{
"Source": "CVE FEED",
"Title": "CVE-2026-41671 - Admidio: OIDC Token Introspection Endpoint Returns Active for All Tokens Without Validation",
"Content": "CVE ID :CVE-2026-41671
Published : May 7, 2026, 4:16 a.m. | 27 minutes ago
Description :Admidio is an open-source user management solution. Prior to version 5.0.9, the OIDC token introspection endpoint (/modules/sso/index.php/oidc/introspect) always returns {"active": true} for every request, regardless of whether a valid token is provided, whether the token is expired, revoked, or completely fabricated. The endpoint performs no authentication of the calling resource server and no validation of the submitted token. Any resource server that relies on this introspection endpoint to validate access tokens will accept all requests as authorized, enabling complete authentication bypass. Additionally, the OIDC token revocation endpoint (/oidc/revoke) returns {"revoked": true} without actually revoking any token, preventing resource servers from invalidating compromised credentials. This issue has been patched in version 5.0.9.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 May 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
"Source": "CVE FEED",
"Title": "CVE-2026-41671 - Admidio: OIDC Token Introspection Endpoint Returns Active for All Tokens Without Validation",
"Content": "CVE ID :CVE-2026-41671
Published : May 7, 2026, 4:16 a.m. | 27 minutes ago
Description :Admidio is an open-source user management solution. Prior to version 5.0.9, the OIDC token introspection endpoint (/modules/sso/index.php/oidc/introspect) always returns {"active": true} for every request, regardless of whether a valid token is provided, whether the token is expired, revoked, or completely fabricated. The endpoint performs no authentication of the calling resource server and no validation of the submitted token. Any resource server that relies on this introspection endpoint to validate access tokens will accept all requests as authorized, enabling complete authentication bypass. Additionally, the OIDC token revocation endpoint (/oidc/revoke) returns {"revoked": true} without actually revoking any token, preventing resource servers from invalidating compromised credentials. This issue has been patched in version 5.0.9.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 May 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
{
"Source": "CVE FEED",
"Title": "CVE-2026-41662 - Admidio: Missing Minimum Administrator Check in Role Membership Removal",
"Content": "CVE ID :CVE-2026-41662
Published : May 7, 2026, 4:16 a.m. | 27 minutes ago
Description :Admidio is an open-source user management solution. Prior to version 5.0.9, Role::stopMembership() does not verify whether removing a user from the administrator role leaves zero administrators. The deprecated Membership::stopMembership() contains this safety check, but the current code path bypasses it. Any administrator can remove the last remaining other administrator, locking the entire system out of administrative access. The exploit does not require concurrent requests; sequential removals produce the same result. This issue has been patched in version 5.0.9.
Severity: 5.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 May 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
"Source": "CVE FEED",
"Title": "CVE-2026-41662 - Admidio: Missing Minimum Administrator Check in Role Membership Removal",
"Content": "CVE ID :CVE-2026-41662
Published : May 7, 2026, 4:16 a.m. | 27 minutes ago
Description :Admidio is an open-source user management solution. Prior to version 5.0.9, Role::stopMembership() does not verify whether removing a user from the administrator role leaves zero administrators. The deprecated Membership::stopMembership() contains this safety check, but the current code path bypasses it. Any administrator can remove the last remaining other administrator, locking the entire system out of administrative access. The exploit does not require concurrent requests; sequential removals produce the same result. This issue has been patched in version 5.0.9.
