8.8
CVE-2026-0778 - Enel X JuiceBox 40 Telnet Service Missing Authentication Remote Code Execution Vulnerability
Enel X JuiceBox 40 Telnet Service Missing Authentication Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Enel X JuiceBox 40 charging stations. Authentication is not required to exploit this vulnerabilit…
7.3
CVE-2026-0776 - Discord Client Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
Discord Client Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Discord Client. An attacker must first obtain the ability to execute low-privileged code on the target system in or…
7.0
CVE-2026-0775 - npm cli Incorrect Permission Assignment Local Privilege Escalation Vulnerability
npm cli Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of npm cli. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit …
8.8
CVE-2026-0774 - WatchYourLAN Configuration Page Argument Injection Remote Code Execution Vulnerability
WatchYourLAN Configuration Page Argument Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of WatchYourLAN. Authentication is not required to exploit this vulnerability. The specific flaw exists w…
9.8
CVE-2026-0773 - Upsonic Cloudpickle Deserialization of Untrusted Data Remote Code Execution Vulnerability
Upsonic Cloudpickle Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Upsonic. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ad…
7.5
CVE-2026-0772 - Langflow Disk Cache Deserialization of Untrusted Data Remote Code Execution Vulnerability
Langflow Disk Cache Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is required to exploit this vulnerability. The specific flaw exists within the disk …
7.1
CVE-2026-0771 - Langflow PythonFunction Code Injection Remote Code Execution Vulnerability
Langflow PythonFunction Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Attack vectors and exploitability will vary depending on the configuration of the product. The specific flaw exist…
9.8
CVE-2026-0770 - Langflow exec_globals Inclusion of Functionality from Untrusted Control Sphere Remote Code Executio…
Langflow exec_globals Inclusion of Functionality from Untrusted Control Sphere Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is not required to exploit this vulnerability. The specific…
9.8
CVE-2026-0769 - Langflow eval_custom_component_code Eval Injection Remote Code Execution Vulnerability
Langflow eval_custom_component_code Eval Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is not required to exploit this vulnerability. The specific flaw exists within the impl…
9.8
CVE-2026-0768 - Langflow code Code Injection Remote Code Execution Vulnerability
Langflow code Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the code param…