Search

Search Results (364540 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-59152 1 Langchain-ai 1 Langsmith-sdk 2026-07-10 5 Medium
LangSmith Client SDKs provide SDK's for interacting with the LangSmith platform. Prior to 0.8.18, an attacker who can send an HTTP request to a server running the LangSmith SDK's TracingMiddleware can cause that server to read an arbitrary file from its local filesystem and upload the contents to LangSmith as a trace attachment. Depending on how the distributed trace system is deployed, triggering a read may not require authentication. Retrieving the contents requires read access to the LangSmith workspace the traces are sent to. The net effect is a trust-boundary crossing: a party with workspace trace-read access (for example a low-privilege workspace member, a contractor, or a compromised teammate account) gains the ability to read files from any server running TracingMiddleware, a capability outside that workspace's intended trust boundary. This vulnerability is fixed in 0.8.18.
CVE-2026-21041 1 Samsung Mobile 1 Samsung Mobile Devices 2026-07-10 N/A
Improper access control in SamsungSEAgentService prior to SMR Jul-2026 Release 1 allows local attackers to access sensitive information.
CVE-2026-14898 1 Openai 1 Codex Desktop App For Macos 2026-07-10 6.5 Medium
The OpenAI Codex desktop app for macOS rendered remote images from Markdown in model responses. An attacker who could place an indirect prompt injection in content processed by Codex, such as a connected-tool result or another untrusted source, could induce the model to construct a remote image URL containing sensitive data. The app automatically fetched that URL when rendering the response, sending the embedded data to an attacker-controlled server without a separate user click. Successful exploitation could exfiltrate secrets and other information accessible in the Codex session, including API keys, source code, and data returned by connected tools. No direct integrity or availability impact was demonstrated, and there is no known exploitation in the wild.
CVE-2026-15284 2 Kingaddons, Wordpress 2 King Addons For Elementor – 80+ Elementor Widgets, 4 000+ Elementor Templates, Woocommerce, Mega Menu, Popup Builder, Wordpress 2026-07-10 6.4 Medium
The King Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'form_page_id' parameter in versions up to, and including, 51.1.62 This is due to insufficient input sanitization in the add_to_submissions() function, which applies sanitize_text_field() (which preserves double-quote characters) before storing the value in post meta, combined with missing output escaping in the king_addons_submissions_custom_column_content() function, which concatenates the stored value into an HTML href attribute via admin_url() without wrapping the result in esc_url(). This makes it possible for authenticated attackers, with subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
CVE-2026-15290 2 Ultimatemember, Wordpress 2 Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin, Wordpress 2026-07-10 7.5 High
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to blind SQL Injection via the search parameter in all versions up to, and including, 2.10.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. This vulnerability was partially patched in version 2.9.2 when initially addressing CVE-2025-0308.
CVE-2026-36163 1 Liquidfiles 1 Liquidfiles 2026-07-10 5.4 Medium
An HTML injection vulnerability in the file view endpoint of LiquidFiles v4.2.7 allows authenticated attackers to execute arbitrary JavaScript in the context of the victim's browser via the uploading of and user interaction with a crafted HTML file.
CVE-2026-50810 1 Gpac 1 Gpac 2026-07-10 5.5 Medium
A NULL pointer dereference in smooth_parse_stream_index() in src/media_tools/mpd.c in GPAC master HEAD before commit b35c61f104b85fbb16520ac2838d5d2ef70845b5 allows attackers to cause a denial of service
CVE-2026-50811 1 Freetype 1 Freetype 2026-07-10 6.5 Medium
An out-of-bounds read vulnerability exists in FreeType 2.14.3 and versions before commit 5a280ecde6f324de0d226261036e736e0cb49a71 in src/truetype/ttgxvar.c, in the TT_Get_Var_Design implementation used by FT_Get_Var_Design_Coordinates
CVE-2026-15299 2 Wealcoder, Wordpress 2 Animation Addons For Elementor – Gsap Motion Elementor Addons & Website Templates, Wordpress 2026-07-10 6.4 Medium
The Animation Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'weather_style' and 'move_direction' parameters of the Weather widget in all versions up to, and including, 2.6.3. This is due to insufficient output escaping in the Weather widget's render() function at widgets/weather.php:1246, where both settings values are placed into an HTML class attribute without esc_attr(). Elementor does not server-side validate widget SELECT control values against allowed options on save, so an authenticated attacker with Contributor-level access or above can submit a crafted save_builder AJAX request storing arbitrary values in the _elementor_data post meta. The stored payload renders unescaped on every frontend visit to the affected page (the Weather widget requires an OpenWeatherMap API key to reach the vulnerable output, which is the normal operational state for sites using this widget).
