8.7
CVE-2026-3520 - Multer vulnerable to Denial of Service via uncontrolled recursion
Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability in Multer prior to version 2.1.1 allows an attacker to trigger a Denial of Service (DoS) by sending malformed requests, potentially causing stack overflow. Users should upgrade to version 2.1.1 to receive a patch. Noβ¦
7.5
CVE-2026-28695 - Craft affected by authenticated RCE via Twig SSTI - create() function + Symfony Process gadget
Craft is a content management system (CMS). There is an authenticated admin RCE in Craft CMS 5.8.21 via Server-Side Template Injection using the create() Twig function combined with a Symfony Process gadget chain. The create() Twig function exposes Craft::createObject(), which allows instantiation β¦
7
CVE-2025-15558 - Docker Desktop Docker Plugins Uncontrolled Search Path Element Local Privilege Escalation Vulnerabiβ¦
Docker CLI for Windows searches for plugin binaries in C:\ProgramData\Docker\cli-plugins, a directory that does not exist by default. A low-privileged attacker can create this directory and place malicious CLI plugin binaries (docker-compose.exe, docker-buildx.exe, etc.) that are executed when a viβ¦
4.3
CVE-2026-23812 - Security Boundary Bypass via Routing Node Impersonation
A vulnerability has been identified where an attacker connecting to an access point as a standard wired or wireless client can impersonate a gateway by leveraging an address-based spoofing technique. Successful exploitation enables the redirection of data streams, allowing for the interception or mβ¦
4.3
CVE-2026-23811 - Unauthorized Bi-Directional Traffic Interception via L2/L3 Manipulation
A vulnerability in the client isolation mechanism may allow an attacker to bypass Layer 2 (L2) communication restrictions between clients and redirect traffic at Layer 3 (L3). In addition to bypassing policy enforcement, successful exploitation - when combined with a port-stealing attack - may enabβ¦
4.3
CVE-2026-23810 - Cross-BSSID GTK Re-encryption and Traffic Injection
A vulnerability in the packet processing logic may allow an authenticated attacker to craft and transmit a malicious Wi-Fi frame that causes an Access Point (AP) to classify the frame as group-addressed traffic and re-encrypt it using the Group Temporal Key (GTK) associated with the victim's BSSID.β¦
5.4
CVE-2026-23809 - MAC Address Spoofing leads to Inter-BSSID Isolation Bypass Resulting in Traffic Redirection
A technique has been identified that adapts a known port-stealing method to Wi-Fi environments that use multiple BSSIDs. By leveraging the relationship between BSSIDs and their associated virtual ports, an attacker could potentially bypass inter-BSSID isolation controls. Successful exploitation mayβ¦
5.4
CVE-2026-23808 - Client Isolation Bypass via GTK Manipulation
A vulnerability has been identified in a standardized wireless roaming protocol that could enable a malicious actor to install an attacker-controlled Group Temporal Key (GTK) on a client device. Successful exploitation of this vulnerability could allow a remote malicious actor to perform unauthorizβ¦
5.4
CVE-2026-23601 - Frame Injection via Shared GTK Allows Traffic Spoofing and Client Compromise
A vulnerability has been identified in the wireless encryption handling of Wi-Fi transmissions. A malicious actor can generate shared-key authenticated transmissions containing targeted payloads while impersonating the identity of a primary BSSID.Successful exploitation allows for the delivery of tβ¦
4.4
CVE-2026-22285 - Plaintext Password Storage in Dell Device Management Agent Enables Local Unauthorized Access
Dell Device Management Agent (DDMA), versions prior to 26.02, contain a Plaintext Storage of Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized Access.