Severity: 5.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 May 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
{
"Source": "CVE FEED",
"Title": "CVE-2026-41663 - Admidio: CSRF on Admin Preferences Triggers Unauthorized Backup, .htaccess Write, and Email Send",
"Content": "CVE ID :CVE-2026-41663
Published : May 7, 2026, 4:16 a.m. | 27 minutes ago
Description :Admidio is an open-source user management solution. Prior to version 5.0.9, several administrative operations in Admidio's preferences module (database backup, test email, htaccess generation) fire via GET requests with no CSRF token validation. Because SameSite=Lax cookies travel with top-level GET navigations, an attacker forces an authenticated admin to trigger these actions from a malicious page. This issue has been patched in version 5.0.9.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 May 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
"Source": "CVE FEED",
"Title": "CVE-2026-41663 - Admidio: CSRF on Admin Preferences Triggers Unauthorized Backup, .htaccess Write, and Email Send",
"Content": "CVE ID :CVE-2026-41663
Published : May 7, 2026, 4:16 a.m. | 27 minutes ago
Description :Admidio is an open-source user management solution. Prior to version 5.0.9, several administrative operations in Admidio's preferences module (database backup, test email, htaccess generation) fire via GET requests with no CSRF token validation. Because SameSite=Lax cookies travel with top-level GET navigations, an attacker forces an authenticated admin to trigger these actions from a malicious page. This issue has been patched in version 5.0.9.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 May 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
{
"Source": "CVE FEED",
"Title": "CVE-2026-41669 - Admidio: SAML Signature Validation Result Ignored β Forged AuthnRequests and LogoutRequests Processed",
"Content": "CVE ID :CVE-2026-41669
Published : May 7, 2026, 4:16 a.m. | 27 minutes ago
Description :Admidio is an open-source user management solution. Prior to version 5.0.9, the Admidio SAML Identity Provider implementation discards the return value of its validateSignature() method at both call sites (handleSSORequest() line 418 and handleSLORequest() line 613). The method returns error strings on failure rather than throwing exceptions, but the developer believed it would throw (per comments on lines 416 and 611). This means the smc_require_auth_signed configuration option is completely ineffective β unsigned or invalidly-signed SAML AuthnRequests and LogoutRequests are processed identically to properly signed ones. This issue has been patched in version 5.0.9.
Severity: 8.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 May 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
"Source": "CVE FEED",
"Title": "CVE-2026-41669 - Admidio: SAML Signature Validation Result Ignored β Forged AuthnRequests and LogoutRequests Processed",
"Content": "CVE ID :CVE-2026-41669
Published : May 7, 2026, 4:16 a.m. | 27 minutes ago
Description :Admidio is an open-source user management solution. Prior to version 5.0.9, the Admidio SAML Identity Provider implementation discards the return value of its validateSignature() method at both call sites (handleSSORequest() line 418 and handleSLORequest() line 613). The method returns error strings on failure rather than throwing exceptions, but the developer believed it would throw (per comments on lines 416 and 611). This means the smc_require_auth_signed configuration option is completely ineffective β unsigned or invalidly-signed SAML AuthnRequests and LogoutRequests are processed identically to properly signed ones. This issue has been patched in version 5.0.9.
Severity: 8.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 May 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
{
"Source": "CVE FEED",
"Title": "CVE-2026-41670 - Admidio: SAML Response Sent to Unvalidated Assertion Consumer Service URL from AuthnRequest",
"Content": "CVE ID :CVE-2026-41670
Published : May 7, 2026, 4:16 a.m. | 27 minutes ago
Description :Admidio is an open-source user management solution. Prior to version 5.0.9, the SAML IdP implementation in Admidio's SSO module uses the AssertionConsumerServiceURL value directly from incoming SAML AuthnRequest messages as the destination for the SAML response, without validating it against the registered ACS URL (smc_acs_url) stored in the database for the corresponding service provider client. An attacker who knows the Entity ID of a registered SP client can craft a SAML AuthnRequest with an arbitrary AssertionConsumerServiceURL, causing the IdP to send the signed SAML response -- containing user identity attributes (login name, email, roles, profile fields) -- to an attacker-controlled URL. This issue has been patched in version 5.0.9.
Severity: 8.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 May 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
"Source": "CVE FEED",
"Title": "CVE-2026-41670 - Admidio: SAML Response Sent to Unvalidated Assertion Consumer Service URL from AuthnRequest",
"Content": "CVE ID :CVE-2026-41670
Published : May 7, 2026, 4:16 a.m. | 27 minutes ago
Description :Admidio is an open-source user management solution. Prior to version 5.0.9, the SAML IdP implementation in Admidio's SSO module uses the AssertionConsumerServiceURL value directly from incoming SAML AuthnRequest messages as the destination for the SAML response, without validating it against the registered ACS URL (smc_acs_url) stored in the database for the corresponding service provider client. An attacker who knows the Entity ID of a registered SP client can craft a SAML AuthnRequest with an arbitrary AssertionConsumerServiceURL, causing the IdP to send the signed SAML response -- containing user identity attributes (login name, email, roles, profile fields) -- to an attacker-controlled URL. This issue has been patched in version 5.0.9.
