๐จ CVE-2026-30460
Daylight Studio FuelCMS v1.5.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability in the Blocks module.
๐@cveNotify
Daylight Studio FuelCMS v1.5.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability in the Blocks module.
๐@cveNotify
Getfuelcms
FUEL CMS - A CodeIgniter Content Management System
FUEL CMS is a CodeIgniter-based, easy to use Content Management System.
๐จ CVE-2025-69515
An issue in JXL 9 Inch Car Android Double Din Player Android v12.0 allows attackers to force the infotainment system into accepting falsified GPS signals as legitimate, resulting in the device reporting an incorrect or static location.
๐@cveNotify
An issue in JXL 9 Inch Car Android Double Din Player Android v12.0 allows attackers to force the infotainment system into accepting falsified GPS signals as legitimate, resulting in the device reporting an incorrect or static location.
๐@cveNotify
GitHub
JXL_Infotainment_CVE-2025-69515/README.md at main ยท thorat-shubham/JXL_Infotainment_CVE-2025-69515
Contribute to thorat-shubham/JXL_Infotainment_CVE-2025-69515 development by creating an account on GitHub.
๐จ CVE-2026-31017
A Server-Side Request Forgery (SSRF) vulnerability exists in the Print Format functionality of ERPNext v16.0.1 and Frappe Framework v16.1.1, where user-supplied HTML is insufficiently sanitized before being rendered into PDF. When generating PDFs from user-controlled HTML content, the application allows the inclusion of HTML elements such as <iframe> that reference external resources. The PDF rendering engine automatically fetches these resources on the server side. An attacker can abuse this behavior to force the server to make arbitrary HTTP requests to internal services, including cloud metadata endpoints, potentially leading to sensitive information disclosure.
๐@cveNotify
A Server-Side Request Forgery (SSRF) vulnerability exists in the Print Format functionality of ERPNext v16.0.1 and Frappe Framework v16.1.1, where user-supplied HTML is insufficiently sanitized before being rendered into PDF. When generating PDFs from user-controlled HTML content, the application allows the inclusion of HTML elements such as <iframe> that reference external resources. The PDF rendering engine automatically fetches these resources on the server side. An attacker can abuse this behavior to force the server to make arbitrary HTTP requests to internal services, including cloud metadata endpoints, potentially leading to sensitive information disclosure.
๐@cveNotify
GitHub
CVE/CVE-2026-31017 at main ยท PhDg1410/CVE
Contribute to PhDg1410/CVE development by creating an account on GitHub.
๐จ CVE-2025-70365
A stored cross-site scripting (XSS) vulnerability exists in Kiamo before 8.4 due to improper output encoding of user-supplied input in administrative interfaces. An authenticated administrative user can inject arbitrary JavaScript code that is executed in the browser of users viewing the affected pages. NOTE: the Supplier's position is that a fix for this had already been released for the 8.3.1 branch before the CVE Record was published.
๐@cveNotify
A stored cross-site scripting (XSS) vulnerability exists in Kiamo before 8.4 due to improper output encoding of user-supplied input in administrative interfaces. An authenticated administrative user can inject arbitrary JavaScript code that is executed in the browser of users viewing the affected pages. NOTE: the Supplier's position is that a fix for this had already been released for the 8.3.1 branch before the CVE Record was published.
๐@cveNotify
GitHub
blog.hackvens.fr/_posts/advisories/2025-12-23-CVE-2025-70365-Kiamo.md at main ยท hackvens/blog.hackvens.fr
Le blog hackvens . Contribute to hackvens/blog.hackvens.fr development by creating an account on GitHub.
๐จ CVE-2025-63743
Cross-Site Scripting vulnerability in the Snipe-IT web-based asset management system v8.3.0 to up and including v8.3.1 allows authenticated attacker with lowest privileges sufficient only to log in, to inject arbitrary JavaScript code via "Name" and "Surname" fields. The JavaScript code is executed whenever "Activity Report" or modified profile is viewed directly by any user with sufficient permissions. Successful exploitation of this issue requires that the profile's "Display Name" is not set. The vulnerability is fixed in v8.3.2.
