress plugin before 2.5.6 is vulnerable to unauthenticated Stored Cross-Site Scripting (XSS) due to a predictable replacement hash used during th… cve.org/CVERecord?id=C…
English
0
0
0
248
CVE
CVE@CVEnew·
CVE-2026-11963 The User Registration & Membership WordPress plugin before 5.2.2 does not perform an authorization check on a membership-upgrade action and derives the user to modif… cve.org/CVERecord?id=C…
English
0
0
0
225
CVE
CVE@CVEnew·
CVE-2026-11964 The User Registration & Membership WordPress plugin before 5.2.2 does not verify the authenticity of incoming payment-provider webhook notifications before acting on… cve.org/CVERecord?id=C…
English
0
0
1
247
CVE
CVE@CVEnew·
CVE-2026-12081 The Database for Contact Form 7, WPforms, Elementor forms WordPress plugin before 1.5.2 does not restrict the PHP classes allowed when unserializing an attacker-suppl… cve.org/CVERecord?id=C…
English
0
0
1
221
CVE
CVE@CVEnew·
CVE-2026-12271 The Tutor LMS WordPress plugin before 3.9.13 does not verify ownership of the targeted quiz attempt before writing to it, allowing authenticated users with subscribe… cve.org/CVERecord?id=C…
English
0
0
0
437
CVE
CVE@CVEnew·
CVE-2026-12273 The Tutor LMS WordPress plugin before 3.9.13 does not perform any authorization or post-target validation before creating a comment in one of its handlers, and store… cve.org/CVERecord?id=C…
English
0
0
0
494
CVE
CVE@CVEnew·
CVE-2026-12274 The Tutor LMS WordPress plugin before 3.9.13 does not verify that the requesting user is allowed to edit a target post before overwriting it in one of its content-bu… cve.org/CVERecord?id=C…
English
0
0
0
465
CVE
CVE@CVEnew·
CVE-2026-12275 The Tutor LMS WordPress plugin before 3.9.13 does not, in its Droip and Kirki page-builder integration, perform the enrollment, purchase, and private-course capabili… cve.org/CVERecord?id=C…
English
0
0
0
472
CVE
CVE@CVEnew·
CVE-2026-12396 The WP Job Portal WordPress plugin before 2.5.5 does not perform capability or ownership checks before allowing job moderation actions, allowing authenticated users … cve.org/CVERecord?id=C…
English
0
0
0
495
CVE
CVE@CVEnew·
CVE-2026-12397 The WP Job Portal WordPress plugin before 2.5.5 does not verify ownership when returning an employer's contact email for a given job, allowing authenticated users wi… cve.org/CVERecord?id=C…
English
0
0
0
502
CVE
CVE@CVEnew·
CVE-2026-12582 The Library Management System WordPress plugin before 3.5.8 does not sanitize and escape a user-supplied parameter before using it in a SQL statement, allowing unauth… cve.org/CVERecord?id=C…
English
0
0
0
477
CVE
CVE@CVEnew·
CVE-2026-15538 A weakness has been identified in primefaces primereact up to 10.9.8. This issue affects the function ObjectUtils.mutateFieldData of the component API. This manipulat… cve.org/CVERecord?id=C…
English
0
0
0
473
CVE
CVE@CVEnew·
CVE-2026-15539 A security vulnerability has been detected in SourceCodester Online Book Store System 1.0. Impacted is an unknown function of the file /admin/index.php?page=books of … cve.org/CVERecord?id=C…
English
0
0
0
485
CVE
CVE@CVEnew·
CVE-2026-15540 A vulnerability was detected in SourceCodester Online Book Store System 1.0. The affected element is an unknown function of the file /admin/index.php of the component… cve.org/CVERecord?id=C…
English
0
0
0
465
CVE
CVE@CVEnew·
CVE-2026-4769 Certain devices in the WAGO System I/O Field series activate an internal diagnostic capability during the initial startup sequence. This functionality is not formally d… cve.org/CVERecord?id=C…
English
0
0
0
464
CVE
CVE@CVEnew·
CVE-2026-15541 A flaw has been found in will-moss Isaiah up to 1.36.9. The impacted element is the function Server.Handle of the file app/server/server/server.go of the component Ma… cve.org/CVERecord?id=C…
English
0
0
0
459
CVE
CVE@CVEnew·
CVE-2026-15542 A vulnerability has been found in will-moss Isaiah up to 1.36.9. This affects an unknown function of the file app/main.go of the component Websocket Connection Authen… cve.org/CVERecord?id=C…
English
0
0
0
488