DEV Community

CVE Reports profile picture

CVE Reports

CVEReports provides daily, automated deep-dives into the latest vulnerabilities, transforming emerging threats into comprehensive technical intelligence.

Joined Joined on  Personal website https://www.cvereports.com
CVE-2026-8467: CVE-2026-8467: Unauthenticated Remote Code Execution in phoenix_storybook
cverports profile

CVE-2026-8467: CVE-2026-8467: Unauthenticated Remote Code Execution in phoenix_storybook

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-8469: CVE-2026-8469: Denial of Service via BEAM Atom Table Exhaustion in phoenix_storybook
cverports profile

CVE-2026-8469: CVE-2026-8469: Denial of Service via BEAM Atom Table Exhaustion in phoenix_storybook

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-47068: CVE-2026-47068: Authorization Bypass via Cross-Session PubSub Topic Injection in phoenix_storybook
cverports profile

CVE-2026-47068: CVE-2026-47068: Authorization Bypass via Cross-Session PubSub Topic Injection in phoenix_storybook

#security #cve #cybersecurity
Comments
2 min read
GHSA-7QJX-GP9H-65QJ: GHSA-7QJX-GP9H-65QJ: Improper Authorization in Dex Token Exchange
cverports profile

GHSA-7QJX-GP9H-65QJ: GHSA-7QJX-GP9H-65QJ: Improper Authorization in Dex Token Exchange

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2024-29203: CVE-2024-29203: Client-Side Cross-Site Scripting via Unsandboxed Iframes and Legacy Embed Elements in TinyMCE
cverports profile

CVE-2024-29203: CVE-2024-29203: Client-Side Cross-Site Scripting via Unsandboxed Iframes and Legacy Embed Elements in TinyMCE

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-9277: CVE-2026-9277: OS Command Injection in shell-quote via Object-Token Line Terminator Parsing Defect
cverports profile

CVE-2026-9277: CVE-2026-9277: OS Command Injection in shell-quote via Object-Token Line Terminator Parsing Defect

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-11645: CVE-2026-11645: Out-of-Bounds Memory Access in Google Chrome V8 Engine
cverports profile

CVE-2026-11645: CVE-2026-11645: Out-of-Bounds Memory Access in Google Chrome V8 Engine

#security #cve #cybersecurity
Comments
1 min read
CVE-2026-50751: CVE-2026-50751: Authentication Bypass in Check Point Security Gateway IKEv1 Legacy Validation
cverports profile

CVE-2026-50751: CVE-2026-50751: Authentication Bypass in Check Point Security Gateway IKEv1 Legacy Validation

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-39922: CVE-2026-39922: Server-Side Request Forgery in GeoNode Service Registration Endpoint
cverports profile

CVE-2026-39922: CVE-2026-39922: Server-Side Request Forgery in GeoNode Service Registration Endpoint

#security #cve #cybersecurity
Comments
2 min read
CVE-2022-0492: CVE-2022-0492: Privilege Escalation and Container Escape via cgroups v1 release_agent
cverports profile

CVE-2022-0492: CVE-2022-0492: Privilege Escalation and Container Escape via cgroups v1 release_agent

#security #cve #cybersecurity
Comments
3 min read
GHSA-G72G-R7M4-9X4G: GHSA-G72G-R7M4-9X4G: Insufficient Session Expiration of OAuth Tokens in NocoDB
cverports profile

GHSA-G72G-R7M4-9X4G: GHSA-G72G-R7M4-9X4G: Insufficient Session Expiration of OAuth Tokens in NocoDB

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-FGMC-2HQJ-86V4: GHSA-FGMC-2HQJ-86V4: Default Administrative Credentials in vantage6-server
cverports profile

GHSA-FGMC-2HQJ-86V4: GHSA-FGMC-2HQJ-86V4: Default Administrative Credentials in vantage6-server

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-X9F6-9RVM-MMRG: GHSA-X9F6-9RVM-MMRG: Improper Access Control and Volume Mount Isolation Bypass in vantage6 Node
cverports profile

GHSA-X9F6-9RVM-MMRG: GHSA-X9F6-9RVM-MMRG: Improper Access Control and Volume Mount Isolation Bypass in vantage6 Node

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-47760: CVE-2026-47760: Cross-Site Scripting (XSS) via SVG Namespace Sanitizer Bypass in TinyMCE
cverports profile

CVE-2026-47760: CVE-2026-47760: Cross-Site Scripting (XSS) via SVG Namespace Sanitizer Bypass in TinyMCE

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-47759: CVE-2026-47759: Stored Cross-Site Scripting (XSS) via Unsanitized data-mce-* Serialization Bypass in TinyMCE
cverports profile

CVE-2026-47759: CVE-2026-47759: Stored Cross-Site Scripting (XSS) via Unsanitized data-mce-* Serialization Bypass in TinyMCE

