CVE tracker
351 subscribers
4.78K links
News monitoring: @irnewsagency

Main channel: @orgsecuritygate

Site: SecurityGate.org
Download Telegram
CVE-2026-14790 - GPAC Media File write_nhml.c nhmldump_send_frame null pointer dereference

CVE ID :CVE-2026-14790
Published : July 6, 2026, 3:16 a.m. | 42 minutes ago
Description :A flaw has been found in GPAC 26.02.0. This affects the function nhmldump_send_frame of the file src/filters/write_nhml.c of the component Media File Handler. Executing a manipulation can lead to null pointer dereference. The attack requires local access. The exploit has been published and may be used. This patch is called bd1d94e70e3bef364c07c5a1d94eca5c9f56e160. A patch should be applied to remediate this issue. The project explains: "I would consider most of these more as bugs than vulns but anyway they're good to fix".
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-14791 - crater-invoice-inc crater Invoice Note InvoicesRequest.php getFormattedString cross site scripting

CVE ID :CVE-2026-14791
Published : July 6, 2026, 3:16 a.m. | 42 minutes ago
Description :A weakness has been identified in crater-invoice-inc crater up to 6.0.6. This affects the function getFormattedString of the file app/Http/Requests/InvoicesRequest.php of the component Invoice Note Handler. Executing a manipulation of the argument notes can lead to cross site scripting. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-14792 - Formbricks Survey actions.ts access control

CVE ID :CVE-2026-14792
Published : July 6, 2026, 5:16 a.m. | 2 hours, 43 minutes ago
Description :A security vulnerability has been detected in Formbricks 5.0.0. This impacts an unknown function of the file apps/web/modules/survey/link/actions.ts of the component Survey Handler. The manipulation leads to improper access controls. Remote exploitation of the attack is possible. Upgrading to version 5.1.0-rc.1 will fix this issue. The identifier of the patch is af6023b5ac3b030ffcea24fac799f76f3e3512c6. You should upgrade the affected component.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-14793 - Craft CMS reorder-sets Endpoint GlobalsController.php actionReorderSets authorization

CVE ID :CVE-2026-14793
Published : July 6, 2026, 5:16 a.m. | 2 hours, 43 minutes ago
Description :A vulnerability was detected in Craft CMS up to 4.18.0.1. Affected is the function actionReorderSets of the file src/controllers/GlobalsController.php of the component reorder-sets Endpoint. The manipulation results in authorization bypass. The attack can be executed remotely. Upgrading to version 4.18.1 is able to address this issue. The patch is identified as 9bd05c91e6a7e6da5e949ec41a31c220c059aa04. The affected component should be upgraded.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-14794 - Craft CMS Charts Endpoint ChartsController.php actionGetNewUsersData improper authorization

CVE ID :CVE-2026-14794
Published : July 6, 2026, 5:16 a.m. | 2 hours, 43 minutes ago
Description :A flaw has been found in Craft CMS up to 4.18.0.1. Affected by this vulnerability is the function actionGetNewUsersData of the file src/controllers/ChartsController.php of the component Charts Endpoint. This manipulation of the argument userGroupId causes improper authorization. The attack is possible to be carried out remotely. Upgrading to version 4.18.1 addresses this issue. Patch name: 9ee53efc1314e6aba32771c66a13e072a246f4ce. It is suggested to upgrade the affected component.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-14795 - CodeAstro Apartment Visitor Management System action-visitor.php sql injection

CVE ID :CVE-2026-14795
Published : July 6, 2026, 5:16 a.m. | 2 hours, 43 minutes ago
Description :A vulnerability has been found in CodeAstro Apartment Visitor Management System 1.0. Affected by this issue is some unknown functionality of the file /apartment-visitor/action-visitor.php. Such manipulation of the argument remark leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be used.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-14796 - CodeAstro Apartment Visitor Management System report.php sql injection

CVE ID :CVE-2026-14796
Published : July 6, 2026, 5:16 a.m. | 2 hours, 43 minutes ago
Description :A vulnerability was found in CodeAstro Apartment Visitor Management System 1.0. This affects an unknown part of the file /apartment-visitor/report.php. Performing a manipulation of the argument fromdate results in sql injection. It is possible to initiate the attack remotely. The exploit has been made public and could be used.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-6228 - WANotifier < 2.6 - Subscriber+ LFI

CVE ID :CVE-2024-6228
Published : July 6, 2026, 6 a.m. | 1 hour, 59 minutes ago
Description :The Notifications for Forms & WordPress Actions WordPress plugin before 2.6 does not validate a user-supplied value before using it to build a server-side file inclusion path, allowing authenticated users with subscriber-level access and above to include and execute arbitrary local PHP files on the server.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-10830 - AllCoach < 1.0.2 - Unauthenticated Account Takeover

CVE ID :CVE-2026-10830
Published : July 6, 2026, 6 a.m. | 1 hour, 59 minutes ago
Description :The AllCoach WordPress plugin before 1.0.2 does not verify that an email address submitted to a public account-registration endpoint is not already associated with an existing user before overwriting that user's password, allowing unauthenticated attackers to reset the password of arbitrary accounts, including administrators, and take over the site.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-11766 - Ultimate Member < 2.12.0 - Subscriber+ Stored XSS via Custom Textarea Profile Fields

CVE ID :CVE-2026-11766
Published : July 6, 2026, 6 a.m. | 1 hour, 59 minutes ago
Description :The Ultimate Member WordPress plugin before 2.12.0 does not properly sanitise and escape the value of custom textarea profile fields before outputting it on user profiles, allowing authenticated users with Subscriber-level access and above to store JavaScript that executes when any user, including an administrator, views the affected profile.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-11855 - Simple Membership < 4.7.5 - Unauthenticated Stored XSS via Stripe Webhook API Version