Severity: 8.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 May 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
{
"Source": "CVE FEED",
"Title": "CVE-2026-41658 - Admidio: Missing Authorization on Inventory Module Destructive Endpoints Allows Any Authenticated User to Delete Items",
"Content": "CVE ID :CVE-2026-41658
Published : May 7, 2026, 4:16 a.m. | 27 minutes ago
Description :Admidio is an open-source user management solution. Prior to version 5.0.9, the Admidio inventory module enforces authorization for destructive operations (delete, retire, reinstate) only in the UI layer by conditionally rendering buttons. The backend POST handlers at modules/inventory.php for item_delete, item_retire, item_reinstate, item_picture_upload, item_picture_save, and item_picture_delete perform CSRF validation but never check whether the requesting user is an inventory administrator. Any authenticated user who can access the inventory module can permanently delete any inventory item and all its associated data. This issue has been patched in version 5.0.9.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 May 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
"Source": "CVE FEED",
"Title": "CVE-2026-41658 - Admidio: Missing Authorization on Inventory Module Destructive Endpoints Allows Any Authenticated User to Delete Items",
"Content": "CVE ID :CVE-2026-41658
Published : May 7, 2026, 4:16 a.m. | 27 minutes ago
Description :Admidio is an open-source user management solution. Prior to version 5.0.9, the Admidio inventory module enforces authorization for destructive operations (delete, retire, reinstate) only in the UI layer by conditionally rendering buttons. The backend POST handlers at modules/inventory.php for item_delete, item_retire, item_reinstate, item_picture_upload, item_picture_save, and item_picture_delete perform CSRF validation but never check whether the requesting user is an inventory administrator. Any authenticated user who can access the inventory module can permanently delete any inventory item and all its associated data. This issue has been patched in version 5.0.9.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 May 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
{
"Source": "CVE FEED",
"Title": "CVE-2026-41659 - Admidio: Hidden Profile Field Values Leaked via Blind Search Oracle in Member Assignment",
"Content": "CVE ID :CVE-2026-41659
Published : May 7, 2026, 4:16 a.m. | 27 minutes ago
Description :Admidio is an open-source user management solution. Prior to version 5.0.9, the member assignment DataTables endpoint (members_assignment_data.php) includes hidden profile fields (BIRTHDAY, STREET, CITY, POSTCODE, COUNTRY) in its SQL search condition regardless of field visibility settings. While the JSON output correctly suppresses hidden columns via isVisible() checks, the server-side search operates at the SQL level before any visibility filtering. This allows a role leader with assign-only permissions to infer hidden PII values by observing which users appear in search results for specific values. This issue has been patched in version 5.0.9.
Severity: 2.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 May 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
"Source": "CVE FEED",
"Title": "CVE-2026-41659 - Admidio: Hidden Profile Field Values Leaked via Blind Search Oracle in Member Assignment",
"Content": "CVE ID :CVE-2026-41659
Published : May 7, 2026, 4:16 a.m. | 27 minutes ago
Description :Admidio is an open-source user management solution. Prior to version 5.0.9, the member assignment DataTables endpoint (members_assignment_data.php) includes hidden profile fields (BIRTHDAY, STREET, CITY, POSTCODE, COUNTRY) in its SQL search condition regardless of field visibility settings. While the JSON output correctly suppresses hidden columns via isVisible() checks, the server-side search operates at the SQL level before any visibility filtering. This allows a role leader with assign-only permissions to infer hidden PII values by observing which users appear in search results for specific values. This issue has been patched in version 5.0.9.
