Critical vulnerabilities, curated daily for security professionals
See how vulnerabilities affect your specific environment
CRS uses the System Security Context Vector (SSCV) Framework v1.0 to adjust CVSS scores based on your system's exposure level, network position, and business criticality. Learn more about SSCV Framework
Today's curated brief highlights 16 critical vulnerabilities and 95 high-priority updates requiring immediate attention.
Drupal Core SQL Injection Vulnerability - Active in CISA KEV catalog.
LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation (possibly to root), as exploited in the wild in May 2026. Detection is best done via a command line of grep -rE "cpanel_jsonapi_func=redisAble" /var/cpanel/logs /usr/local/cpanel/logs/ 2>/dev/null in Bash. If you get no output, you have not been hit with exploitation of the vulnerability. If there is output, we recommend you examine the IP addresses in the list, determine if they are valid IP addresses, and if not, block them. To determine damage done, examine the system logs for use by the detected IP addresses. The issue is related to mishandling of Redis enable/disable features. The recommended minimum version is 2.4.7.
Microsoft Windows Buffer Overflow Vulnerability - Active in CISA KEV catalog.
Microsoft DirectX NULL Byte Overwrite Vulnerability - Active in CISA KEV catalog.
Adobe Acrobat and Reader Heap-Based Buffer Overflow Vulnerability - Active in CISA KEV catalog.
Microsoft Internet Explorer Use-After-Free Vulnerability - Active in CISA KEV catalog.
Microsoft Internet Explorer Use-After-Free Vulnerability - Active in CISA KEV catalog.
Microsoft Defender Link Following Vulnerability - Active in CISA KEV catalog.
Microsoft Defender Denial of Service Vulnerability - Active in CISA KEV catalog.
Langflow Origin Validation Error Vulnerability - Active in CISA KEV catalog.
Trend Micro Apex One (On-Premise) Directory Traversal Vulnerability - Active in CISA KEV catalog.
Twenty CRM is vulnerable to RCE via chained SQL injection and PostgreSQL COPY TO PROGRAM attacks in the REST API.
Mirasvit Full Page Cache Warmer for Magento 2 contains a PHP object injection vulnerability allowing unauthenticated RCE via the CacheWarmer cookie.
A mitigation bypass vulnerability in Delta Electronics DIAView V4.4 allows unauthenticated remote attackers to access configured databases.
The WordPress "Login with OTP" plugin is vulnerable to authentication bypass via brute-forcing of the 6-digit OTP, which lacks expiration and rate-limiting on the validation branch.
FastNetMon Community Edition contains an off-by-one heap-based buffer overflow in its `dynamic_binary_buffer_t` class, allowing potential RCE.
IBM Web Server Plug-ins for WebSphere Application Server and Liberty are vulnerable to remote code execution and HTTP request smuggling via specially crafted requests.
IBM Engineering Lifecycle Management allows unauthenticated remote attackers to update server property files, potentially resulting in unauthorized access.
A vulnerability in the Lumiverse AI chat application allows authenticated users to achieve arbitrary OS-level code execution via the MCP server creation endpoint.
The Totolink N300RH web management interface contains an OS command injection vulnerability in the `setPasswordCfg` function.
Eppendorf BioFlo 320 is vulnerable to unauthorized access via a hard-coded password in the VNC server.
FastNetMon Community Edition is vulnerable to a stack-based buffer overflow in the BGP NLRI decoder, potentially allowing RCE.
An improper access check in the Joomla CMS `com_users` batch task allows for privilege escalation.
Joomla CMS contains an improper access check in the `com_users` batch task, allowing for privilege escalation.
A flaw in KubeVirt's `virt-handler` allows an authenticated user to hijack privileged connections, potentially leading to full cluster compromise.
An improper access check in the Joomla CMS `com_users` webservice endpoint allows for privilege escalation.
The Faction PenTesting Framework contains an authentication bypass vulnerability allowing unauthenticated attackers to read, overwrite, or delete boilerplate templates.
A Remote Code Execution (RCE) vulnerability exists in the Chromium-based Microsoft Edge browser.
A use-after-free vulnerability in the WebRTC component of Google Chrome prior to version 147 could allow a remote attacker to trigger a crash or execute code.
A use-after-free vulnerability in the Prerender component of Google Chrome prior to version 147 could allow a remote attacker to execute arbitrary code.
A use-after-free vulnerability in the CSS engine of Google Chrome prior to version 147 could allow remote code execution through malicious web content.
