7.5
CVE-2026-28695 - Craft affected by authenticated RCE via Twig SSTI - create() function + Symfony Process gadget
Craft is a content management system (CMS). There is an authenticated admin RCE in Craft CMS 5.8.21 via Server-Side Template Injection using the create() Twig function combined with a Symfony Process gadget chain. The create() Twig function exposes Craft::createObject(), which allows instantiation β¦
7
CVE-2025-15558 - Docker Desktop Docker Plugins Uncontrolled Search Path Element Local Privilege Escalation Vulnerabiβ¦
Docker CLI for Windows searches for plugin binaries in C:\ProgramData\Docker\cli-plugins, a directory that does not exist by default. A low-privileged attacker can create this directory and place malicious CLI plugin binaries (docker-compose.exe, docker-buildx.exe, etc.) that are executed when a viβ¦
4.3
CVE-2026-23812 - Security Boundary Bypass via Routing Node Impersonation
A vulnerability has been identified where an attacker connecting to an access point as a standard wired or wireless client can impersonate a gateway by leveraging an address-based spoofing technique. Successful exploitation enables the redirection of data streams, allowing for the interception or mβ¦
4.3
CVE-2026-23811 - Unauthorized Bi-Directional Traffic Interception via L2/L3 Manipulation
A vulnerability in the client isolation mechanism may allow an attacker to bypass Layer 2 (L2) communication restrictions between clients and redirect traffic at Layer 3 (L3). In addition to bypassing policy enforcement, successful exploitation - when combined with a port-stealing attack - may enabβ¦
4.3
CVE-2026-23810 - Cross-BSSID GTK Re-encryption and Traffic Injection
A vulnerability in the packet processing logic may allow an authenticated attacker to craft and transmit a malicious Wi-Fi frame that causes an Access Point (AP) to classify the frame as group-addressed traffic and re-encrypt it using the Group Temporal Key (GTK) associated with the victim's BSSID.β¦
5.4
CVE-2026-23809 - MAC Address Spoofing leads to Inter-BSSID Isolation Bypass Resulting in Traffic Redirection
A technique has been identified that adapts a known port-stealing method to Wi-Fi environments that use multiple BSSIDs. By leveraging the relationship between BSSIDs and their associated virtual ports, an attacker could potentially bypass inter-BSSID isolation controls. Successful exploitation mayβ¦
5.4
CVE-2026-23808 - Client Isolation Bypass via GTK Manipulation
A vulnerability has been identified in a standardized wireless roaming protocol that could enable a malicious actor to install an attacker-controlled Group Temporal Key (GTK) on a client device. Successful exploitation of this vulnerability could allow a remote malicious actor to perform unauthorizβ¦
5.4
CVE-2026-23601 - Frame Injection via Shared GTK Allows Traffic Spoofing and Client Compromise
A vulnerability has been identified in the wireless encryption handling of Wi-Fi transmissions. A malicious actor can generate shared-key authenticated transmissions containing targeted payloads while impersonating the identity of a primary BSSID.Successful exploitation allows for the delivery of tβ¦
4.4
CVE-2026-22285 - Plaintext Password Storage in Dell Device Management Agent Enables Local Unauthorized Access
Dell Device Management Agent (DDMA), versions prior to 26.02, contain a Plaintext Storage of Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized Access.
5.3
CVE-2025-59787 - HTTP 5XX Internal Server Errors
2N Access Commander application version 3.4.2 and prior returns HTTP 500 Internal Server Error responses when receiving malformed or manipulated requests, indicating improper handling of invalid input and potential security or availability impacts.