Sat, Jun 20 · 05:16 PM CDTCVE-2026-5366
9.9/10 · Must read/watchNVDvuln
Summary
Prefect version 3.6.23 is vulnerable to remote code execution due to improper handling of user-controlled input in the `GitRepository` storage class. The `commit_sha` parameter, which is passed to git commands, lacks validation and does not include a `--` separator to distinguish user input from git flags. This allows
CVECVE-2026-5366
SeverityCRITICAL
TypeNEW
PublishedSat, Jun 20 · 05:16 PM CDT
ModifiedSat, Jun 20 · 05:16 PM CDT
Sat, Jun 20 · 02:16 PM CDTCVE-2019-25763
9.8/10 · Must read/watchNVDvuln
Summary
WordPress Ultimate Addons for Beaver Builder 1.2.4.1 contains an authentication bypass vulnerability that allows attackers to gain unauthorized access by exploiting the social media login form functionality. Attackers can submit a POST request to the admin-ajax.php endpoint with the uabb-lf-google-submit action, a vali
CVECVE-2019-25763
SeverityCRITICAL
TypeUPDATED
PublishedSat, Jun 20 · 02:16 PM CDT
ModifiedSun, Jun 21 · 01:16 PM CDT
Sun, Jun 14 · 12:16 PM CDTCVE-2026-11526
9.8/10 · Must read/watchNVDvuln
Summary
GD versions before 2.86 for Perl allow OS command injection and file overwrite via a 2-arg open() of filename arguments in _make_filehandle. GD::Image::_make_filehandle opens a filename argument with Perl's 2-arg open(), so a filename that begins or ends with a pipe ("| cmd", "cmd |") or begins with a redirect ("> path
CVECVE-2026-11526
SeverityCRITICAL
TypeUPDATED
PublishedSun, Jun 14 · 12:16 PM CDT
ModifiedSun, Jun 21 · 02:16 PM CDT
Sun, Jun 21 · 02:16 PM CDTCVE-2026-56265
9.8/10 · Must read/watchNVDvuln
Summary
Crawl4AI before 0.8.7 contains an authentication bypass vulnerability due to a hardcoded default JWT signing key in the Docker API server. Attackers who know the default key can forge valid authentication tokens for any user, bypassing authentication and gaining full access to protected functionality.
CVECVE-2026-56265
SeverityCRITICAL
TypeNEW
PublishedSun, Jun 21 · 02:16 PM CDT
ModifiedSun, Jun 21 · 02:16 PM CDT
Sun, Jun 21 · 02:16 PM CDTCVE-2026-56395
9.6/10 · Must read/watchNVDvuln
Summary
SiYuan before v3.6.1 fails to sanitize package metadata and README content in the Bazaar marketplace, allowing malicious package authors to inject arbitrary HTML and JavaScript. Attackers can achieve remote code execution on any user browsing the Bazaar by embedding XSS payloads in package displayName, description, or
CVECVE-2026-56395
SeverityCRITICAL
TypeNEW
PublishedSun, Jun 21 · 02:16 PM CDT
ModifiedSun, Jun 21 · 02:16 PM CDT
Sun, Jun 21 · 02:16 PM CDTCVE-2026-56397
9.6/10 · Must read/watchNVDvuln
Summary
SiYuan before v3.6.1 fails to sanitize package metadata and README content in the Bazaar marketplace, allowing malicious package authors to inject arbitrary HTML and JavaScript. Attackers can achieve remote code execution on any user browsing the Bazaar by embedding XSS payloads in package displayName, description, or
CVECVE-2026-56397
SeverityCRITICAL
TypeNEW
PublishedSun, Jun 21 · 02:16 PM CDT
ModifiedSun, Jun 21 · 02:16 PM CDT
Mon, Aug 04 · 07:15 AM CDTCVE-2025-20701
8.8/10 · Worth your timeNVDvuln
Summary
In the Airoha Bluetooth audio SDK, there is a possible way to pair Bluetooth audio device without user consent. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVECVE-2025-20701
SeverityHIGH
TypeUPDATED
PublishedMon, Aug 04 · 07:15 AM CDT
ModifiedSun, Jun 21 · 09:16 AM CDT
Sat, Jun 20 · 07:16 PM CDTCVE-2026-56340
8.8/10 · Worth your timeNVDvuln
Summary
vLLM versions >= 0.10.2 and < 0.13.0 are missing sparse tensor validation in multimodal embeddings processing. Because PyTorch disables sparse tensor invariant checks by default, an attacker can submit crafted embedding requests with malformed (negative or out-of-bounds) tensor indices, when the prompt-embeds feature i
CVECVE-2026-56340
SeverityHIGH
TypeNEW
PublishedSat, Jun 20 · 07:16 PM CDT
ModifiedSat, Jun 20 · 07:16 PM CDT
Sun, Jun 21 · 02:16 PM CDTCVE-2026-56396
8.8/10 · Worth your timeNVDvuln
Summary
phpMyFAQ before 4.1.4 contains missing authorization vulnerabilities in editUser() and updateUserRights() endpoints that allow authenticated administrators to escalate privileges. Non-SuperAdmin users with edit_user permission can set is_superadmin flag or grant arbitrary rights to escalate to SuperAdmin access.