A use-after-free vulnerability in the Video component of Google Chrome prior to version 147 could allow remote code execution.
A heap buffer overflow vulnerability exists in the PDFium component of Google Chrome, potentially allowing for arbitrary code execution.
A use-after-free vulnerability in the Permissions component of Google Chrome for Android may allow for arbitrary code execution.
A use-after-free vulnerability in the Cast component of Google Chrome could allow a remote attacker to execute arbitrary code.
A use-after-free vulnerability in the FileSystem component of Google Chrome could lead to arbitrary code execution.
An insecure deserialization vulnerability in Microsoft Office SharePoint allows an authorized attacker to execute arbitrary code over a network.
The WPCode - Insert Headers and Footers + Custom Code Snippets plugin for WordPress is vulnerable to Remote Code Execution.
A type confusion vulnerability in the V8 engine of Google Chrome allows for potential arbitrary code execution.
Insufficient validation of untrusted input in the ANGLE graphics component of Google Chrome for Mac allows for potential code execution.
A type confusion vulnerability in the Turbofan compiler of Google Chrome could lead to remote code execution.
An authorization bypass vulnerability in Azure Privileged Identity Management (PIM) allows an authorized attacker to elevate privileges over a network.
The WishList Member plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check.
The Firebase Support & Chat Management plugin for WordPress contains a privilege escalation vulnerability.
The WishList Member plugin for WordPress is vulnerable to privilege escalation due to missing authorization.
The WishList Member plugin for WordPress is vulnerable to sensitive information disclosure and privilege escalation due to missing authorization.
The WishList Member plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check.
A security vulnerability has been identified in Vvveb, potentially allowing for unauthorized system impact.
A security vulnerability has been identified in Vvveb, potentially allowing for unauthorized system impact.
A security vulnerability has been identified in Concrete CMS 9, potentially allowing for unauthorized system impact.
The luci-app-https-dns-proxy package for OpenWrt contains an unspecified vulnerability.
The Redaxo CMS Mediapool Addon for version 5 is vulnerable to an unspecified security flaw.
An OS command injection vulnerability exists in multiple D-Link router models, potentially allowing unauthorized remote code execution.
A SQL injection vulnerability in the pgAdmin 4 Maintenance Tool allows attackers to manipulate database queries.
A use-after-free vulnerability in the NVIDIA Display Driver for Linux may allow a local attacker to cause a system crash or potentially execute arbitrary code.
A memory handling flaw in the Linux kernel's xfrm/esp implementation allows for insecure in-place decryption, potentially leading to data corruption or information disclosure.
A permission check vulnerability in the Linux kernel's `nsfs` allows privileged services to potentially access or leak information from other namespaces.
A security vulnerability has been identified in Tenda F456 routers, potentially exposing the device to unauthorized administrative control.
A vulnerability has been discovered in the Tenda F1202 router, which may allow an attacker to compromise the device's integrity.
A security vulnerability has been identified in the Tenda F1202 router, potentially allowing an attacker to execute unauthorized commands or access sensitive data.
A critical security vulnerability has been determined in the Tenda F1202 router, potentially allowing for remote exploitation of the device.
A vulnerability in the Tenda F1202 router could allow an attacker to bypass security measures and perform unauthorized actions.
A lack of data verification in the PLCnext Web-based Management allows authenticated Engineer users to achieve remote arbitrary code execution with root privileges.
An incorrect privilege assignment vulnerability in StoreApps Smart Manager allows for unauthorized privilege escalation.
A security weakness has been identified in the Edimax BR-6478AC router that could potentially be exploited by an attacker.
A security vulnerability has been identified in the Edimax BR-6478AC router.
A security flaw has been discovered in the Edimax EW-7438RPn range extender.
A security weakness has been identified in the Edimax EW-7438RPn range extender.
A security vulnerability has been detected in the Edimax EW-7438RPn range extender.
A security vulnerability was detected in the Edimax EW-7438RPn range extender.
A security flaw has been found in the Edimax EW-7438RPn range extender.
A security vulnerability has been detected in the Edimax EW-7438RPn range extender.
A vulnerability was detected in the Edimax EW-7438RPn range extender.
A flaw has been found in the Edimax EW-7438RPn range extender.
A vulnerability has been found in the Edimax EW-7438RPn range extender.
A security vulnerability exists in FreeRDP versions prior to 3.0, potentially exposing systems to unauthorized exploitation.
