7.2
CVE-2026-23498 - Shopware Improper Control of Generation of Code in Twig rendered views
Shopware is an open commerce platform. From 6.7.0.0 to before 6.7.6.1, a regression of CVE-2023-2017 leads to an array and array crafted PHP Closure not checked being against allow list for the map(...) override. This vulnerability is fixed in 6.7.6.1.
7.8
CVE-2025-33206 -
NVIDIA NSIGHT Graphics for Linux contains a vulnerability where an attacker could cause command injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and denial of service.
4.8
CVE-2025-71166 - Typesetter CMS Reflected XSS via Move Message Handling
Typesetter CMS versions up to and including 5.1 contain a reflected cross-site scripting (XSS) vulnerability in the administrative interface within the Tools Status move message handling. The path parameter is reflected into the HTML output without proper output encoding in include/admin/Tools/Statโฆ
4.8
CVE-2025-71165 - Typesetter CMS Reflected XSS via Status.php
Typesetter CMS versions up to and including 5.1 contain a reflected cross-site scripting (XSS) vulnerability in the administrative interface within the Tools Status functionality. The path parameter is reflected into the HTML response without proper output encoding in include/admin/Tools/Status.phpโฆ
4.8
CVE-2025-71164 - Typesetter CMS Reflected XSS via Editing.php
Typesetter CMS versions up to and including 5.1 contain a reflected cross-site scripting (XSS) vulnerability in the Editing component. The images parameter (submitted as images[] in a POST request) is reflected into an HTML href attribute without proper context-aware output encoding in include/toolโฆ
1.3
CVE-2026-23497 - Frappe LMS has a Stored XSS via Unsanitized Image Filename in Course and Jobs Pages
Frappe Learning Management System (LMS) is a learning system that helps users structure their content. In 2.44.0 and earlier, there is a stored XSS vulnerability where a specially crafted image filename could execute malicious JavaScript when rendered on course or jobs pages.
8.8
CVE-2026-23492 - Pimcore has a Blind SQL Injection in Admin Search Find API due to an incomplete fix for CVE-2023-30โฆ
Pimcore is an Open Source Data & Experience Management Platform. Prior to 12.3.1 and 11.5.14, an incomplete SQL injection patch in the Admin Search Find API allows an authenticated attacker to perform blind SQL injection. Although CVE-2023-30848 attempted to mitigate SQL injection by removing SQL cโฆ
7.7
CVE-2026-23477 - Rocket.Chat Unauthorized Access to OAuth App Details
Rocket.Chat is an open-source, secure, fully customizable communications platform. In Rocket.Chat versions up to 6.12.0, the API endpoint GET /api/v1/oauth-apps.get is exposed to any authenticated user, regardless of their role or permissions. This endpoint returns an OAuth application, as long as โฆ
5.9
CVE-2026-22819 - Outray has a Race Condition in main/apps/web/src/routes/api/$orgSlug/subdomains/index.ts
Outray openSource ngrok alternative. Prior to 0.1.5, this vulnerability allows a user i.e a free plan user to get more than the desired subdomains due to lack of db transaction lock mechanisms in main/apps/web/src/routes/api/$orgSlug/subdomains/index.ts. This vulnerability is fixed in 0.1.5.
5.6
CVE-2026-22859 - FreeRDP has a heap-buffer-overflow in urb_select_configuration
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, the URBDRC client does not perform bounds checking on serverโsupplied MSUSB_INTERFACE_DESCRIPTOR values and uses them as indices in libusb_udev_complete_msconfig_setup, causing an outโofโbounds read. This vulnerabilitโฆ