4.3
CVE-2026-1070 - Alex User Counter <= 6.0 - Cross-Site Request Forgery to Settings Update
The Alex User Counter plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.0. This is due to missing nonce validation on the alex_user_counter_function() function. This makes it possible for unauthenticated attackers to update the plugin settings …
4.3
CVE-2025-14903 - Simple Crypto Shortcodes <= 1.0.2 - Cross-Site Request Forgery to Plugin Settings Update
The Simple Crypto Shortcodes plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.2. This is due to missing nonce validation on the scs_backend function. This makes it possible for unauthenticated attackers to update plugin settings via a forged req…
7.5
CVE-2026-1257 - Administrative Shortcodes <= 0.3.4 - Authenticated (Contributor+) Local File Inclusion via 'slug' S…
The Administrative Shortcodes plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 0.3.4 via the 'slug' attribute of the 'get_template' shortcode. This is due to insufficient path validation on user-supplied input passed to the get_template_part() functio…
9.8
CVE-2025-13952 - GPU DDK - libusc UAF via WebGPU shaders at MergeConsecutiveBarriersBP
A web page that contains unusual GPU shader code is loaded from the Internet into the GPU compiler process triggers a write use-after-free crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this could enable further exploits on the device…
5.3
CVE-2026-24422 - phpMyFAQ: Public API endpoints expose emails and invisible questions
phpMyFAQ is an open source FAQ web application. In versions 4.0.16 and below, multiple public API endpoints improperly expose sensitive user information due to insufficient access controls. The OpenQuestionController::list() endpoint calls Question::getAll() with showAll=true by default, returning …
6.5
CVE-2026-24420 - phpMyFAQ: Attachment download allowed without dlattachment right (broken access control)
phpMyFAQ is an open source FAQ web application. Versions 4.0.16 and below allow an authenticated user without the dlattachment permission to download FAQ attachments due to a incomprehensive permissions check. The presence of a right key is improperly validated as proof of authorization in attachme…
7.5
CVE-2026-24469 - C++ HTTP Server has Critical Path Traversal Vulnerability in RequestHandler Allowing Arbitrary File…
C++ HTTP Server is an HTTP/1.1 server built to handle client connections and serve HTTP requests. Versions 1.0 and below are vulnerable to Path Traversal via the RequestHandler::handleRequest method. This flaw allows an unauthenticated, remote attacker to read arbitrary files from the server's file…
6.5
CVE-2026-24421 - phpMyFAQ missing authorization exposes /api/setup/backup to any authenticated user
phpMyFAQ is an open source FAQ web application. Versions 4.0.16 and below have flawed authorization logic which exposes the /api/setup/backup endpoint to any authenticated user despite their permissions. SetupController.php uses userIsAuthenticated() but does not verify that the requester has confi…
8.8
CVE-2026-24412 - iccDEV has Heap Buffer Overflow in icCurvesFromXml()
iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have aHeap Buffer Overflow vulnerability in the CIccTagXmlSegmentedCurve::ToXml() function. This occurs when user-controllable input is unsafely incorporate…
6.5
CVE-2026-24401 - Avahi has Uncontrolled Recursion in lookup_handle_cname function
Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions 0.9rc2 and below, avahi-daemon can be crashed via a segmentation fault by sending an unsolicited mDNS response containing a recursive CNAME record, where the alias and canonical …