6.9
CVE-2026-5484 - BookStackApp BookStack Chapter Export ExportFormatter.php chapterToMarkdown access control
A weakness has been identified in BookStackApp BookStack up to 26.03. Affected is the function chapterToMarkdown of the file app/Exports/ExportFormatter.php of the component Chapter Export Handler. Executing a manipulation of the argument pages can lead to improper access controls. It is possible tβ¦
2.1
CVE-2026-5476 - NASA cFS cfe_tbl_passthru_codec.c CFE_TBL_ValidateCodecLoadSize integer overflow
A vulnerability was identified in NASA cFS up to 7.0.0 on 32-bit. Affected is the function CFE_TBL_ValidateCodecLoadSize of the file cfe/modules/tbl/fsw/src/cfe_tbl_passthru_codec.c. The manipulation leads to integer overflow. The complexity of an attack is rather high. The exploitability is told tβ¦
10
CVE-2026-32186 - Microsoft Bing Elevation of Privilege Vulnerability
Server-side request forgery (ssrf) in Microsoft Bing allows an unauthorized attacker to elevate privileges over a network.
5.1
CVE-2026-5475 - NASA cFS CCSDS Header Size cfe_sb_priv.c CFE_SB_TransmitMsg memory corruption
A vulnerability was determined in NASA cFS up to 7.0.0. This impacts the function CFE_SB_TransmitMsg of the file cfe_sb_priv.c of the component CCSDS Header Size Handler. Executing a manipulation can lead to memory corruption. The project was informed of the problem early through an issue report buβ¦
9.1
CVE-2026-0545 - Missing Authentication for Critical Function in mlflow/mlflow
In mlflow/mlflow, the FastAPI job endpoints under `/ajax-api/3.0/jobs/*` are not protected by authentication or authorization when the `basic-auth` app is enabled. This vulnerability affects the latest version of the repository. If job execution is enabled (`MLFLOW_SERVER_ENABLE_JOB_EXECUTION=true`β¦
5.3
CVE-2026-5474 - NASA cFS CCSDS Packet Header to_lab_passthru_encode.c CFE_MSG_GetSize heap-based overflow
A vulnerability was found in NASA cFS up to 7.0.0. This affects the function CFE_MSG_GetSize of the file apps/to_lab/fsw/src/to_lab_passthru_encode.c of the component CCSDS Packet Header Handler. Performing a manipulation results in heap-based buffer overflow. The attacker must have access to the lβ¦
2
CVE-2026-5473 - NASA cFS Pickle pickle.load deserialization
A vulnerability has been found in NASA cFS up to 7.0.0. The impacted element is the function pickle.load of the component Pickle Module. Such manipulation leads to deserialization. The attack needs to be performed locally. The attack requires a high level of complexity. The exploitability is regardβ¦
5.3
CVE-2026-5472 - ProjectsAndPrograms School Management System Profile Picture settings.php unrestricted upload
A flaw has been found in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. The affected element is an unknown function of the file /admin_panel/settings.php of the component Profile Picture Handler. This manipulation of the argument File causes unrestricteβ¦
6.3
CVE-2026-25118 - immich-server: Insecure Transmission of Authentication Credentials via Password Parameter in HTTP Rβ¦
immich is a high performance self-hosted photo and video management solution. Prior to version 2.6.0, the Immich application is vulnerable to credential disclosure when a user authenticates to a shared album. During the authentication process, the application transmits the album password within theβ¦
8.7
CVE-2026-35218 - Budibase: Stored XSS via unsanitized entity names rendered with {@html} in Builder Command Palette
Budibase is an open-source low-code platform. Prior to version 3.32.5, Budibase's Builder Command Palette renders entity names (tables, views, queries, automations) using Svelte's {@html} directive without any sanitization. An authenticated user with Builder access can create a table, automation, vβ¦