Total CVEs

143,208

Critical Severity

4,054

High Severity

14,598

Last 7 Days

1,280
Quick preset (or use dates below)
Clear Filters
πŸ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years β†’
Showing 401 - 420 of 39,613 CVEs

An authorization bypass in MISP’s EventsController::importModule() allowed authenticated users or read-only API keys with event view access to persist data to events they were not allowed to modify. When an import module returned results in the misp_standard format, the write path did not verify eve...

Vendor: misp
Product: misp
Published: Jul 08, 2026
Source: NVD
CVE-2026-60092 MEDIUM - 6.1

AVideo (Meet plugin) through commit e8d6119f3cb1b849149906efeb0a41fc024f59f8 contains a stored cross-site scripting vulnerability in the Meet plugin's getMeetInfo.json.php endpoint. When a participant joins a public meeting, the raw HTTP User-Agent header is stored (meet_join_log.user_agent) wi...

Vendor: AVideo
Product: AVideo
Published: Jul 08, 2026
Source: NVD
CVE-2026-59257 HIGH - 8.8

n8n before 1.123.61, 2.x before 2.27.4, and 2.28.x before 2.28.1 contains a SQL injection vulnerability in the legacy MySQL v1 node's executeQuery operation. The operation substitutes evaluated {{ ... }} expression values directly into the raw SQL string without parameterization. When a workflo...

Vendor: n8n
Product: n8n
Published: Jul 08, 2026
Source: NVD
CVE-2026-59253 MEDIUM - 5.0

n8n before 2.28.0 contains an improper authorization vulnerability allowing authenticated users to assign workflows to folders in other projects. Attackers can bypass project and folder authorization boundaries by supplying crafted request payloads during workflow creation, causing logical integrity...

Vendor: n8n
Product: n8n
Published: Jul 08, 2026
Source: NVD
CVE-2026-58657 MEDIUM - 4.8

Grav before 2.0.0 (affected through 2.0.0-rc.9 and the 2.0 branch) contains a stored CSS injection vulnerability in the Markdown image resize() media action. Prior media hardening rejects direct ?style= payloads and unsafe attribute() fallbacks, but the resize() action in Excerpts::processMediaActio...

Vendor: Grav
Product: Grav
Published: Jul 08, 2026
Source: NVD
CVE-2026-58656 HIGH - 7.5

Grav API plugin before v1.0.0-rc.16 accepts JWT tokens via the ?token= URL query parameter and responds with Access-Control-Allow-Origin: *, allowing unauthenticated attackers to make fully authenticated cross-origin API requests from any malicious website. Attackers who obtain a leaked JWT token fr...

Vendor: getgrav
Product: grav
Published: Jul 08, 2026
Source: NVD
CVE-2026-58654 MEDIUM - 4.3

The Grav API plugin (getgrav/grav-plugin-api) 1.0.0 contains an unrestricted file upload vulnerability in the avatar upload endpoint (/api/v1/users/user/avatar). The endpoint validates only the client-declared MIME type (getClientMediaType) beginning with 'image/' and does not inspect the ...

Vendor: Grav
Product: Grav
Published: Jul 08, 2026
Source: NVD
CVE-2026-58480 CRITICAL - 9.8

Blocksy Companion Pro plugin for WordPress before 2.1.47 contains an unauthenticated arbitrary file upload vulnerability that allows attackers to upload executable files by bypassing extension validation in the save_attachments function exposed through the Advanced Reviews feature. Attackers can exp...

Vendor: Creative Themes
Product: Blocksy Companion
Published: Jul 08, 2026
Source: NVD
CVE-2026-56778 MEDIUM - 6.4

n8n before 2.25.7 and 2.26.x before 2.26.2 contains an authorization bypass in the Public API execution retry endpoint, which authorizes access using the workflow:read scope instead of workflow:execute. An authenticated user with read-only access to a shared workflow can use the Public API to retry ...

Vendor: n8n
Product: n8n
Published: Jul 08, 2026
Source: NVD
CVE-2026-56776 HIGH - 7.4

n8n before 1.123.55, 2.25.7, and 2.26.2 contains an authorization bypass in the POST /workflows/{workflowId}/test-runs/new endpoint, which authorizes access using the workflow:read scope instead of workflow:execute. An authenticated user with read-only access to a workflow can trigger a real evaluat...

