7.6
CVE-2026-32117 - grafanacubism-panel : Stored XSS via javascript: URL in panel zoom link (Editor β Viewer)
The grafanacubism-panel plugin allows use of cubism.js in Grafana. In 0.1.2 and earlier, the panel's zoom-link handler passes a dashboard-editor-supplied URL directly to window.location.assign() / window.open() with no scheme validation. An attacker with dashboard Editor privileges can set the linkβ¦
10
CVE-2026-27591 - Winter: Privilege escalation by authenticated backend users
Winter is a free, open-source content management system (CMS) based on the Laravel PHP framework. Prior to 1.0.477, 1.1.12, and 1.2.12, Winter CMS allowed authenticated backend users to escalate their accounts level of access to the system by modifying the roles / permissions assigned to their accoβ¦
5.1
CVE-2026-3957 - xierongwkhd weimai-wetapp Endpoint HomeController.java getLikeMovieList sql injection
A flaw has been found in xierongwkhd weimai-wetapp up to 5fe9e8225be4f73f2c5087f134aff657bdf1c6f2. This vulnerability affects the function getLikeMovieList of the file source-code/src/main/java/com/moke/wp/wx_weimai/controller/HomeController.java of the component Endpoint. Executing a manipulation β¦
8.8
CVE-2026-32127 - SQL Injection Vulnerability in ajax graphs library (OpenEMR)
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.1, OpenEMR contains a SQL injection vulnerability in the ajax graphs library that can be exploited by authenticated attackers. The vulnerability exists due to insufficient input vβ¦
7.1
CVE-2026-32126 - OpenEMR: Inverted ACL Condition in CDR ControllerRouter Allows Any Authenticated User to Modify/Delβ¦
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.1, an inverted boolean condition in ControllerRouter::route() causes the admin/super ACL check to be enforced only for controllers that already have their own internal authorizatiβ¦
5.4
CVE-2026-32125 - OpenEMR: Stored XSS in Track Anything Graphs via Unescaped Dygraph Titles/Labels
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.1, track/item names from the Track Anything feature are stored from user input (POST) and later rendered in Dygraph charts (titles/labels) using innerHTML or equivalent without esβ¦
5.4
CVE-2026-32124 - OpenEMR: Dynamic Code Picker Renders Unescaped Descriptions (Stored XSS)
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.1, the dynamic code picker AJAX endpoint returns code descriptions (code_text) that are rendered in the front end (e.g. DataTables) without HTML escaping. If an administrator (or β¦
7.7
CVE-2026-32123 - OpenEMR: Therapy Group Sensitivity ACL No Longer Enforced
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.1, sensitivity checks for group encounters are broken because the code only consults form_encounter for sensitivity, while group encounters store sensitivity in form_groups_encounβ¦
4.3
CVE-2026-32122 - OpenEMR: Missing Authorization on Claim File Tracker UI and AJAX Endpoint (V2)
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.1, the Claim File Tracker feature exposes an AJAX endpoint that returns billing claim metadata (claim IDs, payer info, transmission logs). The endpoint does not enforce the same Aβ¦
7.7
CVE-2026-32121 - OpenEMR: Stored DOM XSS via `.html()` in Portal Signer Modal
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.1, Stored XSS in prescription CSS/HTML print view via patient demographics. That finding involves server-side rendering of patient names via raw PHP echo. This finding involves cβ¦