CVE ID :CVE-2026-11855
Published : July 6, 2026, 6 a.m. | 1 hour, 59 minutes ago
Description :The Simple Membership WordPress plugin before 4.7.5 does not verify the authenticity of Stripe webhook requests when no signing secret is configured, nor escape a value taken from them before outputting it in an administrator notice, allowing unauthenticated attackers to inject arbitrary web scripts that execute in the context of a logged-in administrator.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-11962 - FileOrganizer < 1.2.0 - Authenticated Arbitrary File Upload via elFinder File Operations

CVE ID :CVE-2026-11962
Published : July 6, 2026, 6 a.m. | 1 hour, 59 minutes ago
Description :The FileOrganizer WordPress plugin before 1.2.0 does not validate the file type on several of its file-management operations, allowing authenticated users who have been granted file-manager access — which its premium add-on can extend to sub-administrator roles — to upload arbitrary PHP files and achieve remote code execution. This is an incomplete fix of CVE-2024-7985, which only added file-type validation to the upload operation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-12083 - Admin and Site Enhancements < 8.8.4 - Unauthenticated Administrator-Role Restoration via reset-for Parameter

CVE ID :CVE-2026-12083
Published : July 6, 2026, 6 a.m. | 1 hour, 59 minutes ago
Description :The Admin and Site Enhancements (ASE) WordPress plugin before 8.8.4, admin-site-enhancements-pro WordPress plugin before 8.8.4 does not perform authentication, authorization, or nonce checks on a role-restoration request handler, allowing unauthenticated attackers to restore a previously demoted administrator account back to the administrator role. This is an incomplete fix of CVE-2024-43333 / CVE-2025-24648, which closed the issue for only one of the demotion paths the WordPress role API exposes.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-6382 - Multiple elFinder Plugins - Authenticated OS Command Injection

CVE ID :CVE-2026-6382
Published : July 6, 2026, 6 a.m. | 1 hour, 59 minutes ago
Description :The FileOrganizer WordPress plugin before 1.1.9, Advanced File Manager WordPress plugin before 5.4.12, File Manager Pro WordPress plugin before 2.1.1, File Manager WordPress plugin before 8.0.4 do not properly escape a parameter before passing it to a shell command when processing image operations, allowing authenticated users to perform OS Command Injection. This requires the server to have the ImageMagick convert CLI available without either the PHP imagick or GD extensions.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-14800 - imhamzaazam ecommerceFlask cross-site request forgery

CVE ID :CVE-2026-14800
Published : July 6, 2026, 6 a.m. | 1 hour, 59 minutes ago
Description :A weakness has been identified in imhamzaazam ecommerceFlask up to cb7d9e24c30a99379651b7493b32048126ef402b. The affected element is an unknown function. This manipulation causes cross-site request forgery. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks. This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available. The project was informed of the problem early through an issue report but has not responded yet.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-14801 - GPAC TeXML File load_text.c txtin_probe_duration divide by zero

CVE ID :CVE-2026-14801
Published : July 6, 2026, 6:15 a.m. | 1 hour, 44 minutes ago
Description :A security vulnerability has been detected in GPAC 26.03-DEV-rev342-g80071f700-master. The impacted element is the function txtin_probe_duration of the file src/filters/load_text.c of the component TeXML File Handler. Such manipulation of the argument txml_timescale leads to divide by zero. An attack has to be approached locally. The name of the patch is 86a5191f2e750c767253e27ed6cfd6d547afebc2. A patch should be applied to remediate this issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-14797 - CodeAstro Apartment Visitor Management System edit-apartment.php sql injection

CVE ID :CVE-2026-14797
Published : July 6, 2026, 6:16 a.m. | 1 hour, 43 minutes ago
Description :A vulnerability was determined in CodeAstro Apartment Visitor Management System 1.0. This vulnerability affects unknown code of the file /apartment-visitor/edit-apartment.php. Executing a manipulation of the argument editid can lead to sql injection. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-14798 - CodeAstro Apartment Visitor Management System visitor-entry.php sql injection

CVE ID :CVE-2026-14798
Published : July 6, 2026, 6:16 a.m. | 1 hour, 43 minutes ago
Description :A vulnerability was identified in CodeAstro Apartment Visitor Management System 1.0. This issue affects some unknown processing of the file /apartment-visitor/visitor-entry.php. The manipulation of the argument visname leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might be used.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-14799 - CodeAstro Ecommerce Website my_account.php sql injection

CVE ID :CVE-2026-14799
Published : July 6, 2026, 6:16 a.m. | 1 hour, 43 minutes ago
Description :A security flaw has been discovered in CodeAstro Ecommerce Website 1.0. Impacted is an unknown function of the file /customer/my_account.php?my_wishlist. The manipulation of the argument delete_wishlist results in sql injection. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-14802 - react create-react-app react-dev-utils openBrowser.js startBrowserProcess os command injection

CVE ID :CVE-2026-14802
Published : July 6, 2026, 6:30 a.m. | 1 hour, 29 minutes ago
Description :A vulnerability was detected in react create-react-app up to 5.0.1 on macOS. This affects the function startBrowserProcess of the file openBrowser.js of the component react-dev-utils. Performing a manipulation results in os command injection. Remote exploitation of the attack is possible. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-14807 - PROG MIS|ERP App - Use of Hard-coded Credentials

CVE ID :CVE-2026-14807
Published : July 6, 2026, 7:09 a.m. | 49 minutes ago
Description :ERP App developed by PROG MIS has a Use of Hard-coded Credentials vulnerability, allowing unauthenticated remote attackers to log in to view application code and obtain the database account and password.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...