๐@cveNotify
Cross-Site Scripting vulnerability in the Snipe-IT web-based asset management system v8.3.0 to up and including v8.3.1 allows authenticated attacker with lowest privileges sufficient only to log in, to inject arbitrary JavaScript code via "Name" and "Surname" fields. The JavaScript code is executed whenever "Activity Report" or modified profile is viewed directly by any user with sufficient permissions. Successful exploitation of this issue requires that the profile's "Display Name" is not set. The vulnerability is fixed in v8.3.2.
๐@cveNotify
Snipeitapp
Home - Snipe-IT Open Source IT Asset Management
Snipe-IT is a free, open source IT asset management system that helps you manage assets, software licenses, accessories, components and consumables within your organization.
๐จ CVE-2025-61260
A vulnerability was identified in OpenAI Codex CLI v0.23.0 and before that enables code execution through malicious MCP (Model Context Protocol) configuration files. The attack is triggered when a user runs the codex command inside a malicious or compromised repository. Codex automatically loads project-local .env and .codex/config.toml files without requiring user confirmation, allowing attackers to embed arbitrary commands that execute immediately.
๐@cveNotify
A vulnerability was identified in OpenAI Codex CLI v0.23.0 and before that enables code execution through malicious MCP (Model Context Protocol) configuration files. The attack is triggered when a user runs the codex command inside a malicious or compromised repository. Codex automatically loads project-local .env and .codex/config.toml files without requiring user confirmation, allowing attackers to embed arbitrary commands that execute immediately.
๐@cveNotify
๐จ CVE-2025-69893
A side-channel vulnerability exists in the implementation of BIP-39 mnemonic processing, as observed in Trezor One v1.13.0 to v1.14.0, Trezor T v1.13.0 to v1.14.0, and Trezor Safe v1.13.0 to v1.14.0 hardware wallets. This originates from the BIP-39 standard guidelines, which induce non-constant time execution and specific branch patterns for word searching. An attacker with physical access during the initial setup phase can collect a single side-channel trace. By utilizing profiling-based Deep Learning Side-Channel Analysis (DL-SCA), the attacker can recover the mnemonic code and subsequently steal the assets. The issue was patched.
๐@cveNotify
A side-channel vulnerability exists in the implementation of BIP-39 mnemonic processing, as observed in Trezor One v1.13.0 to v1.14.0, Trezor T v1.13.0 to v1.14.0, and Trezor Safe v1.13.0 to v1.14.0 hardware wallets. This originates from the BIP-39 standard guidelines, which induce non-constant time execution and specific branch patterns for word searching. An attacker with physical access during the initial setup phase can collect a single side-channel trace. By utilizing profiling-based Deep Learning Side-Channel Analysis (DL-SCA), the attacker can recover the mnemonic code and subsequently steal the assets. The issue was patched.
๐@cveNotify
trezor.io
Fix side-channel in BIP-39 mnemonic processing when unlocked
๐จ CVE-2026-30461
Daylight Studio FuelCMS v1.5.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the /controllers/Installer.php and the function add_git_submodule.
๐@cveNotify
Daylight Studio FuelCMS v1.5.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the /controllers/Installer.php and the function add_git_submodule.
๐@cveNotify
Getfuelcms
FUEL CMS - A CodeIgniter Content Management System
FUEL CMS is a CodeIgniter-based, easy to use Content Management System.
๐จ CVE-2026-30459
An issue in the Forgot Password feature of Daylight Studio FuelCMS v1.5.2 allows unauthenticated attackers to obtain the password reset token of a victim user via a crafted link placed in a valid e-mail message.
๐@cveNotify
An issue in the Forgot Password feature of Daylight Studio FuelCMS v1.5.2 allows unauthenticated attackers to obtain the password reset token of a victim user via a crafted link placed in a valid e-mail message.
๐@cveNotify
Getfuelcms
FUEL CMS - A CodeIgniter Content Management System
FUEL CMS is a CodeIgniter-based, easy to use Content Management System.