Severity: 2.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 May 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
{
"Source": "CVE FEED",
"Title": "CVE-2026-41641 - NocoBase Vulnerable to SQL Validation Bypass via `sqlCollection:update` Missing `checkSQL` Call",
"Content": "CVE ID :CVE-2026-41641
Published : May 7, 2026, 6:16 a.m. | 28 minutes ago
Description :NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to version 2.0.39, the checkSQL() validation function that blocks dangerous SQL keywords (e.g., pg_read_file, LOAD_FILE, dblink) is applied on the collections:create and sqlCollection:execute endpoints but is entirely missing on the sqlCollection:update endpoint. An attacker with collection management permissions can create a SQL collection with benign SQL, then update it with arbitrary SQL that bypasses all validation, and query the collection to execute the injected SQL and exfiltrate data. This issue has been patched in version 2.0.39.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 May 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
"Source": "CVE FEED",
"Title": "CVE-2026-41641 - NocoBase Vulnerable to SQL Validation Bypass via `sqlCollection:update` Missing `checkSQL` Call",
"Content": "CVE ID :CVE-2026-41641
Published : May 7, 2026, 6:16 a.m. | 28 minutes ago
Description :NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to version 2.0.39, the checkSQL() validation function that blocks dangerous SQL keywords (e.g., pg_read_file, LOAD_FILE, dblink) is applied on the collections:create and sqlCollection:execute endpoints but is entirely missing on the sqlCollection:update endpoint. An attacker with collection management permissions can create a SQL collection with benign SQL, then update it with arbitrary SQL that bypasses all validation, and query the collection to execute the injected SQL and exfiltrate data. This issue has been patched in version 2.0.39.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 May 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
{
"Source": "CVE FEED",
"Title": "CVE-2026-4348 - BetterDocs Pro <= 3.7.0 - unauthenticated sql injection via encyclopedia 'limit' parameter",
"Content": "CVE ID :CVE-2026-4348
Published : May 7, 2026, 6:16 a.m. | 28 minutes ago
Description :The BetterDocs Pro plugin for WordPress is vulnerable to SQL Injection via the `get_current_letter_docs` and `docs_sort_by_letter` AJAX actions in all versions up to, and including, 3.7.0. This is due to the `limit` POST parameter being interpolated directly into a SQL query string before being passed to `$wpdb->prepare()`, which only parameterizes other variables. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. The Encyclopedia feature must be enabled in BetterDocs Pro settings for the vulnerability to be exploitable.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 May 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
"Source": "CVE FEED",
"Title": "CVE-2026-4348 - BetterDocs Pro <= 3.7.0 - unauthenticated sql injection via encyclopedia 'limit' parameter",
"Content": "CVE ID :CVE-2026-4348
Published : May 7, 2026, 6:16 a.m. | 28 minutes ago
Description :The BetterDocs Pro plugin for WordPress is vulnerable to SQL Injection via the `get_current_letter_docs` and `docs_sort_by_letter` AJAX actions in all versions up to, and including, 3.7.0. This is due to the `limit` POST parameter being interpolated directly into a SQL query string before being passed to `$wpdb->prepare()`, which only parameterizes other variables. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. The Encyclopedia feature must be enabled in BetterDocs Pro settings for the vulnerability to be exploitable.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 May 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
{
"Source": "CVE FEED",
"Title": "CVE-2026-6692 - Slider Revolution 7.0.0 - 7.0.10 - Authenticated (Subscriber+) Arbitrary File Upload via _get_media_url",
"Content": "CVE ID :CVE-2026-6692
Published : May 7, 2026, 6:16 a.m. | 28 minutes ago
Description :The Slider Revolution plugin for WordPress is vulnerable to Arbitrary File Upload in versions 7.0.0 to 7.0.10 via the '_get_media_url' and '_check_file_path' function. This is due to insufficient file type validation. This makes it possible for authenticated attackers, with subscriber-level access and above, to upload files that may be executable, which makes remote code execution possible. The vulnerability was partially patched in version 7.0.10 and fully patched in version 7.0.11.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 May 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