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-47762: CVE-2026-47762: Stored Cross-Site Scripting (XSS) in TinyMCE Protect Pattern Restoration
cverports profile

CVE-2026-47762: CVE-2026-47762: Stored Cross-Site Scripting (XSS) in TinyMCE Protect Pattern Restoration

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-47742: CVE-2026-47742: Missing Authorization and Client-Side Property Tampering in Shopper E-commerce Panel
cverports profile

CVE-2026-47742: CVE-2026-47742: Missing Authorization and Client-Side Property Tampering in Shopper E-commerce Panel

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-47745: CVE-2026-47745: Missing Authorization in Shopper Admin Panel Settings
cverports profile

CVE-2026-47745: CVE-2026-47745: Missing Authorization in Shopper Admin Panel Settings

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-47715: CVE-2026-47715: Insecure Direct Object Reference (IDOR) / Cross-Project Authorization Bypass in Bugsink
cverports profile

CVE-2026-47715: CVE-2026-47715: Insecure Direct Object Reference (IDOR) / Cross-Project Authorization Bypass in Bugsink

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-47716: CVE-2026-47716: Broken Object Level Authorization in Bugsink Bulk Issue Actions
cverports profile

CVE-2026-47716: CVE-2026-47716: Broken Object Level Authorization in Bugsink Bulk Issue Actions

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-47728: CVE-2026-47728: Multi-Tenant Isolation Bypass via Unscoped Debug ID Resolution in Bugsink
cverports profile

CVE-2026-47728: CVE-2026-47728: Multi-Tenant Isolation Bypass via Unscoped Debug ID Resolution in Bugsink

#security #cve #cybersecurity
Comments
2 min read
GHSA-5X67-J5XG-C5GJ: GHSA-5X67-J5XG-C5GJ: Denial of Service via Uncontrolled Resource Consumption in Bugsink Ingestion Pipeline
cverports profile

GHSA-5X67-J5XG-C5GJ: GHSA-5X67-J5XG-C5GJ: Denial of Service via Uncontrolled Resource Consumption in Bugsink Ingestion Pipeline

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-47744: CVE-2026-47744: Improper Privilege Management and State Tampering in Shopper E-commerce Administration Panel
cverports profile

CVE-2026-47744: CVE-2026-47744: Improper Privilege Management and State Tampering in Shopper E-commerce Administration Panel

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-24425: CVE-2026-24425: Remote Code Execution via Sandbox Bypass in Twig Template Engine
cverports profile

CVE-2026-24425: CVE-2026-24425: Remote Code Execution via Sandbox Bypass in Twig Template Engine

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-47761: CVE-2026-47761: Stored Cross-Site Scripting in TinyMCE Media Plugin
cverports profile

CVE-2026-47761: CVE-2026-47761: Stored Cross-Site Scripting in TinyMCE Media Plugin

#security #cve #cybersecurity
Comments
2 min read
GHSA-WX3M-WHQV-XV47: GHSA-WX3M-WHQV-XV47: Multiple Path Traversal and Symlink-Following Vulnerabilities in skillctl
cverports profile

GHSA-WX3M-WHQV-XV47: GHSA-WX3M-WHQV-XV47: Multiple Path Traversal and Symlink-Following Vulnerabilities in skillctl

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-XF4V-W5X5-PV79: GHSA-XF4V-W5X5-PV79: CSV Formula Injection in Spree Customer Export
cverports profile

GHSA-XF4V-W5X5-PV79: GHSA-XF4V-W5X5-PV79: CSV Formula Injection in Spree Customer Export

#security #cve #cybersecurity #ghsa
1
Comments
2 min read
CVE-2026-47694: CVE-2026-47694: Stored Cross-Site Scripting in WWBN AVideo Category Descriptions
cverports profile

CVE-2026-47694: CVE-2026-47694: Stored Cross-Site Scripting in WWBN AVideo Category Descriptions

#security #cve #cybersecurity
1
Comments
2 min read
GHSA-JPVJ-WPMJ-H7RV: GHSA-JPVJ-WPMJ-H7RV: Supply Chain Compromise and Malicious Code Injection in @cap-js/openapi
cverports profile

GHSA-JPVJ-WPMJ-H7RV: GHSA-JPVJ-WPMJ-H7RV: Supply Chain Compromise and Malicious Code Injection in @cap-js/openapi

#security #cve #cybersecurity #ghsa
1
Comments
2 min read
CVE-2026-47696: CVE-2026-47696: Authenticated Wallet Credit Bypass in WWBN AVideo AuthorizeNet Plugin
cverports profile

CVE-2026-47696: CVE-2026-47696: Authenticated Wallet Credit Bypass in WWBN AVideo AuthorizeNet Plugin

