9.3
CVE-2026-27507 - Binardat 10G08-0800GSM Network Switch Hard-coded Credentials
Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior contain hard-coded administrative credentials that cannot be changed by users. Knowledge of these credentials allows full administrative access to the device.
8.7
CVE-2026-23678 - Binardat 10G08-0800GSM Network Switch Traceroute CLI Command Injection
Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior contain a command injection vulnerability in the traceroute diagnostic function of the affected device web management interface. By injecting the %1a character into the hostname parameter, an authenticated attacker with…
9.2
CVE-2026-27584 - ActualBudget server is Missing Authentication for SimpleFIN and Pluggy AI bank sync endpoints
Actual is a local-first personal finance tool. Prior to version 26.2.1, missing authentication middleware in the ActualBudget server component allows any unauthenticated user to query the SimpleFIN and Pluggy.ai integration endpoints and read sensitive bank account balance and transaction informati…
4.9
CVE-2026-0402 - Post-Authentication Out-of-Bounds Read Leading to Firewall Crash
A post-authentication Out-of-bounds Read vulnerability in SonicOS allows a remote attacker to crash a firewall.
8.6
CVE-2026-27732 - AVideo has Authenticated Server-Side Request Forgery via downloadURL in aVideoEncoder.json.php
WWBN AVideo is an open source video platform. Prior to version 22.0, the `aVideoEncoder.json.php` API endpoint accepts a `downloadURL` parameter and fetches the referenced resource server-side without proper validation or an allow-list. This allows authenticated users to trigger server-side request…
4.9
CVE-2026-0401 - Null Pointer Dereference Crash Vulnerability in SonicOS
A post-authentication NULL Pointer Dereference vulnerability in SonicOS allows a remote attacker to crash a firewall.
4.9
CVE-2026-0400 - Post-Authentication Format String Vulnerability Leading to Firewall Crash
A post-authentication Format String vulnerability in SonicOS allows a remote attacker to crash a firewall.
5.1
CVE-2026-27568 - AVideo has Stored Cross-Site Scripting via Markdown Comment Injection
WWBN AVideo is an open source video platform. Prior to version 21.0, AVideo allows Markdown in video comments and uses Parsedown (v1.7.4) without Safe Mode enabled. Markdown links are not sufficiently sanitized, allowing `javascript:` URIs to be rendered as clickable links. An authenticated low-pri…
4.9
CVE-2026-0399 - Authenticated Stack‑Based Buffer Overflow in SonicOS Management API
Multiple post-authentication stack-based buffer overflow vulnerabilities in the SonicOS management interface due to improper bounds checking in a API endpoint.
5.3
CVE-2026-3102 - exiftool PNG File MacOS.pm SetMacOSTags os command injection
A vulnerability was determined in exiftool up to 13.49 on macOS. This issue affects the function SetMacOSTags of the file lib/Image/ExifTool/MacOS.pm of the component PNG File Parser. This manipulation of the argument DateTimeOriginal causes os command injection. The attack is possible to be carrie…