"Source": "CVE FEED",
"Title": "CVE-2026-6692 - Slider Revolution 7.0.0 - 7.0.10 - Authenticated (Subscriber+) Arbitrary File Upload via _get_media_url",
"Content": "CVE ID :CVE-2026-6692
Published : May 7, 2026, 6:16 a.m. | 28 minutes ago
Description :The Slider Revolution plugin for WordPress is vulnerable to Arbitrary File Upload in versions 7.0.0 to 7.0.10 via the '_get_media_url' and '_check_file_path' function. This is due to insufficient file type validation. This makes it possible for authenticated attackers, with subscriber-level access and above, to upload files that may be executable, which makes remote code execution possible. The vulnerability was partially patched in version 7.0.10 and fully patched in version 7.0.11.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 May 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
{
"Source": "CVE FEED",
"Title": "CVE-2026-7252 - WP-Optimize <= 4.5.2 - authenticated (author+) arbitrary file deletion via 'original-file' post meta",
"Content": "CVE ID :CVE-2026-7252
Published : May 7, 2026, 6:16 a.m. | 28 minutes ago
Description :The WP-Optimize β Cache, Compress images, Minify & Clean database to boost page speed & performance plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the unscheduled_original_file_deletion function in all versions up to, and including, 4.5.2 This makes it possible for authenticated attackers, with author-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). This is possible because 'original-file' is a public (non-protected) meta key β it does not begin with an underscore β allowing Authors to freely create or modify it on their own attachment posts via the standard Edit Media form or the REST API.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 May 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
"Source": "CVE FEED",
"Title": "CVE-2026-7252 - WP-Optimize <= 4.5.2 - authenticated (author+) arbitrary file deletion via 'original-file' post meta",
"Content": "CVE ID :CVE-2026-7252
Published : May 7, 2026, 6:16 a.m. | 28 minutes ago
Description :The WP-Optimize β Cache, Compress images, Minify & Clean database to boost page speed & performance plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the unscheduled_original_file_deletion function in all versions up to, and including, 4.5.2 This makes it possible for authenticated attackers, with author-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). This is possible because 'original-file' is a public (non-protected) meta key β it does not begin with an underscore β allowing Authors to freely create or modify it on their own attachment posts via the standard Edit Media form or the REST API.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 May 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
{
"Source": "CVE FEED",
"Title": "CVE-2026-8063 - Post-auth null pointer dereference when aggregating against a view with empty search pipeline",
"Content": "CVE ID :CVE-2026-8063
Published : May 7, 2026, 6:16 a.m. | 28 minutes ago
Description :An authenticated user can crash mongod when running $rankFusion or $scoreFusion with an empty pipeline on a view.
When resolving a view, the server inspects the aggregation pipeline to determine whether it begins with an Atlas Search stage. For $rankFusion and $scoreFusion, this inspection reads the first element on each stageβs input pipeline array without first verifying that the array is non-empty. Supplying an empty pipeline causes a null pointer dereference and crashes the server.
This issue affects MongoDB Server 8.2 versions prior to 8.2.7.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 May 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
"Source": "CVE FEED",
"Title": "CVE-2026-8063 - Post-auth null pointer dereference when aggregating against a view with empty search pipeline",
"Content": "CVE ID :CVE-2026-8063
Published : May 7, 2026, 6:16 a.m. | 28 minutes ago
Description :An authenticated user can crash mongod when running $rankFusion or $scoreFusion with an empty pipeline on a view.
When resolving a view, the server inspects the aggregation pipeline to determine whether it begins with an Atlas Search stage. For $rankFusion and $scoreFusion, this inspection reads the first element on each stageβs input pipeline array without first verifying that the array is non-empty. Supplying an empty pipeline causes a null pointer dereference and crashes the server.
