CVE-2026-41074 - RT has broken CSRF protection for authenticated users
CVE ID :CVE-2026-41074
Published : May 22, 2026, 9:12 p.m. | 33 minutes ago
Description :RT is an open source, enterprise-grade issue and ticket tracking system. Versions 6.0.0 through 6.0.2 contain a Cross-Site Request Forgery (CSRF) vulnerability. An attacker who can induce a logged-in RT user to visit a malicious web page can trigger arbitrary state-changing actions in RT on that user's behalf. This issue has been fixed in version 6.0.3.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-41074
Published : May 22, 2026, 9:12 p.m. | 33 minutes ago
Description :RT is an open source, enterprise-grade issue and ticket tracking system. Versions 6.0.0 through 6.0.2 contain a Cross-Site Request Forgery (CSRF) vulnerability. An attacker who can induce a logged-in RT user to visit a malicious web page can trigger arbitrary state-changing actions in RT on that user's behalf. This issue has been fixed in version 6.0.3.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-41075 - RT: SQL injection via entry_aggregator parameter in JSON search
CVE ID :CVE-2026-41075
Published : May 22, 2026, 9:17 p.m. | 28 minutes ago
Description :RT is an open source, enterprise-grade issue and ticket tracking system. Versions 5.0.0 through 5.0.9 and 6.0.0 through 6.0.2 contain an SQL injection vulnerability. An authenticated user can craft input that is incorporated into database queries without proper validation, potentially allowing them to read or modify data in the RT database. This issue has been fixed in versions 5.0.10 and 6.0.3. If developers are unable to upgrade immediately, they can temporarily work around this issue by restricting RT account access to trusted users.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-41075
Published : May 22, 2026, 9:17 p.m. | 28 minutes ago
Description :RT is an open source, enterprise-grade issue and ticket tracking system. Versions 5.0.0 through 5.0.9 and 6.0.0 through 6.0.2 contain an SQL injection vulnerability. An authenticated user can craft input that is incorporated into database queries without proper validation, potentially allowing them to read or modify data in the RT database. This issue has been fixed in versions 5.0.10 and 6.0.3. If developers are unable to upgrade immediately, they can temporarily work around this issue by restricting RT account access to trusted users.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-41076 - RT: LDAP authentication bypass via empty password
CVE ID :CVE-2026-41076
Published : May 22, 2026, 9:36 p.m. | 4 hours, 10 minutes ago
Description :RT is an open source, enterprise-grade issue and ticket tracking system. Versions 5.0.9 and prior in addition to 6.0.0 through 6.0.2 contain an authentication bypass vulnerability in RT installations that use LDAP/AD for user authentication. Under certain LDAP server configurations, an attacker may be able to authenticate as any LDAP-backed RT user without supplying valid credentials. This issue has been fixed in versions 5.0.10 and 6.0.3. If developers are unable to upgrade immediately, they can temporarily work around this issue by reviewing their LDAP server's authentication policy to ensure it rejects unauthenticated bind attempts. Upgrading RT remains the recommended fix.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-41076
Published : May 22, 2026, 9:36 p.m. | 4 hours, 10 minutes ago
Description :RT is an open source, enterprise-grade issue and ticket tracking system. Versions 5.0.9 and prior in addition to 6.0.0 through 6.0.2 contain an authentication bypass vulnerability in RT installations that use LDAP/AD for user authentication. Under certain LDAP server configurations, an attacker may be able to authenticate as any LDAP-backed RT user without supplying valid credentials. This issue has been fixed in versions 5.0.10 and 6.0.3. If developers are unable to upgrade immediately, they can temporarily work around this issue by reviewing their LDAP server's authentication policy to ensure it rejects unauthenticated bind attempts. Upgrading RT remains the recommended fix.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-41147 - NukeViet CMS: Stored Cross-Site Scripting (XSS) via insufficient server-side input sanitization in Request class
CVE ID :CVE-2026-41147
Published : May 22, 2026, 9:45 p.m. | 4 hours, 1 minute ago