๐จ CVE-2026-30266
Insecure Permissions vulnerability in DeepCool DeepCreative v.1.2.12 and before allows a local attacker to execute arbitrary code via a crafted file
๐@cveNotify
Insecure Permissions vulnerability in DeepCool DeepCreative v.1.2.12 and before allows a local attacker to execute arbitrary code via a crafted file
๐@cveNotify
๐จ CVE-2026-31018
In Dolibarr ERP & CRM <= 22.0.4, PHP code detection and editing permission enforcement in the Website module is not applied consistently to all input parameters, allowing an authenticated user restricted to HTML/JavaScript editing to inject PHP code through unprotected inputs during website page creation.
๐@cveNotify
In Dolibarr ERP & CRM <= 22.0.4, PHP code detection and editing permission enforcement in the Website module is not applied consistently to all input parameters, allowing an authenticated user restricted to HTML/JavaScript editing to inject PHP code through unprotected inputs during website page creation.
๐@cveNotify
GitHub
CVE/CVE-2026-31018/README.md at main ยท PhDg1410/CVE
Contribute to PhDg1410/CVE development by creating an account on GitHub.
๐จ CVE-2026-31019
In the Website module of Dolibarr ERP & CRM 22.0.4 and below, the application uses blacklist-based filtering to restrict dangerous PHP functions related to system command execution. An authenticated user with permission to edit PHP content can bypass this filtering, resulting in full remote code execution with the ability to execute arbitrary operating system commands on the server.
๐@cveNotify
In the Website module of Dolibarr ERP & CRM 22.0.4 and below, the application uses blacklist-based filtering to restrict dangerous PHP functions related to system command execution. An authenticated user with permission to edit PHP content can bypass this filtering, resulting in full remote code execution with the ability to execute arbitrary operating system commands on the server.
๐@cveNotify
GitHub
CVE/CVE-2026-31019/README.md at main ยท PhDg1410/CVE
Contribute to PhDg1410/CVE development by creating an account on GitHub.
๐จ CVE-2026-30352
A remote code execution (RCE) vulnerability in the /devserver/start endpoint of leonvanzyl autocoder commit 79d02a allows attackers to execute arbitrary code via providing a crafted command parameter.
๐@cveNotify
A remote code execution (RCE) vulnerability in the /devserver/start endpoint of leonvanzyl autocoder commit 79d02a allows attackers to execute arbitrary code via providing a crafted command parameter.
๐@cveNotify
Leonvanzyl
Leon van Zyl โ AI Engineer
AI Engineer building autonomous systems and agentic coding workflows. Creator of tools and tutorials for the AI agent ecosystem.
๐จ CVE-2026-30462
A path traversal vulnerability in the Blocks module of Daylight Studio FuelCMS v1.5.2 allows attackers to execute a directory traversal.
๐@cveNotify
A path traversal vulnerability in the Blocks module of Daylight Studio FuelCMS v1.5.2 allows attackers to execute a directory traversal.
๐@cveNotify
Getfuelcms
FUEL CMS - A CodeIgniter Content Management System
FUEL CMS is a CodeIgniter-based, easy to use Content Management System.
๐จ CVE-2026-38934
Cross Site Request Forgery vulnerability in diskoverdata diskover-community v.2.3.5. and before allows a remote attacker to escalate privileges and obtain sensitive information via the public/settings_process.php
๐@cveNotify
Cross Site Request Forgery vulnerability in diskoverdata diskover-community v.2.3.5. and before allows a remote attacker to escalate privileges and obtain sensitive information via the public/settings_process.php
๐@cveNotify
Diskoverdata
HOME
Diskover is the unstructured data management platform that unifies storage, cuts costs, boosts visibility, and delivers AI-ready datasets for analytics.
๐จ CVE-2026-38935
A reflected cross-site scripting (XSS) vulnerability exists in diskover-community <= 2.3.5 in public/view.php via the doctype parameter
๐@cveNotify
A reflected cross-site scripting (XSS) vulnerability exists in diskover-community <= 2.3.5 in public/view.php via the doctype parameter
๐@cveNotify
Diskoverdata
HOME
Diskover is the unstructured data management platform that unifies storage, cuts costs, boosts visibility, and delivers AI-ready datasets for analytics.
