CVE tracker
352 subscribers
4.78K links
News monitoring: @irnewsagency

Main channel: @orgsecuritygate

Site: SecurityGate.org
Download Telegram
CVE-2026-15524 - alioshr memory-bank-mcp list-project-files-validation-factory.ts path traversal

CVE ID :CVE-2026-15524
Published : July 13, 2026, 3:16 a.m. | 1 hour, 14 minutes ago
Description :A security vulnerability has been detected in alioshr memory-bank-mcp up to 0.2.1/3.1. This affects an unknown part of the file list-project-files-validation-factory.ts. Such manipulation of the argument projectName leads to path traversal. Local access is required to approach this attack. The exploit has been disclosed publicly and may be used. The project was informed of the problem early through an issue report but has not responded yet.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-15525 - kLOsk adloop write.py _validate_urls server-side request forgery

CVE ID :CVE-2026-15525
Published : July 13, 2026, 3:16 a.m. | 1 hour, 14 minutes ago
Description :A vulnerability was detected in kLOsk adloop up to 0.9.0. This vulnerability affects the function _validate_urls of the file src/adloop/ads/write.py. Performing a manipulation of the argument final_url results in server-side request forgery. The attack may be initiated remotely. The exploit is now public and may be used. Upgrading to version 0.10.0 is able to resolve this issue. The patch is named 217399723e3a2fb39389e5355d49ed80aaf9ea7c. Upgrading the affected component is advised.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-15526 - augmnt augments-mcp-server scan_project_deps scan-project-deps.ts scanProjectDeps path traversal

CVE ID :CVE-2026-15526
Published : July 13, 2026, 4:16 a.m. | 14 minutes ago
Description :A flaw has been found in augmnt augments-mcp-server 7.1.0. This issue affects the function scanProjectDeps of the file src/tools/v4/scan-project-deps.ts of the component scan_project_deps. Executing a manipulation of the argument packageJsonPath can lead to path traversal. The attack can only be executed locally. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-15527 - better-auth better-icons scan_project_icons/sync_icon path traversal

CVE ID :CVE-2026-15527
Published : July 13, 2026, 4:16 a.m. | 14 minutes ago
Description :A vulnerability has been found in better-auth better-icons up to 1.0.5. This vulnerability affects unknown code of the component scan_project_icons/sync_icon. Such manipulation of the argument icons_file leads to path traversal. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-15528 - lamaalrajih kicad-mcp path_validator.py protection mechanism

CVE ID :CVE-2026-15528
Published : July 13, 2026, 4:16 a.m. | 14 minutes ago
Description :A vulnerability was found in lamaalrajih kicad-mcp up to 3.3.1. This issue affects some unknown processing of the file kicad_mcp/utils/path_validator.py. Performing a manipulation of the argument project_path/schematic_path results in protection mechanism failure. Attacking locally is a requirement. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-15529 - yzhao062 pyod persistence.py pyod.utils.persistence.load deserialization

CVE ID :CVE-2026-15529
Published : July 13, 2026, 4:16 a.m. | 14 minutes ago
Description :A vulnerability was detected in yzhao062 pyod 3.5.0/3.5.1/3.5.2. Affected is the function pyod.utils.persistence.load of the file pyod/utils/persistence.py. Performing a manipulation of the argument path results in deserialization. The attack can be initiated remotely. The pull request to fix this issue requires some minor changes.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-15552 - Ragic|Enterprise Cloud Database - Stored Cross-Site Scripting

CVE ID :CVE-2026-15552
Published : July 13, 2026, 4:16 a.m. | 14 minutes ago
Description :Enterprise Cloud Database developed by Ragic has a Stored Cross-Site Scripting vulnerability, allowing unauthenticated remote attackers to inject persistent JavaScript code executed in users' browsers upon page load.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-15553 - Ragic|Enterprise Cloud Database - Arbitrary File Upload

CVE ID :CVE-2026-15553
Published : July 13, 2026, 4:16 a.m. | 14 minutes ago
Description :Enterprise Cloud Database developed by Ragic has a Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload malicious files and make them available for users to download.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-7162 - Software Integer Overflow Vulnerability

CVE ID :CVE-2026-7162
Published : July 13, 2026, 4:16 a.m. | 14 minutes ago
Description :Successful exploitation of the integer overflow vulnerability could allow an attacker to achieve system-level access to the affected software.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-9492 - GIGABYTE|Gigabyte Control Center - Improper Access Control

CVE ID :CVE-2026-9492
Published : July 13, 2026, 4:16 a.m. | 14 minutes ago
Description :The MBStorage DRAM lighting control module within Gigabyte Control Center (GCC) developed by GIGABYTE Technology has an Improper Access Control vulnerability. Authenticated local attackers can send specific IOCTL commands through the driver MyPortIO_x64.sys bundled with the module, thereby arbitrarily reading and writing physical memory and obtaining kernel-level privileges.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-15535 - AkariAsai self-rag retrieval_lm index.py Indexer.deserialize_from deserialization

CVE ID :CVE-2026-15535
Published : July 13, 2026, 6:16 a.m. | 2 hours, 14 minutes ago
Description :A vulnerability was determined in AkariAsai self-rag up to 1fcdc420e48f50a7d7ab1ece5494221b93252e99. Affected by this issue is the function Indexer.deserialize_from of the file retrieval_lm/src/index.py of the component retrieval_lm. Executing a manipulation of the argument index_meta.faiss can lead to deserialization. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. This product operates on a rolling release basis, ensuring continuous delivery. Consequently, there are no version details for either affected or updated releases. The project was informed of the problem early through an issue report but has not responded yet.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-10551 - Breeze Cache < 2.5.6 - Unauthenticated Stored XSS via Minify Library

