6.5
CVE-2026-26006 - Redos (Regular Expression Denial of Service) at Code Extraction Block in significant-gravitas/autog…
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. The autogpt before 0.6.32 is vulnerable to Regular Expression Denial of Service due to the use of regex at Code Extraction Block. The two Regex are used c…
6.7
CVE-2025-12699 - ZOLL ePCR IOS Mobile Application Insertion of Sensitive Information into Externally-Accessible File…
The ZOLL ePCR IOS application reflects unsanitized user input into a WebView. Attacker-controlled strings placed into PCR fields (run number, incident, call sign, notes) are interpreted as HTML/JS when the app prints or renders that content. In the proof of concept (POC), injected scripts return lo…
8.7
CVE-2026-1507 - Uncaught Exception vulnerability in AVEVA PI Data Archive
The affected products are vulnerable to an uncaught exception that could allow an unauthenticated attacker to remotely crash core PI services resulting in a denial-of-service.
5.7
CVE-2026-1495 - Insertion of Sensitive Information into Log File vulnerability in AVEVA PI to CONNECT Agent
The vulnerability, if exploited, could allow an attacker with Event Log Reader (S-1-5-32-573) privileges to obtain proxy details, including URL and proxy credentials, from the PI to CONNECT event log files. This could enable unauthorized access to the proxy server.
4.6
CVE-2026-1763 - Enervista UR Setup DLL Hijacking
Vulnerability in GE Vernova Enervista UR Setup on Windows.This issue affects Enervista: 8.6 and previous versions.