This issue affects MongoDB Server 8.2 versions prior to 8.2.7.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 May 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
{
"Source": "CVE FEED",
"Title": "CVE-2026-41139 - Unsafe array index getter in mathjs",
"Content": "CVE ID :CVE-2026-41139
Published : May 7, 2026, 6:16 a.m. | 28 minutes ago
Description :Math.js is an extensive math library for JavaScript and Node.js. From version 13.1.0 to before version 15.2.0, arbitrary JavaScript can be executed via the expression parser of mathjs. This issue has been patched in version 15.2.0.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 May 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
"Source": "CVE FEED",
"Title": "CVE-2026-41139 - Unsafe array index getter in mathjs",
"Content": "CVE ID :CVE-2026-41139
Published : May 7, 2026, 6:16 a.m. | 28 minutes ago
Description :Math.js is an extensive math library for JavaScript and Node.js. From version 13.1.0 to before version 15.2.0, arbitrary JavaScript can be executed via the expression parser of mathjs. This issue has been patched in version 15.2.0.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 May 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
{
"Source": "CVE FEED",
"Title": "CVE-2026-41143 - YesWiki vulnerable to authenticated SQL Injection via id_fiche in EntryManager::formatDataBeforeSave()",
"Content": "CVE ID :CVE-2026-41143
Published : May 7, 2026, 6:16 a.m. | 28 minutes ago
Description :YesWiki is a wiki system written in PHP. Prior to version 4.6.1, YesWiki bazar module contains a SQL injection vulnerability in tools/bazar/services/EntryManager.php at line 704. The $data['id_fiche'] value (sourced from $_POST['id_fiche']) is concatenated directly into a raw SQL query without any sanitization or parameterization. This issue has been patched in version 4.6.1.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 May 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
"Source": "CVE FEED",
"Title": "CVE-2026-41143 - YesWiki vulnerable to authenticated SQL Injection via id_fiche in EntryManager::formatDataBeforeSave()",
"Content": "CVE ID :CVE-2026-41143
Published : May 7, 2026, 6:16 a.m. | 28 minutes ago
Description :YesWiki is a wiki system written in PHP. Prior to version 4.6.1, YesWiki bazar module contains a SQL injection vulnerability in tools/bazar/services/EntryManager.php at line 704. The $data['id_fiche'] value (sourced from $_POST['id_fiche']) is concatenated directly into a raw SQL query without any sanitization or parameterization. This issue has been patched in version 4.6.1.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 May 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
{
"Source": "CVE FEED",
"Title": "CVE-2026-41413 - Istio Vulnerable to SSRF via RequestAuthentication jwksUri",
"Content": "CVE ID :CVE-2026-41413
Published : May 7, 2026, 6:16 a.m. | 28 minutes ago
Description :Istio is an open platform to connect, manage, and secure microservices. Prior to versions 1.28.6 and 1.29.2, when a RequestAuthentication resource is created with a jwksUri pointing to an internal service, istiod makes an unauthenticated HTTP GET request to that URL without filtering out localhost or link local ips. This can result in sensitive data being distributed to Envoy proxies via xDS configuration. This issue has been patched in versions 1.28.6 and 1.29.2.
Severity: 5.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 May 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
"Source": "CVE FEED",
"Title": "CVE-2026-41413 - Istio Vulnerable to SSRF via RequestAuthentication jwksUri",
"Content": "CVE ID :CVE-2026-41413
Published : May 7, 2026, 6:16 a.m. | 28 minutes ago
Description :Istio is an open platform to connect, manage, and secure microservices. Prior to versions 1.28.6 and 1.29.2, when a RequestAuthentication resource is created with a jwksUri pointing to an internal service, istiod makes an unauthenticated HTTP GET request to that URL without filtering out localhost or link local ips. This can result in sensitive data being distributed to Envoy proxies via xDS configuration. This issue has been patched in versions 1.28.6 and 1.29.2.