๐จ CVE-2026-38936
A reflected cross-site scripting (XSS) vulnerability exists in diskover-community <= 2.3.5 in public/selectindices.php via the namecontains parameter
๐@cveNotify
A reflected cross-site scripting (XSS) vulnerability exists in diskover-community <= 2.3.5 in public/selectindices.php via the namecontains parameter
๐@cveNotify
Diskoverdata
HOME
Diskover is the unstructured data management platform that unifies storage, cuts costs, boosts visibility, and delivers AI-ready datasets for analytics.
๐จ CVE-2025-60887
An issue was discovered in Cista v0.15 and below. Insecure deserialization of untrusted input under certain conditions may lead to leaking of stack/heap addresses which may be used to bypass ASLR. Classes with pointer-like mechanics under the cista::raw namespace are prone to reference tampering, where Cista does not perform sufficient checks to safeguard against self-referencing pointers and referencing other data within the payload. The leak occurs if the deserialized values are observable by the attacker.
๐@cveNotify
An issue was discovered in Cista v0.15 and below. Insecure deserialization of untrusted input under certain conditions may lead to leaking of stack/heap addresses which may be used to bypass ASLR. Classes with pointer-like mechanics under the cista::raw namespace are prone to reference tampering, where Cista does not perform sufficient checks to safeguard against self-referencing pointers and referencing other data within the payload. The leak occurs if the deserialized values are observable by the attacker.
๐@cveNotify
Gist
cvd_cista_20250827.md
GitHub Gist: instantly share code, notes, and snippets.
๐จ CVE-2025-60889
Insecure deserialization of untrusted input in StellarGroup HPX 1.11.0 under certain conditions may allow attackers to execute arbitrary code or other unspecified impacts.
๐@cveNotify
Insecure deserialization of untrusted input in StellarGroup HPX 1.11.0 under certain conditions may allow attackers to execute arbitrary code or other unspecified impacts.
๐@cveNotify
๐จ CVE-2026-36956
A Cross-Site Request Forgery (CSRF) vulnerability exists in the web management interface of the Dbit N300 T1 Pro wireless router V1.0.0. The router fails to implement proper CSRF protection mechanisms such as anti-CSRF tokens or strict Origin/Referer validation for administrative API endpoints. An attacker can craft a malicious webpage that sends forged HTTP requests to configuration endpoints such as /api/setWlan. If an authenticated administrator visits the malicious webpage, the victim's browser automatically includes the valid session cookie in the request, allowing the router to process the request as a legitimate administrative action.
๐@cveNotify
A Cross-Site Request Forgery (CSRF) vulnerability exists in the web management interface of the Dbit N300 T1 Pro wireless router V1.0.0. The router fails to implement proper CSRF protection mechanisms such as anti-CSRF tokens or strict Origin/Referer validation for administrative API endpoints. An attacker can craft a malicious webpage that sends forged HTTP requests to configuration endpoints such as /api/setWlan. If an authenticated administrator visits the malicious webpage, the victim's browser automatically includes the valid session cookie in the request, allowing the router to process the request as a legitimate administrative action.
๐@cveNotify
GitHub
GitHub - kirubel-cve/CVE-2026-36956
Contribute to kirubel-cve/CVE-2026-36956 development by creating an account on GitHub.
๐จ CVE-2026-36957
Dbit N300 T1 Pro Easy Setup Wireless Wi-Fi Router V1.0.0 is vulnerable to Denial of Service via the boa web server URI handler. By initiating a high-volume flood of HTTP GET requests to non-existent URIs, an attacker can exhaust critical system resources, including file descriptors and memory buffers. This results in a kernel deadlock or system hang that disables the web management portal and all routing capabilities.
๐@cveNotify
Dbit N300 T1 Pro Easy Setup Wireless Wi-Fi Router V1.0.0 is vulnerable to Denial of Service via the boa web server URI handler. By initiating a high-volume flood of HTTP GET requests to non-existent URIs, an attacker can exhaust critical system resources, including file descriptors and memory buffers. This results in a kernel deadlock or system hang that disables the web management portal and all routing capabilities.
๐@cveNotify
GitHub
GitHub - kirubel-cve/CVE-2026-36957
Contribute to kirubel-cve/CVE-2026-36957 development by creating an account on GitHub.