Description :NukeViet CMS is a multi Content Management System. Versions 4.5.07 and prior contain a Stored Cross-Site Scripting (XSS) vulnerability caused by insufficient server-side input sanitization in the Request class. The application relies primarily on client-side filtering to sanitize HTML tags and attributes in user-submitted content, which can be bypassed by intercepting and modifying HTTP requests directly (e.g., using Burp Suite). An attacker can inject malicious payloads which are stored server-side and executed in the browser of any user who views the content. Anyone viewing user-submitted content (such as administrators and moderators reviewing contact messages or comments) is impacted, and the vulnerability can be exploited by any anonymous visitor without authentication, with the Contact module used only as a proof of concept. Potential consequences include session hijacking through cookie theft, unauthorized actions performed under the victim's identity, defacement or redirection to phishing pages, and phishing attacks via manipulated email notifications. This issue has been fixed in version 4.5.08. If developers are unable to upgrade immediately, they should work around this issue by implementing server-side HTML sanitization in the Request class to strip or encode dangerous tags and attributes (e.g.,
CVE ID :CVE-2026-41147
Published : May 22, 2026, 9:45 p.m. | 4 hours, 1 minute ago
Description :NukeViet CMS is a multi Content Management System. Versions 4.5.07 and prior contain a Stored Cross-Site Scripting (XSS) vulnerability caused by insufficient server-side input sanitization in the Request class. The application relies primarily on client-side filtering to sanitize HTML tags and attributes in user-submitted content, which can be bypassed by intercepting and modifying HTTP requests directly (e.g., using Burp Suite). An attacker can inject malicious payloads which are stored server-side and executed in the browser of any user who views the content. Anyone viewing user-submitted content (such as administrators and moderators reviewing contact messages or comments) is impacted, and the vulnerability can be exploited by any anonymous visitor without authentication, with the Contact module used only as a proof of concept. Potential consequences include session hijacking through cookie theft, unauthorized actions performed under the victim's identity, defacement or redirection to phishing pages, and phishing attacks via manipulated email notifications. This issue has been fixed in version 4.5.08. If developers are unable to upgrade immediately, they should work around this issue by implementing server-side HTML sanitization in the Request class to strip or encode dangerous tags and attributes (e.g.,
CVE-2026-40412 - Azure Orbital Spatio Remote Code Execution Vulnerability
CVE ID :CVE-2026-40412
Published : May 22, 2026, 10:03 p.m. | 3 hours, 43 minutes ago
Description :None
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-40412
Published : May 22, 2026, 10:03 p.m. | 3 hours, 43 minutes ago
Description :None
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-23652 - Microsoft Power Pages Remote Code Execution Vulnerability
CVE ID :CVE-2026-23652
Published : May 22, 2026, 10:03 p.m. | 3 hours, 43 minutes ago
Description :None
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-23652
Published : May 22, 2026, 10:03 p.m. | 3 hours, 43 minutes ago
Description :None
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-35430 - Azure Privileged Identity Management (PIM) Elevation of Privilege Vulnerability
CVE ID :CVE-2026-35430
Published : May 22, 2026, 10:03 p.m. | 3 hours, 43 minutes ago
Description :None
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-35430
Published : May 22, 2026, 10:03 p.m. | 3 hours, 43 minutes ago
Description :None
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-40411 - Azure Virtual Network Gateway Remote Code Execution Vulnerability
CVE ID :CVE-2026-40411
Published : May 22, 2026, 10:03 p.m. | 3 hours, 43 minutes ago
Description :None
Severity: 9.9 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-40411
Published : May 22, 2026, 10:03 p.m. | 3 hours, 43 minutes ago
Description :None
Severity: 9.9 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-47280 - Azure Resource Manager Elevation of Privilege Vulnerability
CVE ID :CVE-2026-47280
Published : May 22, 2026, 10:03 p.m. | 3 hours, 43 minutes ago
Description :None
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-47280
Published : May 22, 2026, 10:03 p.m. | 3 hours, 43 minutes ago
Description :None
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-42827 - M365 Copilot Information Disclosure Vulnerability
CVE ID :CVE-2026-42827
