2.7
CVE-2026-29185 - @backstage/integration: Potential reading of SCM URLs using built in token
Backstage is an open framework for building developer portals. Prior to version 1.20.1, a vulnerability in the SCM URL parsing used by Backstage integrations allowed path traversal sequences in encoded form to be included in file paths. When these URLs were processed by integration functions that cโฆ
4.8
CVE-2026-3664 - xlnt-community xlnt Encrypted XLSX File compound_document.cpp read_directory out-of-bounds
A vulnerability was determined in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::compound_document::read_directory of the file source/detail/cryptography/compound_document.cpp of the component Encrypted XLSX File Parser. Executing a manipulation can lead to out-of-bounds reโฆ
4.8
CVE-2026-3663 - xlnt-community xlnt XLSX File compound_document.cpp xsgetn out-of-bounds
A vulnerability was found in xlnt-community xlnt up to 1.6.1. This issue affects the function xlnt::detail::compound_document_istreambuf::xsgetn of the file source/detail/cryptography/compound_document.cpp of the component XLSX File Parser. Performing a manipulation results in out-of-bounds read. Tโฆ
5.1
CVE-2026-3662 - Wavlink WL-NU516U1 adm.cgi usb_p910 command injection
A vulnerability has been found in Wavlink WL-NU516U1 240425. This vulnerability affects the function usb_p910 of the file /cgi-bin/adm.cgi. Such manipulation of the argument Pr_mode leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the publiโฆ
5.1
CVE-2026-3661 - Wavlink WL-NU516U1 adm.cgi ota_new_upgrade command injection
A flaw has been found in Wavlink WL-NU516U1 240425. This affects the function ota_new_upgrade of the file /cgi-bin/adm.cgi. This manipulation of the argument model causes command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. The vendor waโฆ
6.5
CVE-2026-24308 - Apache ZooKeeper: Sensitive information disclosure in client configuration handling
Improper handling of configuration values in ZKConfig in Apache ZooKeeper 3.8.5 and 3.9.4 on all platforms allows an attacker to expose sensitive information stored in client configuration in the client's logfile. Configuration values are exposed at INFO level logging rendering potential productionโฆ
5.9
CVE-2026-24281 - Apache ZooKeeper: Reverse-DNS fallback enables hostname verification bypass in ZooKeeper ZKTrustManโฆ
Hostname verification in Apache ZooKeeper ZKTrustManager falls back to reverse DNS (PTR) when IP SAN validation fails, allowing attackers who control or spoof PTR records to impersonate ZooKeeper servers or clients with a valid certificate for the PTR name. It's important to note that attacker mustโฆ
7.5
CVE-2026-2219 - dpkg-deb Infinite Loop DoS via Improper Zstd Stream Validation
It was discovered that dpkg-deb (a component of dpkg, the Debian package management system) does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive, which may result in denial of service (infinite loop spinning the CPU).
4.3
CVE-2026-1087 - The Guardian News Feed <= 1.2 - Cross-Site Request Forgery to Settings Update
The Guardian News Feed plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2. This is due to missing nonce validation on the settings update functionality. This makes it possible for unauthenticated attackers to modify the plugin's settings, inclโฆ
4.3
CVE-2026-1086 - Font Pairing Preview For Landing Pages <= 1.3 - Cross-Site Request Forgery to Settings Update
The Font Pairing Preview For Landing Pages plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3. This is due to missing nonce validation on the settings update functionality. This makes it possible for unauthenticated attackers to modify the pluโฆ