π¨ CVE-2026-57332
Subscriber Broken Access Control in Wallet System for WooCommerce <= 2.7.6 versions.
π@cveNotify
Subscriber Broken Access Control in Wallet System for WooCommerce <= 2.7.6 versions.
π@cveNotify
Patchstack
Broken Access Control in WordPress Wallet System for WooCommerce Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
π¨ CVE-2026-57333
Unauthenticated Cross Site Scripting (XSS) in Link Whisper Free <= 0.9.4 versions.
π@cveNotify
Unauthenticated Cross Site Scripting (XSS) in Link Whisper Free <= 0.9.4 versions.
π@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress Link Whisper Free Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
π¨ CVE-2026-57334
Unauthenticated Broken Access Control in WP User Frontend <= 4.3.7 versions.
π@cveNotify
Unauthenticated Broken Access Control in WP User Frontend <= 4.3.7 versions.
π@cveNotify
Patchstack
Broken Access Control in WordPress WP User Frontend Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
π¨ CVE-2026-57335
Subscriber Broken Access Control in Ads by WPQuads <= 3.0.3 versions.
π@cveNotify
Subscriber Broken Access Control in Ads by WPQuads <= 3.0.3 versions.
π@cveNotify
Patchstack
Broken Access Control in WordPress Ads by WPQuads Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
π¨ CVE-2026-57336
Unauthenticated Cross Site Scripting (XSS) in Jobify <= 4.3.2 versions.
π@cveNotify
Unauthenticated Cross Site Scripting (XSS) in Jobify <= 4.3.2 versions.
π@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress Jobify Theme
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
π¨ CVE-2026-57337
Unauthenticated Cross Site Scripting (XSS) in Landing Page Builder <= 1.5.3.5 versions.
π@cveNotify
Unauthenticated Cross Site Scripting (XSS) in Landing Page Builder <= 1.5.3.5 versions.
π@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress Landing Page Builder Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
π¨ CVE-2026-57338
Unauthenticated Cross Site Scripting (XSS) in ARForms <= 7.1.2 versions.
π@cveNotify
Unauthenticated Cross Site Scripting (XSS) in ARForms <= 7.1.2 versions.
π@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress ARForms Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
π₯1
π¨ CVE-2026-57339
Unauthenticated Broken Access Control in Business Directory <= 6.4.23 versions.
π@cveNotify
Unauthenticated Broken Access Control in Business Directory <= 6.4.23 versions.
π@cveNotify
Patchstack
Broken Access Control in WordPress Business Directory Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
π₯1
π¨ CVE-2026-57340
Unauthenticated Broken Access Control in Japanized For WooCommerce <= 2.9.12 versions.
π@cveNotify
Unauthenticated Broken Access Control in Japanized For WooCommerce <= 2.9.12 versions.
π@cveNotify
Patchstack
Broken Access Control in WordPress Japanized For WooCommerce Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
π¨ CVE-2026-57341
Unauthenticated Insecure Direct Object References (IDOR) in Colissimo Officiel : MΓ©thodes de livraison pour WooCommerce <= 2.9.0 versions.
π@cveNotify
Unauthenticated Insecure Direct Object References (IDOR) in Colissimo Officiel : MΓ©thodes de livraison pour WooCommerce <= 2.9.0 versions.
π@cveNotify
Patchstack
Insecure Direct Object References (IDOR) in WordPress Colissimo Officiel : MΓ©thodes de livraison pour WooCommerce Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
π1
π¨ CVE-2025-30398
Missing authorization in Nuance PowerScribe allows an unauthorized attacker to disclose information over a network.
π@cveNotify
Missing authorization in Nuance PowerScribe allows an unauthorized attacker to disclose information over a network.
π@cveNotify
π¨ CVE-2026-33555
An issue was discovered in HAProxy before 3.3.6. The HTTP/3 parser does not check that the received body length matches a previously announced content-length when the stream is closed via a frame with an empty payload. This can cause desynchronization issues with the backend server and could be used for request smuggling. The earliest affected version is 2.6.
π@cveNotify
An issue was discovered in HAProxy before 3.3.6. The HTTP/3 parser does not check that the received body length matches a previously announced content-length when the stream is closed via a frame with an empty payload. This can cause desynchronization issues with the backend server and could be used for request smuggling. The earliest affected version is 2.6.
π@cveNotify
GitHub
BUG/MAJOR: h3: check body size with content-length on empty FIN Β· haproxy/haproxy@05a2954
In QUIC, a STREAM frame may be received with no data but with FIN bit
set. This situation is tedious to handle and haproxy parsing code has
changed several times to deal with this situation. Now, H...
set. This situation is tedious to handle and haproxy parsing code has
changed several times to deal with this situation. Now, H...
π¨ CVE-2026-20186
A vulnerability in Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have at least Read Only Admin credentials.