CVE-2026-4375 2026-07-10 9 Critical
The DoLeads Integrator WordPress plugin through 0.65, wp2epub WordPress plugin through 0.65 have been seen to be used to achieve RCE, once they are added adding to a blog, for example using a vulnerability where unclosed extensions from wordpress.org can be installed by unauthorized users.
CVE-2026-53483 1 Dell 1 Powerprotect Data Domain 2026-07-10 9.8 Critical
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 an improper authentication vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access. This is a critical severity vulnerability as it allows an attacker to take complete control of system; so Dell recommends customers to upgrade at the earliest opportunity.
CVE-2026-53481 1 Dell 1 Powerprotect Data Domain 2026-07-10 9.8 Critical
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access to the system. This is a critical severity vulnerability as it allows an attacker to take complete control of system; so Dell recommends customers to upgrade at the earliest opportunity.
CVE-2026-15286 2 Stellarwp, Wordpress 2 Kadence Blocks — Page Builder Toolkit For Gutenberg Editor, Wordpress 2026-07-10 4.3 Medium
The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to unauthorized post publication in all versions up to, and including, 3.5.32 due to a misconfigured capability check on the 'get_items_permission_check' function permission callback of the 'process_pattern' REST API endpoint. This makes it possible for authenticated attackers, with Contributor-level access and above, to create and immediately publish posts of any type (including pages), bypassing the standard WordPress review workflow where contributors must submit posts for administrator approval.
CVE-2026-15296 2 Cservit, Wordpress 2 Affiliate-toolkit – Multi-network Affiliate & Amazon Product Display, Wordpress 2026-07-10 6.4 Medium
The affiliate-toolkit – WP Affiliate Plugin with Amazon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'atkp_product' shortcode in all versions up to, and including, 3.7.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This is a bypass to CVE-2024-10227.
CVE-2026-15297 2 Neeraj Slit, Wordpress 2 Brevo – Email, Sms, Web Push, Chat, And More., Wordpress 2026-07-10 6.1 Medium
The Newsletter, SMTP, Email marketing and Subscribe forms by Brevo (formely Sendinblue) plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the page parameter in all versions up to, and including, 3.1.77 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
CVE-2026-39178 1 Alinto 1 Sogo 2026-07-10 6.3 Medium
A SQL injection vulnerability in SOGo before 5.12.7 allows authenticated users to execute arbitrary SQL statements via the search parameter of the allContactSearch endpoint.
CVE-2026-39179 1 Alinto 1 Sogo 2026-07-10 6.3 Medium
A SQL injection vulnerability in SOGo before 5.12.7 allows authenticated users to execute arbitrary SQL statements via the newPassword parameter in the password change functionality.
CVE-2026-51535 1 Eipstackgroup 1 Opener 2026-07-10 7.5 High
In OpENer 2.3.0 (commit 76b95cf), a resource exhaustion (Denial of Service) vulnerability exists in its network processing loop.
CVE-2026-36027 2026-07-10 6.8 Medium
An issue in Code27 Companion Hub SQ3A.220705.003.A1 allows a physically proximate attacker to execute arbitrary code via the USB debugging (ADB) and Android Debug Bridge components
CVE-2026-50813 1 Sqlite 1 Sqlite 2026-07-10 6.1 Medium
An issue in SQLite before Fossil check-in 869a51ae84df allows a local attacker to obtain sensitive information via the Session Extension changeset concat/changegroup merge path