CVECVE-2026-56396
SeverityHIGH
TypeNEW
PublishedSun, Jun 21 · 02:16 PM CDT
ModifiedSun, Jun 21 · 02:16 PM CDT
Sun, Jun 21 · 02:16 PM CDTCVE-2025-71348
8.1/10 · Worth your timeNVDvuln
Summary
picklescan before 0.0.28 fails to detect malicious pickle files that invoke torch.utils._config_module.load_config function within reduce methods. Attackers can craft pickle files embedding arbitrary code that evades detection but executes during pickle.load, enabling remote code execution in supply chain attacks.
CVECVE-2025-71348
SeverityHIGH
TypeNEW
PublishedSun, Jun 21 · 02:16 PM CDT
ModifiedSun, Jun 21 · 02:16 PM CDT
Sun, Jun 21 · 02:16 PM CDTCVE-2025-71357
8.1/10 · Worth your timeNVDvuln
Summary
picklescan before 0.0.30 fails to detect malicious pickle files using idlelib.pyshell.ModifiedInterpreter.runcommand in reduce methods. Attackers can embed undetected code in pickle files that executes remote commands when loaded by victims.
CVECVE-2025-71357
SeverityHIGH
TypeNEW
PublishedSun, Jun 21 · 02:16 PM CDT
ModifiedSun, Jun 21 · 02:16 PM CDT
Sun, Jun 21 · 02:16 PM CDTCVE-2025-71378
8.1/10 · Worth your timeNVDvuln
Summary
picklescan before 0.0.30 fails to detect cProfile.runctx function calls in pickle file reduce methods, allowing attackers to execute arbitrary code. Malicious pickle files bypass picklescan detection and execute remote code when loaded via pickle.load().
CVECVE-2025-71378
SeverityHIGH
TypeNEW
PublishedSun, Jun 21 · 02:16 PM CDT
ModifiedSun, Jun 21 · 02:16 PM CDT
Sat, Jun 20 · 07:16 PM CDTCVE-2026-56345
8.1/10 · Worth your timeNVDvuln
Summary
AVideo through 29.0 contains an authorization bypass vulnerability in the Meet plugin's uploadRecordedVideo.json.php endpoint that derives the target users_id from the uploaded filename without verification. An attacker with knowledge of the Meet shared secret can craft a malicious file upload with a filename containin
CVECVE-2026-56345
SeverityHIGH
TypeNEW
PublishedSat, Jun 20 · 07:16 PM CDT
ModifiedSat, Jun 20 · 07:16 PM CDT
Sun, Jun 21 · 06:16 AM CDTCVE-2026-12778
7.8/10 · Worth your timeNVDvuln
Summary
A vulnerability has been found in AOMEI Partition Assistant up to 10.10.1. This vulnerability affects unknown code in the library ampa10.sys of the component Kernel Driver. Such manipulation leads to improper access controls. The attack must be carried out locally. The exploit has been disclosed to the public and may b
CVECVE-2026-12778
SeverityHIGH
TypeNEW
PublishedSun, Jun 21 · 06:16 AM CDT
ModifiedSun, Jun 21 · 06:16 AM CDT
Sun, Jun 21 · 06:16 AM CDTCVE-2026-12779
7.8/10 · Worth your timeNVDvuln
Summary
A vulnerability was found in AOMEI Dynamic Disk Manager up to 10.10.1. This issue affects some unknown processing in the library ddmdrv.sys of the component Kernel Driver. Performing a manipulation results in improper access controls. The attack must be initiated from a local position. The exploit has been made public
CVECVE-2026-12779
SeverityHIGH
TypeNEW
PublishedSun, Jun 21 · 06:16 AM CDT
ModifiedSun, Jun 21 · 06:16 AM CDT
Sun, Jun 21 · 06:16 AM CDTCVE-2026-12780
7.8/10 · Worth your timeNVDvuln
Summary
A vulnerability was determined in AOMEI Backupper up to 8.3.0. Impacted is an unknown function in the library amwrtdrv.sys of the component Kernel Driver. Executing a manipulation can lead to improper access controls. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized.
CVECVE-2026-12780
SeverityHIGH
TypeNEW
PublishedSun, Jun 21 · 06:16 AM CDT
ModifiedSun, Jun 21 · 06:16 AM CDT
Sun, Jun 21 · 08:16 AM CDTCVE-2026-12781
7.8/10 · Worth your timeNVDvuln
Summary
A vulnerability was identified in EaseUS Partition Master up to 14.5. The affected element is an unknown function in the library epmntdrv.sys of the component Kernel Driver. The manipulation leads to improper access controls. The attack needs to be performed locally. The exploit is publicly available and might be used.