CVE ID :CVE-2026-10551
Published : July 13, 2026, 7:16 a.m. | 1 hour, 14 minutes ago
Description :The Breeze Cache WordPress plugin before 2.5.6 is vulnerable to unauthenticated Stored Cross-Site Scripting (XSS) due to a predictable replacement hash used during the HTML minification process and abusing a regular expression. This allows an attacker to inject arbitrary HTML attributes in the final HTML output by anticipating the placeholder format.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-11963 - User Registration & Membership < 5.2.2 - Subscriber+ Cross-User Role and Membership Tier Modification via IDOR

CVE ID :CVE-2026-11963
Published : July 13, 2026, 7:16 a.m. | 1 hour, 14 minutes ago
Description :The User Registration & Membership WordPress plugin before 5.2.2 does not perform an authorization check on a membership-upgrade action and derives the user to modify from a caller-supplied identifier instead of the current user, allowing any authenticated user such as a subscriber to change another user's WordPress role and membership tier.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-11964 - User Registration & Membership < 5.2.2 - Unauthenticated PayPal Webhook Signature Verification Bypass Leading to Membership Activation

CVE ID :CVE-2026-11964
Published : July 13, 2026, 7:16 a.m. | 1 hour, 14 minutes ago
Description :The User Registration & Membership WordPress plugin before 5.2.2 does not verify the authenticity of incoming payment-provider webhook notifications before acting on them, allowing unauthenticated attackers to forge a payment-approved event and activate a paid membership subscription without completing a real payment.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-12081 - Database for Contact Form 7, WPforms, Elementor forms < 1.5.2 - Unauthenticated PHP Object Injection via Entry File Field

CVE ID :CVE-2026-12081
Published : July 13, 2026, 7:16 a.m. | 1 hour, 14 minutes ago
Description :The Database for Contact Form 7, WPforms, Elementor forms WordPress plugin before 1.5.2 does not restrict the PHP classes allowed when unserializing an attacker-supplied form-field value, allowing unauthenticated users to inject arbitrary PHP objects that are instantiated when an administrator views the stored entry. This is an incomplete fix of CVE-2025-7384 and CVE-2026-2599, whose deserialization paths were hardened while the entry-editor file-field path was missed.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-12271 - Tutor LMS < 3.9.13 - Subscriber+ Arbitrary Quiz Attempt Modification via IDOR

CVE ID :CVE-2026-12271
Published : July 13, 2026, 7:16 a.m. | 1 hour, 14 minutes ago
Description :The Tutor LMS WordPress plugin before 3.9.13 does not verify ownership of the targeted quiz attempt before writing to it, allowing authenticated users with subscriber-level access and above to modify and force-complete other students' quiz attempts, overwriting their recorded marks and pass/fail result.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-12273 - Tutor LMS < 3.9.13 - Subscriber+ Arbitrary Auto-Approved Comment Creation

CVE ID :CVE-2026-12273
Published : July 13, 2026, 7:16 a.m. | 1 hour, 14 minutes ago
Description :The Tutor LMS WordPress plugin before 3.9.13 does not perform any authorization or post-target validation before creating a comment in one of its handlers, and stores the comment pre-approved, allowing authenticated users with subscriber-level access and above to post auto-approved comments containing arbitrary HTML and links on any content across the site, bypassing the comment moderation queue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-12274 - Tutor LMS < 3.9.13 - Instructor+ Arbitrary Post Overwrite via IDOR

CVE ID :CVE-2026-12274
Published : July 13, 2026, 7:16 a.m. | 1 hour, 14 minutes ago
Description :The Tutor LMS WordPress plugin before 3.9.13 does not verify that the requesting user is allowed to edit a target post before overwriting it in one of its content-builder save handlers, authorizing the request only against an unrelated identifier, allowing authenticated users with instructor-level access to overwrite and take over any post or page on the site, including those owned by administrators.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-12275 - Tutor LMS < 3.9.13 - Subscriber+ Unauthorized Course Enrollment and Private Course Content Disclosure via Droip/Kirki Integration

CVE ID :CVE-2026-12275
Published : July 13, 2026, 7:16 a.m. | 1 hour, 14 minutes ago
Description :The Tutor LMS WordPress plugin before 3.9.13 does not, in its Droip and Kirki page-builder integration, perform the enrollment, purchase, and private-course capability checks it enforces in its core course handler, allowing authenticated users with subscriber-level access to enroll in paid or private courses without authorization, read private course content, and mark arbitrary courses as completed, on sites where the Droip or Kirki integration is active.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-12396 - WP Job Portal < 2.5.5 - Subscriber+ Arbitrary Job Approval, Featuring and Rejection

CVE ID :CVE-2026-12396
Published : July 13, 2026, 7:16 a.m. | 1 hour, 14 minutes ago
Description :The WP Job Portal WordPress plugin before 2.5.5 does not perform capability or ownership checks before allowing job moderation actions, allowing authenticated users with a subscriber-level (self-registerable) account to approve, feature, or reject arbitrary jobs, including those owned by other users.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-12397 - WP Job Portal < 2.5.5 - Subscriber+ Employer Email Disclosure via IDOR

CVE ID :CVE-2026-12397
Published : July 13, 2026, 7:16 a.m. | 1 hour, 14 minutes ago
Description :The WP Job Portal WordPress plugin before 2.5.5 does not verify ownership when returning an employer's contact email for a given job, allowing authenticated users with a subscriber-level (self-registerable) account to read other employers' private account email addresses by enumerating job identifiers.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...