๐จ CVE-2026-10824
The Masteriyo LMS WordPress plugin before 2.2.1 does not perform authorization checks in a course-progress REST API controller, allowing unauthenticated users to read and permanently delete any user's course-progress records.
๐@cveNotify
The Masteriyo LMS WordPress plugin before 2.2.1 does not perform authorization checks in a course-progress REST API controller, allowing unauthenticated users to read and permanently delete any user's course-progress records.
๐@cveNotify
WPScan
Masteriyo LMS < 2.2.1 - Unauthenticated Course Progress Disclosure and Deletion
See details on Masteriyo LMS < 2.2.1 - Unauthenticated Course Progress Disclosure and Deletion CVE 2026-10824. View the latest Plugin Vulnerabilities on WPScan.
๐จ CVE-2026-5305
The Email Address Encoder WordPress plugin before 1.0.25, email-encoder-premium WordPress plugin before 0.3.12 does not properly handle email replacement, which could allow unauthenticated users to perform Stored XSS attacks
๐@cveNotify
The Email Address Encoder WordPress plugin before 1.0.25, email-encoder-premium WordPress plugin before 0.3.12 does not properly handle email replacement, which could allow unauthenticated users to perform Stored XSS attacks
๐@cveNotify
WPScan
Email Address Encoder (Free < 1.0.25, Premium < 0.3.12) - Unauthenticated Stored XSS
See details on Email Address Encoder (Free < 1.0.25, Premium < 0.3.12) - Unauthenticated Stored XSS CVE 2026-5305. View the latest Plugin Vulnerabilities on WPScan.
๐จ CVE-2026-9702
The InPost PL WordPress plugin before 1.9.1 does not verify that the request originates from the legitimate buyer before allowing the WooCommerce order parcel-locker destination to be updated, allowing unauthenticated attackers to silently redirect the shipping destination of any pending or processing order on the site.
๐@cveNotify
The InPost PL WordPress plugin before 1.9.1 does not verify that the request originates from the legitimate buyer before allowing the WooCommerce order parcel-locker destination to be updated, allowing unauthenticated attackers to silently redirect the shipping destination of any pending or processing order on the site.
๐@cveNotify
WPScan
InPost PL < 1.9.1 - Unauthenticated WooCommerce Order Parcel-Locker Hijacking
See details on InPost PL < 1.9.1 - Unauthenticated WooCommerce Order Parcel-Locker Hijacking CVE 2026-9702. View the latest Plugin Vulnerabilities on WPScan.
๐จ CVE-2026-12937
The Tourfic โ AI Powered Travel Booking, Hotel Booking & Car Rental WordPress Plugin plugin for WordPress is vulnerable to generic SQL Injection via the 'post_id' parameter in all versions up to, and including, 2.22.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. The AJAX handler is registered for unauthenticated users via wp_ajax_nopriv_tf_room_availability, and the required nonce is emitted on the public single-hotel page template, allowing unauthenticated attackers to freely obtain a valid nonce and reach the vulnerable code path.
๐@cveNotify
The Tourfic โ AI Powered Travel Booking, Hotel Booking & Car Rental WordPress Plugin plugin for WordPress is vulnerable to generic SQL Injection via the 'post_id' parameter in all versions up to, and including, 2.22.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. The AJAX handler is registered for unauthenticated users via wp_ajax_nopriv_tf_room_availability, and the required nonce is emitted on the public single-hotel page template, allowing unauthenticated attackers to freely obtain a valid nonce and reach the vulnerable code path.
๐@cveNotify
๐จ CVE-2026-56129
Generic IO & Memory Access driver for PCs provided by TOSHIBA CORPORATION and Dynabook Inc. exposes its IOCTL with insufficient access control. A logged-in user with no administrative privilege may access physical memory.
๐@cveNotify
Generic IO & Memory Access driver for PCs provided by TOSHIBA CORPORATION and Dynabook Inc. exposes its IOCTL with insufficient access control. A logged-in user with no administrative privilege may access physical memory.
๐@cveNotify
corporate.jp.sharp
่ฃฝๅใปใญใฅใชใใฃใขใใใคใถใช๏ฝ่ฃฝๅใปใญใฅใชใใฃ๏ผใทใฃใผใๆ ชๅผไผ็คพ
ใทใฃใผใๆ ชๅผไผ็คพใฎใซใผใฟใผ่ฃฝๅใซใใใใปใญใฅใชใใฃ่ๅผฑๆงใซ้ขใใใตใคใใงใใ
๐จ CVE-2026-41566
Improper Handling of Insufficient Permissions or Privileges vulnerability in Apache Kvrocks.