A security vulnerability has been identified in the Snipe-IT asset and license management system that requires immediate remediation.
A security flaw in Bluetooth LE allows attackers to downgrade connection security by spoofing bonded devices.
Tanium has addressed an unauthorized code execution vulnerability within the Connect component.
A security flaw has been identified in the UTT HiPER 1200GW router, potentially allowing for unauthorized system access.
A security weakness has been identified in the UTT HiPER 1200GW router, potentially leading to unauthorized system compromise.
A critical vulnerability has been detected in the UTT HiPER 1250GW router, posing a risk of unauthorized exploitation.
A critical flaw has been found in the UTT HiPER 1250GW router that may allow for unauthorized system exploitation.
An OS command injection vulnerability exists within the pgAdmin 4 Import/Export query export functionality.
A security vulnerability has been identified in JupyterLab, an extensible environment for interactive computing.
A vulnerability exists in Concrete CMS 9 that may allow for unauthorized system interaction.
A vulnerability exists in Concrete CMS 9 that may allow for unauthorized system interaction.
A vulnerability exists in Concrete CMS 9 that may allow for unauthorized system interaction.
A vulnerability exists in Concrete CMS 9 that may allow for unauthorized system interaction.
A vulnerability in Concrete CMS 9 allows for potential unauthorized system interaction.
A vulnerability in Concrete CMS 9 allows for potential unauthorized system interaction.
A vulnerability in Concrete CMS 9 allows for potential unauthorized system interaction.
A vulnerability in Concrete CMS 9 allows for potential unauthorized system interaction.
A vulnerability in Concrete CMS 9 allows for potential unauthorized system interaction.
A vulnerability in Concrete CMS 9 allows for potential unauthorized system interaction.
A security vulnerability has been identified in versions of Concrete CMS 9, potentially allowing for unauthorized system impact.
A security vulnerability has been identified in versions of Concrete CMS 9, potentially allowing for unauthorized system impact.
A security vulnerability has been identified in versions of Concrete CMS 9, potentially allowing for unauthorized system impact.
A security vulnerability has been identified in versions of Concrete CMS 9, potentially allowing for unauthorized system impact.
A security vulnerability has been identified in versions of Concrete CMS 9, potentially allowing for unauthorized system impact.
A security vulnerability has been identified in versions of Concrete CMS 9, potentially allowing for unauthorized system impact.
A security vulnerability has been discovered in the Request Tracker (RT) issue and ticket tracking system.
A security vulnerability has been identified in the Edimax BR-6428NS wireless router, requiring urgent attention.
A security flaw has been discovered in the Edimax BR-6428NS wireless router, necessitating an immediate firmware assessment.
A security vulnerability has been detected in the Edimax EW-7438RPn range extender that requires prompt remediation.
A security vulnerability has been detected in the Edimax EW-7438RPn range extender, requiring immediate firmware review.
A security flaw has been identified in the Edimax EW-7438RPn range extender, requiring urgent attention from administrators.
A security vulnerability has been found in the Edimax EW-7438RPn range extender, necessitating prompt remediation.
A security flaw has been discovered in the Edimax EW-7438RPn range extender that requires immediate attention.
A security vulnerability has been identified in the Edimax BR-6675nD router that may pose a significant risk to network integrity.
A security vulnerability has been detected in the Edimax BR-6675nD router, necessitating prompt review and remediation.
A security flaw has been identified in the Edimax BR-6675nD router that may impact its security posture.
A vulnerability has been identified in the H3C Magic B0 router series affecting software versions up to 100R002.
A security vulnerability has been identified in the Edimax BR-6675nD router that requires immediate attention.
A vulnerability has been identified in the Edimax BR-6675nD router that could compromise its security.
A security vulnerability has been identified in the Edimax BR-6675nD router that requires immediate attention.
A security vulnerability has been detected in the Edimax EW-7438RPn router, which may permit unauthorized access or impact device integrity.
A vulnerability has been detected in the Edimax EW-7438RPn range extender that requires immediate security attention.
A security flaw has been identified in the Edimax EW-7438RPn range extender, warranting immediate remediation.
A vulnerability has been identified in the Twenty open-source CRM platform that requires immediate security attention.
The Faction PenTesting Report Generation and Collaboration Framework contains an unspecified vulnerability requiring immediate attention.
The Faction PenTesting Report Generation and Collaboration Framework contains an unspecified vulnerability requiring immediate attention.