5.3
CVE-2026-24027 - Crafted zones can lead to increased incoming network traffic
Crafted zones can lead to increased incoming network traffic.
5.3
CVE-2026-0398 - Crafted zones can lead to increased resource usage and crafted CNAME chains can lead to cache poiso…
Crafted zones can lead to increased resource usage and crafted CNAME chains can lead to cache poisoning in Recursor.
8.8
CVE-2025-10465 - Unrestricted File Upload in Birtech Information Technologies' Sensaway
Unrestricted Upload of File with Dangerous Type vulnerability in Birtech Information Technologies Industry and Trade Ltd. Co. Sensaway allows Upload a Web Shell to a Web Server.This issue affects Sensaway: through 09022026. NOTE: Because the product was developed using outdated technology, the manu…
6.5
CVE-2025-10464 - Cleartext password storage in Birtech Information Technologies' Sensaway
Insecure Storage of Sensitive Information vulnerability in Birtech Information Technologies Industry and Trade Ltd. Co. Senseway allows Retrieve Embedded Sensitive Data.This issue affects Senseway: through 09022026. NOTE: Because the product was developed using outdated technology, the manufactu…
7.3
CVE-2025-10463 - Improper Authentication in Birtech Information Technologies' Sensaway
Improper Authentication vulnerability in Birtech Information Technologies Industry and Trade Ltd. Co. Senseway allows Authentication Abuse.This issue affects Senseway: through 09022026. NOTE: Because the product was developed using outdated technology, the manufacturer is unable to fix the releva…
6.8
CVE-2025-7708 - Sensitive Data Exposure in Atlas Software's k12net
Insertion of Sensitive Information Into Sent Data vulnerability in Atlas Educational Software Industry Ltd. Co. K12net allows Communication Channel Manipulation.This issue affects k12net: through 09022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
5.1
CVE-2026-1960 - Stored Cross-Site Scripting (XSS) vulnerability in Loggro Pymes
Stored Cross-Site Scripting (XSS) vulnerability in Loggro Pymes, via the 'Facebook' parameter in '/loggrodemo/jbrain/ConsultaTerceros' endpoint.
5.1
CVE-2026-1959 - Stored Cross-Site Scripting (XSS) vulnerability in Loggro Pymes
Stored Cross-Site Scripting (XSS) vulnerability in Loggro Pymes, via the 'descripción' parameter in the '/loggrodemo/jbrain/MaestraCuentasBancarias' endpoint.
5.4
CVE-2026-0632 - Fluent Forms Pro Add On Pack <= 6.1.12 - Authenticated (Subscriber+) Server-Side Request Forgery vi…
The Fluent Forms Pro Add On Pack plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 6.1.12 via the 'saveDataSource' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests to arbi…
9.8
CVE-2025-6830 - SQLi in Xpoda Türkiye Information Technology's Password Module
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Xpoda Türkiye Information Technology Inc. Password Module allows SQL Injection.This issue affects Password Module: through 11022026.