This issue affects Apache Kvrocks: 2.8.0.
Users are recommended to upgrade to version 2.16.0, which fixes the issue.
๐@cveNotify
Improper Handling of Insufficient Permissions or Privileges vulnerability in Apache Kvrocks.
This issue affects Apache Kvrocks: 2.8.0.
Users are recommended to upgrade to version 2.16.0, which fixes the issue.
๐@cveNotify
๐จ CVE-2026-45188
Relative Path Traversal vulnerability in Apache Kvrocks.
This issue affects Apache Kvrocks: from 1.0.0 through 2.15.0.
Users are recommended to upgrade to version 2.16.0, which fixes the issue.
๐@cveNotify
Relative Path Traversal vulnerability in Apache Kvrocks.
This issue affects Apache Kvrocks: from 1.0.0 through 2.15.0.
Users are recommended to upgrade to version 2.16.0, which fixes the issue.
๐@cveNotify
๐จ CVE-2026-46751
A vulnerability in Apache Kvrocks.
This issue affects Apache Kvrocks: from 2.2.0 through 2.15.0.
Users are recommended to upgrade to version 2.16.0, which fixes the issue.
๐@cveNotify
A vulnerability in Apache Kvrocks.
This issue affects Apache Kvrocks: from 2.2.0 through 2.15.0.
Users are recommended to upgrade to version 2.16.0, which fixes the issue.
๐@cveNotify
๐จ CVE-2026-54226
A vulnerability in Apache Kvrocks.
This issue affects Apache Kvrocks: from 2.6.0 through 2.15.0.
Users are recommended to upgrade to version 2.16.0, which fixes the issue.
๐@cveNotify
A vulnerability in Apache Kvrocks.
This issue affects Apache Kvrocks: from 2.6.0 through 2.15.0.
Users are recommended to upgrade to version 2.16.0, which fixes the issue.
๐@cveNotify
๐จ CVE-2026-56091
When using Apache Shiro with the shiro-guice module in a web servlet context, a specially crafted HTTP request may cause an authentication bypass.
This vulnerability is similar to https://www.cve.org/CVERecord?id=CVE-2020-1957 https://www.cve.org/CVERecord , except that it affects the `shiro-guice` module instead of the `shiro-spring` module.
This issue affects all Apache Shiro versions through 2.x, and 3.0.0-alpha-1 only when using `shiro-guice` module in a web servlet context.
Upgrade to version 3.0.0 or later, which fixes the issue.
๐@cveNotify
When using Apache Shiro with the shiro-guice module in a web servlet context, a specially crafted HTTP request may cause an authentication bypass.
This vulnerability is similar to https://www.cve.org/CVERecord?id=CVE-2020-1957 https://www.cve.org/CVERecord , except that it affects the `shiro-guice` module instead of the `shiro-spring` module.
This issue affects all Apache Shiro versions through 2.x, and 3.0.0-alpha-1 only when using `shiro-guice` module in a web servlet context.
Upgrade to version 3.0.0 or later, which fixes the issue.
๐@cveNotify
๐จ CVE-2026-56130
"Remember me" cookie age is not verified on the server. This potentially allows an attacker to intercept a valid cookie and reuse it indefinitely, even after the configured expiration time has passed.
This issue affects all Apache Shiro versions from 1.2.4 through 2.x, and 3.0.0-alpha-1, only when RememberMe functionality is enabled.
Upgrade to version 3.0.0 or later, which fixes the issue.
๐@cveNotify
"Remember me" cookie age is not verified on the server. This potentially allows an attacker to intercept a valid cookie and reuse it indefinitely, even after the configured expiration time has passed.
This issue affects all Apache Shiro versions from 1.2.4 through 2.x, and 3.0.0-alpha-1, only when RememberMe functionality is enabled.
Upgrade to version 3.0.0 or later, which fixes the issue.
๐@cveNotify
๐จ CVE-2026-42005
An attacker can send a web request that causes unlimited memory
allocation in the internal web server, leading to a denial of service.
The internal web server is disabled by default.
๐@cveNotify
An attacker can send a web request that causes unlimited memory
allocation in the internal web server, leading to a denial of service.