This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to obtain user-level access to the underlying operating system and then elevate privileges to root. In single-node ISE deployments, successful exploitation of these vulnerabilities could cause the affected ISE node to become unavailable, resulting in a denial of service (DoS) condition. In that condition, endpoints that have not already authenticated would be unable to access the network until the node is restored.
π@cveNotify
A vulnerability in Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have at least Read Only Admin credentials.
This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to obtain user-level access to the underlying operating system and then elevate privileges to root. In single-node ISE deployments, successful exploitation of these vulnerabilities could cause the affected ISE node to become unavailable, resulting in a denial of service (DoS) condition. In that condition, endpoints that have not already authenticated would be unable to access the network until the node is restored.
π@cveNotify
Cisco
Cisco Security Advisory: Cisco Identity Services Engine Remote Code Execution Vulnerabilities
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit these vulnerabilities, the attacker must haveβ¦
π¨ CVE-2026-20195
A vulnerability in an identity management API endpoint of Cisco ISE could allow an unauthenticated, remote attacker to enumerate valid user accounts on an affected device.
This vulnerability exists because error messages are observed when the affected API endpoint is called. An attacker could exploit this vulnerability by sending a series of crafted requests to the affected endpoint and analyzing the differentiated responses. A successful exploit could allow the attacker to compile a list of valid usernames on an affected system.
π@cveNotify
A vulnerability in an identity management API endpoint of Cisco ISE could allow an unauthenticated, remote attacker to enumerate valid user accounts on an affected device.
This vulnerability exists because error messages are observed when the affected API endpoint is called. An attacker could exploit this vulnerability by sending a series of crafted requests to the affected endpoint and analyzing the differentiated responses. A successful exploit could allow the attacker to compile a list of valid usernames on an affected system.
π@cveNotify
Cisco
Cisco Security Advisory: Cisco Identity Services Engine Authentication Bypass Vulnerabilities
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow a remote attacker to bypass authorization mechanisms or examine error messages to gain access to sensitive information on an affected device.
For more information about these vulnerabilitiesβ¦
For more information about these vulnerabilitiesβ¦
π¨ CVE-2026-40698
A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker with at least the Resource Administrator role can create SNMP configuration objects through iControl REST or the TMOS shell (tmsh) resulting in privilege escalation. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
π@cveNotify
A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker with at least the Resource Administrator role can create SNMP configuration objects through iControl REST or the TMOS shell (tmsh) resulting in privilege escalation. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
π@cveNotify
F5
iControl REST and tmsh vulnerability CVE-2026-40698
Security Advisory Description A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker with at least the Resource Administrator role can create SNMP configuration objects through iControl REST or the TMOS shellβ¦
π¨ CVE-2026-54029
LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the DELETE /api/messages/:conversationId/:messageId endpoint allows any authenticated user to delete any other user's messages. The validateMessageReq middleware only validates that the conversationId belongs to the requesting user, but the handler calls deleteMessages({ messageId }) using only the messageId as the MongoDB filter β without adding a user constraint. An attacker provides their own valid conversationId (to pass validation) and the victim's messageId (to target deletion), resulting in permanent, irrecoverable message deletion. This vulnerability is fixed in 0.8.4-rc1.
π@cveNotify
LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the DELETE /api/messages/:conversationId/:messageId endpoint allows any authenticated user to delete any other user's messages. The validateMessageReq middleware only validates that the conversationId belongs to the requesting user, but the handler calls deleteMessages({ messageId }) using only the messageId as the MongoDB filter β without adding a user constraint. An attacker provides their own valid conversationId (to pass validation) and the victim's messageId (to target deletion), resulting in permanent, irrecoverable message deletion. This vulnerability is fixed in 0.8.4-rc1.
π@cveNotify
GitHub
IDOR in Message Deletion β Incomplete Fix for CVE-2024-41703 Leaves deleteMessages() Without User Filter
### Summary
The `DELETE /api/messages/:conversationId/:messageId` endpoint allows any authenticated user to delete any other user's messages. The `validateMessageReq` middleware only validates...
The `DELETE /api/messages/:conversationId/:messageId` endpoint allows any authenticated user to delete any other user's messages. The `validateMessageReq` middleware only validates...
π¨ CVE-2026-54033
LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, LibreChat allows users to configure custom OpenAI-compatible API endpoints by setting a baseURL. This URL is used to construct HTTP requests without any SSRF validation β no private IP check, no scheme restriction, no DNS pinning. An authenticated user can set baseURL to internal network addresses. This vulnerability is fixed in 0.8.4-rc1.
π@cveNotify
LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, LibreChat allows users to configure custom OpenAI-compatible API endpoints by setting a baseURL. This URL is used to construct HTTP requests without any SSRF validation β no private IP check, no scheme restriction, no DNS pinning. An authenticated user can set baseURL to internal network addresses. This vulnerability is fixed in 0.8.4-rc1.
