5.3
CVE-2026-22183 - wpDiscuz before 7.6.47 - Stored Cross-Site Scripting in Inline Comment Preview
wpDiscuz before 7.6.47 contains a stored cross-site scripting vulnerability in the inline comment preview functionality that allows authenticated users to inject malicious scripts by submitting comments with unescaped content. Attackers with unfiltered_html capabilities can inject JavaScript directโฆ
8.7
CVE-2026-22182 - wpDiscuz before 7.6.47 - Unauthenticated Email Notification Flood via wpdCheckNotificationType
wpDiscuz before 7.6.47 contains an unauthenticated denial of service vulnerability that allows anonymous users to trigger mass notification emails by exploiting the checkNotificationType() function. Attackers can repeatedly call the wpdiscuz-ajax.php endpoint with arbitrary postId and comment_id paโฆ
6.7
CVE-2026-4105 - Systemd: systemd: privilege escalation via improper access control in registermachine d-bus method
A flaw was found in systemd. The systemd-machined service contains an Improper Access Control vulnerability due to insufficient validation of the class parameter in the RegisterMachine D-Bus (Desktop Bus) method. A local unprivileged user can exploit this by attempting to register a machine with a โฆ
5.4
CVE-2026-32612 - Statamic: privilege escalation via stored cross-site scripting
Statamic is a Laravel and Git powered content management system (CMS). Prior to 6.6.2, stored XSS in the control panel color mode preference allows authenticated users with control panel access to inject malicious JavaScript that executes when a higher-privileged user impersonates their account. Thโฆ
7.5
CVE-2026-32597 - PyJWT accepts unknown `crit` header extensions (RFC 7515 ยง4.1.11 MUST violation)
PyJWT is a JSON Web Token implementation in Python. Prior to 2.12.0, PyJWT does not validate the crit (Critical) Header Parameter defined in RFC 7515 ยง4.1.11. When a JWS token contains a crit array listing extensions that PyJWT does not understand, the library accepts the token instead of rejectingโฆ
5.3
CVE-2026-32322 - soroban-sdk: `Fr` scalar field equality comparison bypasses modular reduction
soroban-sdk is a Rust SDK for Soroban contracts. Prior to 22.0.11, 23.5.3, and 25.3.0, The Fr (scalar field) types for BN254 and BLS12-381 in soroban-sdk compared values using their raw U256 representation without first reducing modulo the field modulus r. This caused mathematically equal field eleโฆ
6.5
CVE-2026-32320 - Ella Core: AMF DoS via malformed PathSwitchRequest with empty NR security capability bitstrings
Ella Core is a 5G core designed for private networks. Prior to 1.5.1, Ella Core panics when processing a PathSwitchRequest containing UE Security Capabilities with zero-length NR encryption or integrity protection algorithm bitstrings, resulting in a denial of service. An attacker able to send crafโฆ
7.5
CVE-2026-32319 - Ella Core: Unauthenticated AMF DoS via malformed InitialUEMessage with undersized integrity-protectโฆ
Ella Core is a 5G core designed for private networks. Prior to 1.5.1, Ella Core panics when processing a malformed integrity protected NGAP/NAS message with a length under 7 bytes. An attacker able to send crafted NAS messages to Ella Core can crash the process, causing service disruption for all cโฆ
6.9
CVE-2026-32598 - OneUptime: Password Reset Token Logged at INFO Level
OneUptime is a solution for monitoring and managing online services. Prior to 10.0.24, the password reset flow logs the complete password reset URL โ containing the plaintext reset token โ at INFO log level, which is enabled by default in production. Anyone with access to application logs (log aggrโฆ
7.6
CVE-2026-32308 - OneUptime: Stored XSS via Mermaid Diagram Rendering (securityLevel: "loose")
OneUptime is a solution for monitoring and managing online services. Prior to 10.0.23, the Markdown viewer component renders Mermaid diagrams with securityLevel: "loose" and injects the SVG output via innerHTML. This configuration explicitly allows interactive event bindings in Mermaid diagrams, enโฆ