The internal web server is disabled by default.
๐@cveNotify
๐จ CVE-2026-33612
A malicious authoritative server can send a crafted zone via the ZoneToCache function that leads to cache poisoning.
๐@cveNotify
A malicious authoritative server can send a crafted zone via the ZoneToCache function that leads to cache poisoning.
๐@cveNotify
๐จ CVE-2026-40011
An attacker sending a large number of crafted DNS queries might be able to trigger a dynamic block being inserted with a value causing invalid output to be produced in the prometheus endpoint. The prometheus endpoint will then be rejected by the scraper until the dynamic block expires.
๐@cveNotify
An attacker sending a large number of crafted DNS queries might be able to trigger a dynamic block being inserted with a value causing invalid output to be produced in the prometheus endpoint. The prometheus endpoint will then be rejected by the scraper until the dynamic block expires.
๐@cveNotify
๐จ CVE-2026-40208
An attacker might be able to delay the processing of DoH3 queries by sending DoH3 GET queries with an invalid DATA frame.
๐@cveNotify
An attacker might be able to delay the processing of DoH3 queries by sending DoH3 GET queries with an invalid DATA frame.
๐@cveNotify
๐จ CVE-2026-40211
An attacker can send crafted DNS over HTTP/3 queries, triggering an exception that prevents some buffer from being freed right away. The buffer will be freed at the end of the QUIC connection, but on some setups it might be possible to open enough concurrent DoH3 streams to trigger an out-of-memory condition, resulting in a denial of service.
๐@cveNotify
An attacker can send crafted DNS over HTTP/3 queries, triggering an exception that prevents some buffer from being freed right away. The buffer will be freed at the end of the QUIC connection, but on some setups it might be possible to open enough concurrent DoH3 streams to trigger an out-of-memory condition, resulting in a denial of service.
๐@cveNotify
๐จ CVE-2026-42004
An attacker can send a crafted EDNS OPT record that will be ignored by DNSdistโs filtering rules, but will be rewritten as a valid OPT record when EDNS Client Subnet is inserted, causing the backend to see the EDNS option(s) that DNSdist did not filter.
๐@cveNotify
An attacker can send a crafted EDNS OPT record that will be ignored by DNSdistโs filtering rules, but will be rewritten as a valid OPT record when EDNS Client Subnet is inserted, causing the backend to see the EDNS option(s) that DNSdist did not filter.
๐@cveNotify
๐จ CVE-2026-12755
Improper input validation in the PAM AD discovery endpoints in
Devolutions Server 2026.2.4.0 through 2026.2.7.0 allows an authenticated
user with the UserGroupsView permission to coerce server-side
authentication to an attacker-controlled host, exposing PAM provider
credentials as a NTLMv2 challenge-response, via a crafted DomainName
parameter.
๐@cveNotify
Improper input validation in the PAM AD discovery endpoints in
Devolutions Server 2026.2.4.0 through 2026.2.7.0 allows an authenticated
user with the UserGroupsView permission to coerce server-side
authentication to an attacker-controlled host, exposing PAM provider
credentials as a NTLMv2 challenge-response, via a crafted DomainName
parameter.
๐@cveNotify
Devolutions
advisories
Stay informed with Devolutions' latest security advisories on vulnerabilities, threats, and incident responses to enhance your cybersecurity posture.
๐จ CVE-2026-27366
Unauthenticated Broken Access Control in MainWP Child <= 6.1.1 versions.
๐@cveNotify
Unauthenticated Broken Access Control in MainWP Child <= 6.1.1 versions.
๐@cveNotify
Patchstack
Broken Access Control in WordPress MainWP Child Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
๐จ CVE-2026-2815
Incorrect use of the PUF key for user key generation in EFR32xG27 results in predictable keys
๐@cveNotify
Incorrect use of the PUF key for user key generation in EFR32xG27 results in predictable keys
๐@cveNotify
GitHub
GitHub - SiliconLabsSoftware/sisdk-release: Simplicity GA release repo
Simplicity GA release repo. Contribute to SiliconLabsSoftware/sisdk-release development by creating an account on GitHub.
๐จ CVE-2026-40012
ECS zero scoped answers are stored in the packet cache while they should not. This impacts only configurations that have ECS enabled;
๐@cveNotify
ECS zero scoped answers are stored in the packet cache while they should not. This impacts only configurations that have ECS enabled;
๐@cveNotify