π@cveNotify
GitHub
SSRF via User-Provided Custom Endpoint baseURL β no private IP validation on user-configured API base URLs
## Summary
LibreChat allows users to configure custom OpenAI-compatible API endpoints by setting a `baseURL`. This URL is used to construct HTTP requests without any SSRF validation β no private...
LibreChat allows users to configure custom OpenAI-compatible API endpoints by setting a `baseURL`. This URL is used to construct HTTP requests without any SSRF validation β no private...
π¨ CVE-2024-21490
This affects versions of the package angular from 1.3.0; versions of the package angularjs from 1.3.0. A regular expression used to split the value of the ng-srcset directive is vulnerable to super-linear runtime due to backtracking. With large carefully-crafted input, this can result in catastrophic backtracking and cause a denial of service. **Note:**This package is EOL and will not receive any updates to address this issue. Users should migrate to [@angular/core](https://www.npmjs.com/package/@angular/core).
π@cveNotify
This affects versions of the package angular from 1.3.0; versions of the package angularjs from 1.3.0. A regular expression used to split the value of the ng-srcset directive is vulnerable to super-linear runtime due to backtracking. With large carefully-crafted input, this can result in catastrophic backtracking and cause a denial of service. **Note:**This package is EOL and will not receive any updates to address this issue. Users should migrate to [@angular/core](https://www.npmjs.com/package/@angular/core).
π@cveNotify
Learn more about NuGet with Snyk Open Source Vulnerability Database
Regular Expression Denial of Service (ReDoS) in angularjs | CVE-2024-21490 | Snyk
High severity (7.5) Regular Expression Denial of Service (ReDoS) in angularjs | CVE-2024-21490
π¨ CVE-2026-6951
Versions of the package simple-git before 3.36.0 are vulnerable to Remote Code Execution (RCE) due to an incomplete fix for [CVE-2022-25912](https://security.snyk.io/vuln/SNYK-JS-SIMPLEGIT-3112221) that blocks the -c option but not the equivalent --config form. If untrusted input can reach the options argument passed to simple-git, an attacker may still achieve remote code execution by enabling protocol.ext.allow=always and using an ext:: clone source.
π@cveNotify
Versions of the package simple-git before 3.36.0 are vulnerable to Remote Code Execution (RCE) due to an incomplete fix for [CVE-2022-25912](https://security.snyk.io/vuln/SNYK-JS-SIMPLEGIT-3112221) that blocks the -c option but not the equivalent --config form. If untrusted input can reach the options argument passed to simple-git, an attacker may still achieve remote code execution by enabling protocol.ext.allow=always and using an ext:: clone source.
π@cveNotify
Gist
Remote Code Execution (RCE) in simple-git
Remote Code Execution (RCE) in simple-git. GitHub Gist: instantly share code, notes, and snippets.
π¨ CVE-2026-53550
js-yaml is a JavaScript YAML parser and dumper. Prior to 4.2.0 and 3.15.0, a crafted YAML document can trigger algorithmic CPU exhaustion in js-yaml merge-key processing (<<) by repeating the same alias many times in a merge sequence. This causes quadratic parse-time behavior relative to input size and can block a Node.js worker/event loop for seconds with a relatively small payload (tens of KB), resulting in denial of service. The issue is in merge handling inside lib/loader.js. This vulnerability is fixed in 4.2.0 and 3.15.0.
π@cveNotify
js-yaml is a JavaScript YAML parser and dumper. Prior to 4.2.0 and 3.15.0, a crafted YAML document can trigger algorithmic CPU exhaustion in js-yaml merge-key processing (<<) by repeating the same alias many times in a merge sequence. This causes quadratic parse-time behavior relative to input size and can block a Node.js worker/event loop for seconds with a relatively small payload (tens of KB), resulting in denial of service. The issue is in merge handling inside lib/loader.js. This vulnerability is fixed in 4.2.0 and 3.15.0.
π@cveNotify
GitHub
Quadratic-complexity DoS in merge key handling via repeated aliases
### Summary
A crafted YAML document can trigger algorithmic CPU exhaustion in `js-yaml` merge-key processing (`<<`) by repeating the same alias many times in a merge sequence.
This causes...
A crafted YAML document can trigger algorithmic CPU exhaustion in `js-yaml` merge-key processing (`<<`) by repeating the same alias many times in a merge sequence.
This causes...
π¨ CVE-2026-12164
Fortra File Integrity Monitoring (FIM), formerly Tripwire Enterprise, versions prior to 9.4.0 may assign incorrect or elevated effective permissions to users created by the tetool import command while FIM is running, particularly when the import also creates or changes roles or role-permission relationships.
π@cveNotify
Fortra File Integrity Monitoring (FIM), formerly Tripwire Enterprise, versions prior to 9.4.0 may assign incorrect or elevated effective permissions to users created by the tetool import command while FIM is running, particularly when the import also creates or changes roles or role-permission relationships.
π@cveNotify