8.1
CVE-2026-3459 - Drag and Drop Multiple File Upload for Contact Form 7 <= 1.3.9.5 - Unauthenticated Arbitrary File Uβ¦
The Drag and Drop Multiple File Upload - Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'dnd_upload_cf7_upload' function in versions up to, and including, 1.3.7.3. This makes it possible for unauthenticated attackers to upβ¦
8.6
CVE-2026-28284 - FreePBX: Authenticated SQL Injection Vulnerabilities in FreePBX Logfiles Module
FreePBX is an open source IP PBX. Prior to versions 16.0.10 and 17.0.5, the FreePBX logfiles module contains several authenticated SQL injection vulnerabilities. This issue has been patched in versions 16.0.10 and 17.0.5.
8.6
CVE-2026-28210 - FreePBX: Authenticated SQL Injection in CDR (Call Data Record) Reports
FreePBX is an open source IP PBX. Prior to versions 16.0.49 and 17.0.7, FreePBX module cdr (Call Data Record) is vulnerable to SQL query injection. This issue has been patched in versions 16.0.49 and 17.0.7.
7.5
CVE-2026-28209 - FreePBX: Command Injection leading to Remote Code Execution in FreePBX ElevenLabs Text-to-Speech inβ¦
FreePBX is an open source IP PBX. From versions 16.0.17.2 to before 16.0.20 and from version 17.0.2.4 to before 17.0.5, a command injection vulnerability exists in FreePBX when using the ElevenLabs Text-to-Speech (TTS) engine in the recordings module. This issue has been patched in versions 16.0.20β¦
6.9
CVE-2025-7375 - Unauthenticated Denial-of-Service Vulnerability in Omada EAP610
A denial-of-service (DoS) vulnerability was identified in Omada EAP610 v3. An attacker with adjacent network access can send crafted requests to cause the deviceβs HTTP service to crash. This results in temporary service unavailability until the device is rebooted. This issue affects Omada EAP610β¦
9.8
CVE-2025-13476 - Rakuten Viber uses broken or risky cryptographic Algorithm
Rakuten Viber Cloak mode in Android v25.7.2.0g and Windows v25.6.0.0βv25.8.1.0 uses a static and predictable TLS ClientHello fingerprint lacking extension diversity, allowing Deep Packet Inspection (DPI) systems to trivially identify and block proxy traffic, undermining censorship circumvention. (Cβ¦
9.8
CVE-2026-27944 - Nginx UI: Unauthenticated Backup Download with Encryption Key Disclosure
Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.3, the /api/backup endpoint is accessible without authentication and discloses the encryption keys required to decrypt the backup in the X-Backup-Security response header. This allows an unauthenticated attacker to downβ¦
9.1
CVE-2026-24457 - OpenMQ Unsafe Configuration Parsing Enables Remote File Read and Potential RCE
An unsafe parsing of OpenMQ's configuration, allows a remote attacker to read arbitrary files from a MQ Broker's server. A full exploitation could read unauthorized files of the OpenMQβs host OS. In some scenarios RCE could be achieved.
4.3
CVE-2026-27723 - OpenProject: Insufficient access control leads to create Wiki objects belongs unpermitted projects
OpenProject is an open-source, web-based project management software. Prior to versions 17.0.5 and 17.1.2, an attacker can create wiki pages belonging to unpermitted projects through an improperly authenticated request. This issue has been patched in versions 17.0.5 and 17.1.2.
5
CVE-2026-27023 - Twenty: SSRF protection bypass via HTTP redirect following in secure HTTP client
Twenty is an open source CRM. Prior to version 1.18, the SSRF protection in SecureHttpClientService validated request URLs at the request level but did not validate redirect targets. An authenticated user who could control outbound request URLs (e.g., webhook endpoints, image URLs) could bypass priβ¦