Severity: 5.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 May 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
{
"Source": "CVE FEED",
"Title": "CVE-2026-41586 - ObjectInputStream.readObject() without ObjectInputFilter in fabric-sdk-java allows Java deserialization RCE",
"Content": "CVE ID :CVE-2026-41586
Published : May 7, 2026, 6:16 a.m. | 28 minutes ago
Description :Hyperledger Fabric is an enterprise-grade permissioned distributed ledger framework for developing solutions and applications. From versions 1.0.0 to 2.2.26, Channel.java implements readObject() and exposes deSerializeChannel() which call ObjectInputStream.readObject() on untrusted byte arrays without configuring an ObjectInputFilter. This is a classic Java deserialization RCE pattern. At time of publication, there are no publicly available patches.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 May 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
"Source": "CVE FEED",
"Title": "CVE-2026-41586 - ObjectInputStream.readObject() without ObjectInputFilter in fabric-sdk-java allows Java deserialization RCE",
"Content": "CVE ID :CVE-2026-41586
Published : May 7, 2026, 6:16 a.m. | 28 minutes ago
Description :Hyperledger Fabric is an enterprise-grade permissioned distributed ledger framework for developing solutions and applications. From versions 1.0.0 to 2.2.26, Channel.java implements readObject() and exposes deSerializeChannel() which call ObjectInputStream.readObject() on untrusted byte arrays without configuring an ObjectInputFilter. This is a classic Java deserialization RCE pattern. At time of publication, there are no publicly available patches.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 May 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
{
"Source": "CVE FEED",
"Title": "CVE-2025-9661 - OS command injection vulneravility in the management gui (maintenance utility) of Hitachi Virtual Storage Platform One Block 23/24/26/28",
"Content": "CVE ID :CVE-2025-9661
Published : May 7, 2026, 8:16 a.m. | 31 minutes ago
Description :OS command injection vulneravility in the management gui (maintenance utility) of Hitachi Virtual Storage Platform One Block 23, 24, 26 and 28.
This issue affects Hitachi Virtual Storage Platform One Block 23/24/26/28: before DKCMAIN A3-04-21-40/00, ESM A3-04-21/00.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 May 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
"Source": "CVE FEED",
"Title": "CVE-2025-9661 - OS command injection vulneravility in the management gui (maintenance utility) of Hitachi Virtual Storage Platform One Block 23/24/26/28",
"Content": "CVE ID :CVE-2025-9661
Published : May 7, 2026, 8:16 a.m. | 31 minutes ago
Description :OS command injection vulneravility in the management gui (maintenance utility) of Hitachi Virtual Storage Platform One Block 23, 24, 26 and 28.
This issue affects Hitachi Virtual Storage Platform One Block 23/24/26/28: before DKCMAIN A3-04-21-40/00, ESM A3-04-21/00.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 May 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
{
"Source": "CVE FEED",
"Title": "CVE-2026-44406 - DLL Hijacking Vulnerability in ZTE Cloud PC Client uSmartview",
"Content": "CVE ID :CVE-2026-44406
Published : May 7, 2026, 8:16 a.m. | 31 minutes ago
Description :ZTE Cloud PC client uSmartView contains a DLL hijacking vulnerability; since uSmartViewServiceAgent.exe runs with SYSTEM privileges, successful hijacking enables local arbitrary code execution, privilege escalation, and memory corruption.contains a DLL hijacking vulnerability; since uSmartViewServiceAgent.exe runs with SYSTEM privileges, successful hijacking enables local arbitrary code execution, privilege escalation, and memory corruption.
Severity: 5.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 May 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
"Source": "CVE FEED",
"Title": "CVE-2026-44406 - DLL Hijacking Vulnerability in ZTE Cloud PC Client uSmartview",
"Content": "CVE ID :CVE-2026-44406
Published : May 7, 2026, 8:16 a.m. | 31 minutes ago
Description :ZTE Cloud PC client uSmartView contains a DLL hijacking vulnerability; since uSmartViewServiceAgent.exe runs with SYSTEM privileges, successful hijacking enables local arbitrary code execution, privilege escalation, and memory corruption.contains a DLL hijacking vulnerability; since uSmartViewServiceAgent.exe runs with SYSTEM privileges, successful hijacking enables local arbitrary code execution, privilege escalation, and memory corruption.
Severity: 5.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 May 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
{
"Source": "CVE FEED",
"Title": "CVE-2026-4430 - Heap Buffer Overflow in AgileEngine",
"Content": "CVE ID :CVE-2026-4430
Published : May 7, 2026, 8:16 a.m. | 31 minutes ago
Description :Out-of-bounds write vulnerability in The Document Foundation LibreOffice via crafted OOXML documents with mismatched encryption salt parameters.