#security #cve #cybersecurity
Comments
2 min read
GHSA-8WHC-2WMV-WW35: GHSA-8whc-2wmv-ww35: Unauthenticated Stored DOM-based Cross-Site Scripting in WWBN AVideo YPTSocket Plugin
cverports profile

GHSA-8WHC-2WMV-WW35: GHSA-8whc-2wmv-ww35: Unauthenticated Stored DOM-based Cross-Site Scripting in WWBN AVideo YPTSocket Plugin

#security #cve #cybersecurity #ghsa
1
Comments
2 min read
CVE-2026-47676: CVE-2026-47676: Inconsistent Path Parsing and Slicing in Hono Framework Sub-Application Mounting
cverports profile

CVE-2026-47676: CVE-2026-47676: Inconsistent Path Parsing and Slicing in Hono Framework Sub-Application Mounting

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-47706: CVE-2026-47706: Application-Level Denial of Service via Uncontrolled Recursion in Strawberry GraphQL
cverports profile

CVE-2026-47706: CVE-2026-47706: Application-Level Denial of Service via Uncontrolled Recursion in Strawberry GraphQL

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-34077: CVE-2026-34077: Denial of Service and Unsafe Deserialization in React Router Single Fetch
cverports profile

CVE-2026-34077: CVE-2026-34077: Denial of Service and Unsafe Deserialization in React Router Single Fetch

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-47707: CVE-2026-47707: GraphQL Alias Amplification Bypass in Strawberry GraphQL MaxAliasesLimiter
cverports profile

CVE-2026-47707: CVE-2026-47707: GraphQL Alias Amplification Bypass in Strawberry GraphQL MaxAliasesLimiter

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-48710: CVE-2026-48710: Starlette BadHost HTTP Host-Header Path-Poisoning and Authentication Bypass
cverports profile

CVE-2026-48710: CVE-2026-48710: Starlette BadHost HTTP Host-Header Path-Poisoning and Authentication Bypass

#security #cve #cybersecurity
Comments
3 min read
CVE-2026-20230: CVE-2026-20230: Server-Side Request Forgery in Cisco Unified Communications Manager WebDialer Service
cverports profile

CVE-2026-20230: CVE-2026-20230: Server-Side Request Forgery in Cisco Unified Communications Manager WebDialer Service

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-48526: CVE-2026-48526: Algorithm Confusion Vulnerability in PyJWT
cverports profile

CVE-2026-48526: CVE-2026-48526: Algorithm Confusion Vulnerability in PyJWT

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-23479: CVE-2026-23479: Use-After-Free Vulnerability in Redis Blocking-Client Command Re-Execution
cverports profile

CVE-2026-23479: CVE-2026-23479: Use-After-Free Vulnerability in Redis Blocking-Client Command Re-Execution

#security #cve #cybersecurity
Comments
3 min read
CVE-2026-42211: CVE-2026-42211: Remote Code Execution via Insecure Deserialization in React Router Framework Mode
cverports profile

CVE-2026-42211: CVE-2026-42211: Remote Code Execution via Insecure Deserialization in React Router Framework Mode

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-47265: CVE-2026-47265: Cross-Origin Cookie Leakage in AIOHTTP Client Redirects
cverports profile

CVE-2026-47265: CVE-2026-47265: Cross-Origin Cookie Leakage in AIOHTTP Client Redirects

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-49144: CVE-2026-49144: Unauthenticated Arbitrary File Read via Path Traversal in BrowserStack Runner
cverports profile

CVE-2026-49144: CVE-2026-49144: Unauthenticated Arbitrary File Read via Path Traversal in BrowserStack Runner

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-49143: CVE-2026-49143: Unauthenticated Remote Code Execution in browserstack-runner
cverports profile

CVE-2026-49143: CVE-2026-49143: Unauthenticated Remote Code Execution in browserstack-runner

#security #cve #cybersecurity
Comments
2 min read
GHSA-F9RX-7WF7-JR36: GHSA-F9RX-7WF7-JR36: Two-Factor Authentication Bypass and Passwordless API Key Creation in Froxlor
cverports profile

GHSA-F9RX-7WF7-JR36: GHSA-F9RX-7WF7-JR36: Two-Factor Authentication Bypass and Passwordless API Key Creation in Froxlor

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-42342: CVE-2026-42342: Uncontrolled Resource Consumption and Denial of Service in React Router and Remix
cverports profile

CVE-2026-42342: CVE-2026-42342: Uncontrolled Resource Consumption and Denial of Service in React Router and Remix

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-40181: CVE-2026-40181: Open Redirect Vulnerability in React Router
cverports profile

CVE-2026-40181: CVE-2026-40181: Open Redirect Vulnerability in React Router

#security #cve #cybersecurity
Comments
2 min read
CVE-2022-31114: CVE-2022-31114: Reflected Cross-Site Scripting in Laravel Backpack Error Views
cverports profile

