6.5
CVE-2026-33469 - Authenticated Frigate users can read the full unredacted configuration via `/api/config/raw
Frigate is a network video recorder (NVR) with realtime local object detection for IP cameras. In version 0.17.0, an authenticated non-admin user can retrieve the full raw Frigate configuration through `/api/config/raw`. This exposes sensitive values that are intentionally redacted from `/api/confiβ¦
8.1
CVE-2026-33468 - Kysely has a MySQL SQL Injection via Insufficient Backslash Escaping in `sql.lit(string)` usage or β¦
Kysely is a type-safe TypeScript SQL query builder. Prior to version 0.28.14, Kysely's `DefaultQueryCompiler.sanitizeStringLiteral()` only escapes single quotes by doubling them (`'` β `''`) but does not escape backslashes. When used with the MySQL dialect (where `NO_BACKSLASH_ESCAPES` is OFF by deβ¦
8.1
CVE-2026-33442 - Kysely has a MySQL SQL Injection via Backslash Escape Bypass in non-type-safe usage of JSON path keβ¦
Kysely is a type-safe TypeScript SQL query builder. In versions 0.28.12 and 0.28.13, the `sanitizeStringLiteral` method in Kysely's query compiler escapes single quotes (`'` β `''`) but does not escape backslashes. On MySQL with the default `BACKSLASH_ESCAPES` SQL mode, an attacker can inject a bacβ¦
5.4
CVE-2026-34071 - Stirling-PDF has Stored Cross Site Scripting (XSS) via EML-to-HTML Export
Stirling-PDF is a locally hosted web application that allows you to perform various operations on PDF files. In version 2.7.3, the /api/v1/convert/eml/pdf endpoint with parameter downloadHtml=true returns unsanitized HTML from the email body with Content-Type: text/html. An attacker who sends a malβ¦
6.5
CVE-2026-33438 - Stirling-PDF vulnerable to DoS via add-watermark
Stirling-PDF is a locally hosted web application that allows you to perform various operations on PDF files. Versions starting in 2.1.5 and prior to 2.5.2 have Denial of Service (DoS) vulnerability in the Stirling-PDF watermark functionality (`/api/v1/security/add-watermark` endpoint). The vulnerabβ¦
7.3
CVE-2026-33430 - Briefcase: Windows MSI Installer Privilege Escalation via Insecure Directory Permissions
Briefcase is a tool for converting a Python project into a standalone native application. Starting in version 0.3.0 and prior to version 0.3.26, if a developer uses Briefcase to produce an Windows MSI installer for a project, and that project is installed for All Users (i.e., per-machine scope), thβ¦
7.6
CVE-2026-33636 - LIBPNG has ARM NEON Palette Expansion Out-of-Bounds Read on AArch64
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. In versions 1.6.36 through 1.6.55, an out-of-bounds read and write exists in libpng's ARM/AArch64 Neon-optimized palette expansion path. When expanding 8-bit pβ¦
7.5
CVE-2026-33416 - LIBPNG has use-after-free via pointer aliasing in `png_set_tRNS` and `png_set_PLTE`
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. In versions 1.2.1 through 1.6.55, `png_set_tRNS` and `png_set_PLTE` each alias a heap-allocated buffer between `png_struct` and `png_info`, sharing a single alβ¦
1.3
CVE-2026-33402 - SAK-52311: Sakai site-manage group titles can contain XSS content
Sakai is a Collaboration and Learning Environment (CLE). In versions 23.0 through 23.4 and 25.0 through 25.1, group titles and description can contain cross-site scripting scripts. The patch is included in releases 25.2 and 23.5. As a workaround, one can check the SAKAI_SITE_GROUP table for titles β¦
5.2
CVE-2026-33015 - EVerest has RemoteStop Bypass via BCB Toggle Session Restart
EVerest is an EV charging software stack. Prior to version 2026.02.0, even immediately after CSMS performs a RemoteStop (StopTransaction), the EVSE can return to `PrepareCharging` via the EV's BCB toggle, allowing session restart. This breaks the irreversibility of remote stop and can bypass operatβ¦