CVECVE-2026-12781
SeverityHIGH
TypeNEW
PublishedSun, Jun 21 · 08:16 AM CDT
ModifiedSun, Jun 21 · 08:16 AM CDT
Sun, Jun 21 · 08:16 AM CDTCVE-2026-12782
7.8/10 · Worth your timeNVDvuln
Summary
A security flaw has been discovered in EaseUS Partition Master up to 14.5. The impacted element is an unknown function in the library EUEDKEPM.sys of the component Kernel Driver. The manipulation results in improper access controls. The attack requires a local approach. The exploit has been released to the public and m
CVECVE-2026-12782
SeverityHIGH
TypeNEW
PublishedSun, Jun 21 · 08:16 AM CDT
ModifiedSun, Jun 21 · 08:16 AM CDT
Sun, Jun 21 · 08:16 AM CDTCVE-2026-12784
7.8/10 · Worth your timeNVDvuln
Summary
A weakness has been identified in IM-Magic Partition Resizer up to 7.9.0. This affects an unknown function in the library MDA_NTDRV.sys of the component Kernel Driver. This manipulation causes improper access controls. The attack requires local access. The exploit has been made available to the public and could be used
CVECVE-2026-12784
SeverityHIGH
TypeNEW
PublishedSun, Jun 21 · 08:16 AM CDT
ModifiedSun, Jun 21 · 08:16 AM CDT
Sun, Jun 21 · 09:16 AM CDTCVE-2026-12786
7.8/10 · Worth your timeNVDvuln
Summary
A vulnerability has been found in Ezbsystems UltraISO Premium Edition up to 9.76. Affected by this issue is some unknown functionality in the library bootpt64.sys of the component Kernel Driver. The manipulation leads to improper access controls. Local access is required to approach this attack. The exploit has been di
CVECVE-2026-12786
SeverityHIGH
TypeNEW
PublishedSun, Jun 21 · 09:16 AM CDT
ModifiedSun, Jun 21 · 09:16 AM CDT
Sun, Jun 21 · 02:16 PM CDTCVE-2026-56239
7.6/10 · Worth your timeNVDvuln
Summary
Capgo before 12.128.2 contains a potential privilege escalation vulnerability in the public.apply_usage_overage SECURITY DEFINER function, which performs sensitive billing operations without enforcing internal authorization checks (no validation of auth.uid(), org membership, or check_min_rights). Because the function
CVECVE-2026-56239
SeverityHIGH
TypeNEW
PublishedSun, Jun 21 · 02:16 PM CDT
ModifiedSun, Jun 21 · 02:16 PM CDT
Sat, Jun 20 · 02:16 PM CDTCVE-2020-37255
7.5/10 · Worth your timeNVDvuln
Summary
WordPress Time Capsule Plugin 1.21.16 contains an authentication bypass vulnerability that allows unauthenticated attackers to gain administrative access by sending a crafted POST request with the IWP_JSON_PREFIX header. Attackers can exploit this flaw to obtain valid administrator session cookies and access the WordPr
CVECVE-2020-37255
SeverityHIGH
TypeUPDATED
PublishedSat, Jun 20 · 02:16 PM CDT
ModifiedSun, Jun 21 · 01:16 PM CDT
Sun, Jun 21 · 02:16 PM CDTCVE-2026-56242
7.5/10 · Worth your timeNVDvuln
Summary
Capgo before 12.128.2 contains an unauthenticated security definer RPC function get_identity_apikey_only that returns the owning user_id for supplied API keys, creating an API key validity oracle and user identity disclosure primitive. Attackers can call this endpoint with valid or invalid API keys to confirm key valid
CVECVE-2026-56242
SeverityHIGH
TypeNEW
PublishedSun, Jun 21 · 02:16 PM CDT
ModifiedSun, Jun 21 · 02:16 PM CDT
Sun, Jun 21 · 02:16 PM CDTCVE-2026-56253
7.5/10 · Worth your timeNVDvuln
Summary
Capgo before 12.128.2 contains an improper access control vulnerability in the public.get_org_members RPC function that allows unauthenticated attackers to enumerate organization members. Attackers can invoke the endpoint using only the public sb_publishable_* key and an organization UUID to retrieve sensitive member i
CVECVE-2026-56253
SeverityHIGH
TypeNEW
PublishedSun, Jun 21 · 02:16 PM CDT
ModifiedSun, Jun 21 · 02:16 PM CDT
Sat, Jun 20 · 07:16 PM CDTCVE-2026-56341
7.5/10 · Worth your timeNVDvuln
Summary
AVideo through version 26.0 contains multiple unauthenticated list.json.php endpoints in payment plugins lacking authorization checks, exposing PayPal tokens, Authorize.Net webhooks, and Bitcoin transaction records. Unauthenticated attackers can retrieve all payment transaction data including agreement IDs, user financ
CVECVE-2026-56341
SeverityHIGH
TypeNEW
PublishedSat, Jun 20 · 07:16 PM CDT
ModifiedSat, Jun 20 · 07:16 PM CDT