Published : May 22, 2026, 10:03 p.m. | 3 hours, 43 minutes ago
Description :None
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-42827
Published : May 22, 2026, 10:03 p.m. | 3 hours, 43 minutes ago
Description :None
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-41090 - Microsoft Copilot Tampering Vulnerability
CVE ID :CVE-2026-41090
Published : May 22, 2026, 10:03 p.m. | 3 hours, 43 minutes ago
Description :None
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-41090
Published : May 22, 2026, 10:03 p.m. | 3 hours, 43 minutes ago
Description :None
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-26147 - Azure Stack HCI Information Disclosure Vulnerability
CVE ID :CVE-2026-26147
Published : May 22, 2026, 10:03 p.m. | 3 hours, 43 minutes ago
Description :None
Severity: 7.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-26147
Published : May 22, 2026, 10:03 p.m. | 3 hours, 43 minutes ago
Description :None
Severity: 7.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-33843 - Microsoft Azure Active Directory B2C Elevation of Privilege Vulnerability
CVE ID :CVE-2026-33843
Published : May 22, 2026, 10:03 p.m. | 3 hours, 43 minutes ago
Description :None
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-33843
Published : May 22, 2026, 10:03 p.m. | 3 hours, 43 minutes ago
Description :None
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-41148 - Mermaid: Improper sanitization of `classDefs` in diagrams leads to CSS injection
CVE ID :CVE-2026-41148
Published : May 22, 2026, 10:03 p.m. | 3 hours, 43 minutes ago
Description :Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Versions 10.9.5 and prior, in addition to 11.0.0-alpha.1 through 11.12.0 are vulnerable to CSS injection through improper sanitization. The state diagram (and any other diagram type that routes user-controlled style strings through the createCssStyles parser) captures classDef values using an unrestricted regex that matches everything up to a newline. That value then flows unsanitized through addStyleClass() into createCssStyles() and is assigned to style.innerHTML, so a closing brace (}) in the value terminates the generated CSS selector and turns everything after it into a new CSS rule on the page. This enables page defacement, user tracking via url() callbacks, and DOM attribute exfiltration. This issue has been fixed in versions 10.9.6 and 11.15.0. If developers are unable to immediately upgrade, they can work around this issue by setting "securityLevel": "sandbox", which prevents the issue by rendering the mermaid diagram in a sandboxed
CVE ID :CVE-2026-41148
Published : May 22, 2026, 10:03 p.m. | 3 hours, 43 minutes ago
Description :Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Versions 10.9.5 and prior, in addition to 11.0.0-alpha.1 through 11.12.0 are vulnerable to CSS injection through improper sanitization. The state diagram (and any other diagram type that routes user-controlled style strings through the createCssStyles parser) captures classDef values using an unrestricted regex that matches everything up to a newline. That value then flows unsanitized through addStyleClass() into createCssStyles() and is assigned to style.innerHTML, so a closing brace (}) in the value terminates the generated CSS selector and turns everything after it into a new CSS rule on the page. This enables page defacement, user tracking via url() callbacks, and DOM attribute exfiltration. This issue has been fixed in versions 10.9.6 and 11.15.0. If developers are unable to immediately upgrade, they can work around this issue by setting "securityLevel": "sandbox", which prevents the issue by rendering the mermaid diagram in a sandboxed
CVE-2026-45659 - Microsoft SharePoint Remote Code Execution Vulnerability
CVE ID :CVE-2026-45659
Published : May 22, 2026, 10:04 p.m. | 3 hours, 42 minutes ago
Description :None
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-45659
Published : May 22, 2026, 10:04 p.m. | 3 hours, 42 minutes ago
Description :None
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-41104 - Microsoft Planetary Computer Pro Information Disclosure Vulnerability
CVE ID :CVE-2026-41104
Published : May 22, 2026, 10:04 p.m. | 3 hours, 42 minutes ago
Description :None
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-41104
Published : May 22, 2026, 10:04 p.m. | 3 hours, 42 minutes ago
Description :None
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-42901 - Microsoft Entra ID Elevation of Privilege Vulnerability
CVE ID :CVE-2026-42901
