NocoDB: Server-Side Request Forgery via Spreadsheet Import Endpoint
NocoDB: Server-Side Request Forgery via Base Migration URL
NocoDB: Stored Cross-Site Scripting via Secure Attachment
NocoDB: Refresh Tokens Persist Through Password Recovery
NocoDB: Server-Side Request Forgery via Spreadsheet Fetch URL
vLLM: OOM Denial of Service via Audio Decompression Bomb
vLLM: incomplete CVE-2026-22778 fix leaks PIL repr addresses via Anthropic router
vLLM: GGUF dequantize kernel int truncation exposes uninitialized GPU memory in multi-tenant serving
vLLM: temperature=NaN and temperature=Infinity bypass validation and propagate to GPU kernels
Traefik: Kubernetes Gateway crossProviderNamespaces bypass allows HTTPRoute outside the allowlist to expose internal Traefik services
Chrome DevTools for agents: daemon.pid write follows symlinks in /tmp fallback runtime directory
Pi Agent: Pi loads project-local extensions without approval
Pi Agent: Predictable temporary extension install paths allow local privilege escalation on shared Linux hosts
Pi Agent: Race condition in Pi auth.json writes could expose stored credentials
Unauthenticated Arbitrary File Download in WP Media folder Addon <= 4.0.1 versions.
The Taskbuilder WordPress plugin before 5.0.8 does not properly sanitise a URL parameter before echoing it into inline JavaScript on a frontend page containing one of its shortcodes, leading to a Reflected Cross-Site Scripting vulnerability that can be triggered against any logged-in user.
The Points Management System For Gamification, Ranks, Badges, and Loyalty Rewards Program โ myCred plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'wrap' Shortcode Attribute in all versions up to, and including, 3.1 due to insufficient input sanitization and output es...
The Permalink Manager Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via post titles in the admin URI Editor interface in all versions up to, and including, 2.5.3.3 due to insufficient output escaping. This makes it possible for authenticated attackers, with Contributor-level...
The LearnPress WordPress plugin before 4.3.7 does not gate the `edit` context on one of its REST endpoint behind the `edit_users` capability, allowing unauthenticated visitors to retrieve each returned user's roles, full capabilities map, extra capabilities, locale, and registration date via a...
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.