This issue affects LibreOffice: from 26.2 before 26.2.3, from 25.8 before 25.8.7.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 May 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
"Source": "CVE FEED",
"Title": "CVE-2026-4430 - Heap Buffer Overflow in AgileEngine",
"Content": "CVE ID :CVE-2026-4430
Published : May 7, 2026, 8:16 a.m. | 31 minutes ago
Description :Out-of-bounds write vulnerability in The Document Foundation LibreOffice via crafted OOXML documents with mismatched encryption salt parameters.
This issue affects LibreOffice: from 26.2 before 26.2.3, from 25.8 before 25.8.7.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 May 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
{
"Source": "CVE FEED",
"Title": "CVE-2025-1978 - Remote Code Execution Vulnerability in Hitachi Storage Navigator and the maintenance console",
"Content": "CVE ID :CVE-2025-1978
Published : May 7, 2026, 8:05 a.m. | 41 minutes ago
Description :Remote Code Execution Vulnerability in Hitachi Storage Navigator and the maintenance console in Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H, Hitachi Virtual Storage Platform One Block 23, One Block 24, One Block 26, One Block 28.
This issue affects Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H, Hitachi Virtual Storage Platform One Block 23, One Block 24, One Block 26, One Block 28 : before DKCMAIN Ver. 88-08-16-xx/00, SVP Ver. 88-08-18-xx/00, before DKCMAIN Ver. 93-07-26-xx/00, SVP Ver. 93-07-26-xx/00, before DKCMAIN Ver. A3-04-02-xx/00, MPC Ver. A3-04-02-xx/00, before DKCMAIN Ver. A3-03-41-xx/00, MPC Ver. A3-03-41-xx/00, before DKCMAIN Ver. A3-03-03-xx/00, MPC Ver. A3-03-03-xx/00.
Severity: 8.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 May 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
"Source": "CVE FEED",
"Title": "CVE-2025-1978 - Remote Code Execution Vulnerability in Hitachi Storage Navigator and the maintenance console",
"Content": "CVE ID :CVE-2025-1978
Published : May 7, 2026, 8:05 a.m. | 41 minutes ago
Description :Remote Code Execution Vulnerability in Hitachi Storage Navigator and the maintenance console in Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H, Hitachi Virtual Storage Platform One Block 23, One Block 24, One Block 26, One Block 28.
This issue affects Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H, Hitachi Virtual Storage Platform One Block 23, One Block 24, One Block 26, One Block 28 : before DKCMAIN Ver. 88-08-16-xx/00, SVP Ver. 88-08-18-xx/00, before DKCMAIN Ver. 93-07-26-xx/00, SVP Ver. 93-07-26-xx/00, before DKCMAIN Ver. A3-04-02-xx/00, MPC Ver. A3-04-02-xx/00, before DKCMAIN Ver. A3-03-41-xx/00, MPC Ver. A3-03-41-xx/00, before DKCMAIN Ver. A3-03-03-xx/00, MPC Ver. A3-03-03-xx/00.
Severity: 8.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 May 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
{
"Source": "CVE FEED",
"Title": "CVE-2025-62127 - WordPress WEN Logo Slider plugin <= 3.4.0 - cross site scripting (xss) vulnerability",
"Content": "CVE ID :CVE-2025-62127
Published : May 7, 2026, 7:54 a.m. | 53 minutes ago
Description :Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WEN Themes WEN Logo Slider allows DOM-Based XSS.
This issue affects WEN Logo Slider: from n/a through 3.4.0.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 May 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
"Source": "CVE FEED",
"Title": "CVE-2025-62127 - WordPress WEN Logo Slider plugin <= 3.4.0 - cross site scripting (xss) vulnerability",
"Content": "CVE ID :CVE-2025-62127
Published : May 7, 2026, 7:54 a.m. | 53 minutes ago
Description :Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WEN Themes WEN Logo Slider allows DOM-Based XSS.
This issue affects WEN Logo Slider: from n/a through 3.4.0.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "07 May 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