4.9
CVE-2026-40962 - FFmpeg: FFmpeg: Integer overflow and out-of-bounds write via CENC subsample data
FFmpeg before 8.1 has an integer overflow and resultant out-of-bounds write via CENC (Common Encryption) subsample data to libavformat/mov.c.
6.4
CVE-2026-3299 - WP YouTube Lyte <= 1.7.29 - Authenticated (Contributor+) Stored Cross-Site Scripting via lyte Shortβ¦
The WP YouTube Lyte plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'lyte' shortcode in all versions up to, and including, 1.7.29 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attacβ¦
4.8
CVE-2026-40505 - MuPDF < 1.27 mutool ANSI Injection via Metadata
MuPDF before 1.27 contains an ANSI injection vulnerability in mutool that allows attackers to inject arbitrary ANSI escape sequences through crafted PDF metadata fields. Attackers can embed malicious ANSI escape codes in PDF metadata that are passed unsanitized to terminal output when running mutooβ¦
9.3
CVE-2026-40504 - Creolabs Gravity < 0.9.6 Heap Buffer Overflow via gravity_vm_exec
Creolabs Gravity before 0.9.6 contains a heap buffer overflow vulnerability in the gravity_vm_exec function that allows attackers to write out-of-bounds memory by crafting scripts with many string literals at global scope. Attackers can exploit insufficient bounds checking in gravity_fiber_reassignβ¦
8.1
CVE-2026-40960 - Crafted Module Enables Unauthorized Access to Insecure Environment in Luanti
Luanti 5 before 5.15.2 sometimes allows unintended access to an insecure environment. If at least one mod is listed as secure.trusted_mods or secure.http_mods, then a crafted mod can intercept the request for the insecure environment or HTTP API, and also receive access to it.
9.3
CVE-2026-40959 - Lua sandbox escape via crafted module in Luanti using LuaJIT
Luanti 5 before 5.15.2, when LuaJIT is used, allows a Lua sandbox escape via a crafted mod.
8.7
CVE-2026-40502 - OpenHarness Remote Administrative Command Injection via Gateway Handler
OpenHarness prior to commit dd1d235 contains a command injection vulnerability that allows remote gateway users with chat access to invoke sensitive administrative commands by exploiting insufficient distinction between local-only and remote-safe commands in the gateway handler. Attackers can execuβ¦
7.1
CVE-2026-40503 - OpenHarness Path Traversal Information Disclosure via /memory show
OpenHarness prior to commit dd1d235 contains a path traversal vulnerability that allows remote gateway users with chat access to read arbitrary files by supplying path traversal sequences to the /memory show slash command. Attackers can manipulate the path input parameter to escape the project memoβ¦
6.5
CVE-2026-37100 - Unauthenticated BLE Control Access on Yamaha SR-B30A Sound Bar
An issue in the Bluetooth Low Energy (BLE) control interface of the Yamaha SR-B30A sound bar firmware 2.40 (Mobile App: Sound Bar Remote / version: 2.40) allows remote attackers within BLE radio range to connect without authentication via the Sound Bar Remote protocol
9.8
CVE-2026-37345 - SQL Injection in Vehicle Parking Area Management System v1.0
SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/manage_park.php.