CVE-2022-31114: CVE-2022-31114: Reflected Cross-Site Scripting in Laravel Backpack Error Views

#security #cve #cybersecurity
Comments
2 min read
CVE-2024-52011: CVE-2024-52011: Remote Command Injection in ViteJS launch-editor
cverports profile

CVE-2024-52011: CVE-2024-52011: Remote Command Injection in ViteJS launch-editor

#security #cve #cybersecurity
Comments
2 min read
CVE-2025-10230: CVE-2025-10230: Samba Active Directory Domain Controller WINS Server Hook Command Injection
cverports profile

CVE-2025-10230: CVE-2025-10230: Samba Active Directory Domain Controller WINS Server Hook Command Injection

#security #cve #cybersecurity
Comments
2 min read
GHSA-XQ3M-2V4X-88GG: CVE-2026-41242: Remote Code Execution via Dynamic Code Generation in protobufjs
cverports profile

GHSA-XQ3M-2V4X-88GG: CVE-2026-41242: Remote Code Execution via Dynamic Code Generation in protobufjs

#security #cve #cybersecurity
Comments
2 min read
GHSA-63GR-G7JC-V8RG: GHSA-63GR-G7JC-V8RG: Missing Authentication in AgenticMail MCP HTTP Transport Layer
cverports profile

GHSA-63GR-G7JC-V8RG: GHSA-63GR-G7JC-V8RG: Missing Authentication in AgenticMail MCP HTTP Transport Layer

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-9354: CVE-2026-9354: Arbitrary Mass Mention Bypass in NousResearch hermes-agent Slack and Mattermost Adapters
cverports profile

CVE-2026-9354: CVE-2026-9354: Arbitrary Mass Mention Bypass in NousResearch hermes-agent Slack and Mattermost Adapters

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-9306: CVE-2026-9306: Unauthenticated Insecure Direct Object Reference (IDOR) in QuantumNous new-api Midjourney Relay
cverports profile

CVE-2026-9306: CVE-2026-9306: Unauthenticated Insecure Direct Object Reference (IDOR) in QuantumNous new-api Midjourney Relay

#security #cve #cybersecurity
Comments
2 min read
GHSA-GGXF-37HM-9WQF: GHSA-GGXF-37HM-9WQF: Session Leakage via Unsafe Challenge Path Parsing in instagrapi
cverports profile

GHSA-GGXF-37HM-9WQF: GHSA-GGXF-37HM-9WQF: Session Leakage via Unsafe Challenge Path Parsing in instagrapi

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-QQQM-5547-774X: GHSA-QQQM-5547-774X: Unauthenticated Path Traversal in FileBrowser Quantum PATCH Handler
cverports profile

GHSA-QQQM-5547-774X: GHSA-QQQM-5547-774X: Unauthenticated Path Traversal in FileBrowser Quantum PATCH Handler

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-8723: CVE-2026-8723: Synchronous Denial of Service in qs npm Package via TypeError
cverports profile

CVE-2026-8723: CVE-2026-8723: Synchronous Denial of Service in qs npm Package via TypeError

#security #cve #cybersecurity
Comments
2 min read
GHSA-7M8F-HGJQ-8GC9: GHSA-7M8F-HGJQ-8GC9: Pre-Authentication Denial of Service via Insecure Deserialization Order in aiosend
cverports profile

GHSA-7M8F-HGJQ-8GC9: GHSA-7M8F-HGJQ-8GC9: Pre-Authentication Denial of Service via Insecure Deserialization Order in aiosend

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-JQQ5-8PX3-9M6M: GHSA-JQQ5-8PX3-9M6M: Single-Byte Heap Overflow Bypass in ImageMagick JSON and YAML Encoders
cverports profile

GHSA-JQQ5-8PX3-9M6M: GHSA-JQQ5-8PX3-9M6M: Single-Byte Heap Overflow Bypass in ImageMagick JSON and YAML Encoders

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-VF33-6R7X-66XX: GHSA-VF33-6R7X-66XX: Division by Zero and Integer Overflow in ImageMagick Morphology
cverports profile

GHSA-VF33-6R7X-66XX: GHSA-VF33-6R7X-66XX: Division by Zero and Integer Overflow in ImageMagick Morphology

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-QV2Q-C278-PCH5: GHSA-qv2q-c278-pch5: Cryptographic Nonce Reuse and Information Disclosure in ImageMagick
cverports profile

GHSA-QV2Q-C278-PCH5: GHSA-qv2q-c278-pch5: Cryptographic Nonce Reuse and Information Disclosure in ImageMagick

#security #cve #cybersecurity #ghsa
Comments
2 min read
loading...