0.0
CVE-2026-27321 -
Not used
0.0
CVE-2026-27322 -
Not used
4.7
CVE-2026-22269 - Improper Source Verification in Dell PowerProtect Data Manager REST API
Dell PowerProtect Data Manager, version(s) prior to 19.22, contain(s) an Improper Verification of Source of a Communication Channel vulnerability in the REST API. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to protection mechanism bypass.
6.9
CVE-2025-41023 - Authentication bypass in AutoGPT de Thesamur
An authentication bypass vulnerability has been found in Thesamur's AutoGPT. This vulnerability allows an attacker to bypass authentication mechanisms. Once inside the web application, the attacker can use any of its features regardless of the authorisation method used.
8.8
CVE-2026-26358 - Missing Authorization Enables Unauthorized Access in Dell Unisphere for PowerMax
Dell Unisphere for PowerMax, version(s) 10.2, contain(s) a Missing Authorization vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.
5.1
CVE-2025-40697 - Reflected Cross-Site Scripting (XSS) in Lewe WebMeasure
Reflected Cross-Site Scripting (XSS) vulnerability in '/index.php' in Lewe WebMeasure, which allows remote attackers to execute arbitrary code through the 'page' parameter. This vulnerability can be exploited to steal sensitive user data, such as session cookies, or to perform actions on behalf of β¦
8.1
CVE-2026-26360 - External Control of File Name or Path vulnerability allowing arbitrary file deletion in Dell Unisphβ¦
Dell Unisphere for PowerMax, version(s) 10.2, contain(s) an External Control of File Name or Path vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability to delete arbitrary files.
5.1
CVE-2026-2736 - Reflected Cross-Site Scripting (XSS) vulnerability in Alkacon's OpenCms
Reflected Cross-site Scripting (XSS) in Alkacon's OpenCms v18.0, which allows an attacker to execute JavaScript code in the victim's browser by sending the victim a malicious URL containing the βqβ parameter in β/search/index.htmlβ. This vulnerability can be exploited to steal sensitive user informβ¦
5.1
CVE-2026-2735 - Stored Cross-Site Scripting (XSS) vulnerability in Alkacon's OpenCms
Stored Cross-Site Scripting (XSS) in Alkacon's OpenCms v18.0, which occurs when user input is not properly validated when sending a POST request to β/blog/new-article/org.opencms.ugc.CmsUgcEditService.gwtβ using the βtextβ parameter.
8.8
CVE-2026-26359 - Unisphere for PowerMax External File Path Control Vulnerability
Dell Unisphere for PowerMax, version(s) 10.2, contain(s) an External Control of File Name or Path vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to the ability to overwrite arbitrary files.