Vendor: n8n
Product: n8n
Published: Jul 08, 2026
Source: NVD
CVE-2026-56775 MEDIUM - 5.4

n8n before 1.123.55, 2.25.7, and 2.26.2 contains an authorization vulnerability in three mutating evaluation test-run endpoints that authorize state-changing actions using the workflow:read scope instead of the action-appropriate workflow:execute scope. On instances using Advanced Permissions (Enter...

Vendor: n8n
Product: n8n
Published: Jul 08, 2026
Source: NVD
CVE-2026-56401 MEDIUM - 6.5

Wazuh wazuh-modulesd before 5.0.0-beta3 contains a null pointer dereference vulnerability in inventory_sync FlatBuffer DataValue handling. An enrolled agent can send a verifier-valid DataValue message omitting the optional id field, causing wazuh-modulesd to crash when dereferencing data->id()-&g...

Vendor: Wazuh
Product: Wazuh
Published: Jul 08, 2026
Source: NVD

ImageMagick before 7.1.2-19 contains a heap buffer overflow vulnerability in the FTXT encoder due to missing boundary checks when parsing ftxt:format. Remote attackers can trigger an out of bounds read by crafting malicious FTXT image files to cause denial of service or information disclosure.

Vendor: ImageMagick
Product: ImageMagick
Published: Jul 08, 2026
Source: NVD

ImageMagick before 7.1.2-15 contains a heap-buffer-overflow read vulnerability in GetPixelIndex caused by OpenPixelCache updating image channel metadata before pixel cache memory allocation. Attackers can trigger memory and disk allocation failures to cause a heap-buffer-overflow read affecting any ...

Vendor: ImageMagick
Product: ImageMagick
Published: Jul 08, 2026
Source: NVD
CVE-2026-56360 MEDIUM - 4.0

n8n before versions 1.123.18 and 2.6.2 fails to verify HMAC-SHA256 signatures on Zendesk webhooks in the ZendeskTrigger node. Attackers who know the webhook URL can send unsigned POST requests to trigger workflows with arbitrary malicious data.

Vendor: n8n
Product: n8n
Published: Jul 08, 2026
Source: NVD
CVE-2026-56359 MEDIUM - 5.4

n8n before 2.8.0 contains a cross-site scripting vulnerability in the credential management flow where authenticated users can inject malicious JavaScript URLs into OAuth2 credential Authorization URL fields. Attackers can craft malicious credentials and trick victims into clicking the OAuth authori...

Vendor: n8n
Product: n8n
Published: Jul 08, 2026
Source: NVD
CVE-2026-56298 MEDIUM - 4.3

Capgo before 12.128.2 fails to strip EXIF metadata from images uploaded via the app information endpoint, exposing sensitive geolocation data. Attackers can upload images containing EXIF metadata to extract geographic location information and other embedded metadata from uploaded files.

Vendor: Capgo
Product: Capgo
Published: Jul 08, 2026
Source: NVD
CVE-2026-56297 HIGH - 7.0

FreeRDP before 3.22.0 contains a use-after-free vulnerability in dvcman_channel_close and dvcman_call_on_receive due to improper synchronization of channel_callback access. A malicious RDP server can trigger a race condition by sending DYNVC_DATA and DYNVC_CLOSE messages concurrently, causing heap-u...

Vendor: FreeRDP
Product: FreeRDP
Published: Jul 08, 2026
Source: NVD
CVE-2026-56293 MEDIUM - 5.4

Capgo before 12.128.2 contains an authorization flaw in transfer_app() that fails to update deploy_history.owner_org when transferring applications between organizations. Attackers can exploit this omission to retain unauthorized access to deployment history records in the source organization or cau...

Vendor: Capgo
Product: Capgo
Published: Jul 08, 2026
Source: NVD
CVE-2026-56284 MEDIUM - 5.3

Capgo (Cap-go/capgo) before 12.128.2 contains an information disclosure vulnerability in the Supabase PostgREST RPC function public.get_total_metrics(org_id), which is callable by the anon role using only the public sb_publishable_* key. An unauthenticated attacker can probe organization existence a...

Vendor: Cap-go
Product: capgo
Published: Jul 08, 2026
Source: NVD