Published : May 22, 2026, 10:04 p.m. | 3 hours, 42 minutes ago
Description :None
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-42901
Published : May 22, 2026, 10:04 p.m. | 3 hours, 42 minutes ago
Description :None
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-23663 - Microsoft Global Secure Access (GSA) Information Disclosure Vulnerability
CVE ID :CVE-2026-23663
Published : May 22, 2026, 10:04 p.m. | 3 hours, 42 minutes ago
Description :None
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-23663
Published : May 22, 2026, 10:04 p.m. | 3 hours, 42 minutes ago
Description :None
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-41149 - Mermaid: Improper sanitization of `classDef` in state diagrams leads to HTML injection
CVE ID :CVE-2026-41149
Published : May 22, 2026, 10:34 p.m. | 3 hours, 12 minutes ago
Description :Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Versions 10.9.5 and earlier, as well as 11.0.0-alpha.1 through 11.14.0, are vulnerable to HTML injection under the default configuration. Specifically, the classDef directive in Mermaid state diagrams permits DOM injection that escapes the SVG context. However,
CVE ID :CVE-2026-41149
Published : May 22, 2026, 10:34 p.m. | 3 hours, 12 minutes ago
Description :Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Versions 10.9.5 and earlier, as well as 11.0.0-alpha.1 through 11.14.0, are vulnerable to HTML injection under the default configuration. Specifically, the classDef directive in Mermaid state diagrams permits DOM injection that escapes the SVG context. However,
CVE-2026-6898 - WishList Member <= 3.30.1 - Missing Authorization to Authenticated (Subscriber+) Generate API Secret Key via 'wlm3_generate_api_key' AJAX action
CVE ID :CVE-2026-6898
Published : May 23, 2026, 4:27 a.m. | 1 hour, 21 minutes ago
Description :The Wishlist Member plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'WishListMember3_Hooks::generate_api_key' function in all versions up to, and including, 3.30.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update the REST API Secret Key, which can be used to create a new membership level assigned the administrator WordPress role, and register an arbitrary administrator-level user account, resulting in complete site takeover.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-6898
Published : May 23, 2026, 4:27 a.m. | 1 hour, 21 minutes ago
Description :The Wishlist Member plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'WishListMember3_Hooks::generate_api_key' function in all versions up to, and including, 3.30.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update the REST API Secret Key, which can be used to create a new membership level assigned the administrator WordPress role, and register an arbitrary administrator-level user account, resulting in complete site takeover.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-6895 - Wishlist Member <= 3.30.1 - Missing Authorization to Authenticated (Subscriber+) API Secret Key Disclosure and Privilege Escalation via 'wlm3_export_settings' AJAX Action
CVE ID :CVE-2026-6895
Published : May 23, 2026, 4:27 a.m. | 1 hour, 21 minutes ago
Description :The WishList Member plugin for WordPress is vulnerable to Missing Authorization leading to Sensitive Information Disclosure and Privilege Escalation in versions up to and including 3.30.1. This is due to the missing capability checks in the 'export_settings' function. This function returns the REST API Secret Key to the attacker in the AJAX JSON response. An attacker who obtains this key can authenticate to the WishList Member API, create a new membership level assigned the administrator WordPress role, and register an arbitrary administrator-level user account, resulting in complete site takeover.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-6895
Published : May 23, 2026, 4:27 a.m. | 1 hour, 21 minutes ago
Description :The WishList Member plugin for WordPress is vulnerable to Missing Authorization leading to Sensitive Information Disclosure and Privilege Escalation in versions up to and including 3.30.1. This is due to the missing capability checks in the 'export_settings' function. This function returns the REST API Secret Key to the attacker in the AJAX JSON response. An attacker who obtains this key can authenticate to the WishList Member API, create a new membership level assigned the administrator WordPress role, and register an arbitrary administrator-level user account, resulting in complete site takeover.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...