New

CVE-2026-61492: In JetBrains YouTrack before 2026.2.17394 stored XSS via article titles in digest emails was possible

CVE-2026-59796: In JetBrains TeamCity before 2026.1.2 pipeline modification was possible due to improper permission checks

CVE-2026-59795: In JetBrains TeamCity before 2026.1.2 stored XSS via unauthenticated agent registration was possible

CVE-2026-59794: In JetBrains TeamCity before 2026.1.2 stored XSS on the cloud profile page was possible via agent-reported data

CVE-2026-59793: In JetBrains TeamCity before 2026.1.2 arbitrary file access was possible via the Perforce VCS integration

Updated

CVE-2026-45788: Discourse: Secure uploads exposed by hotlinked image copying: Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, secure uploads could be exposed by pull_hotlinked_images when an attacker knew the secured upload URL and the secure_uploads site setting was enabled. This issue is fixed in versions 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5.

CVE-2026-3907: Hostel <= 1.1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'wphostel-book' Shortcode: The Hostel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wphostel-book' shortcode in all versions up to and including 1.1.7. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes. Specifically, the second shortc...

CVE-2026-15274: lo48576 fbxcel Node Header parser.rs denial of service: A vulnerability was detected in lo48576 fbxcel up to 0.9.0. This affects an unknown part of the file src/pull_parser/v7400/parser.rs of the component Node Header Handler. The manipulation results in denial of service. The attack must be initiated from a local position. The exploit is now public and may be used. The pull request to fix this...

CVE-2026-57028: Junos OS Evolved: A port which has been inadvertently exposed can be reached by an attacker: An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause license exhaustion. Due to an incorrect initialization, a process which should only be able to communicate internally withi...

CVE-2026-57031: Junos OS: MX Series: For subscribers configured on static interfaces, input filters are not in effect: An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on MX Series allows adjacent subscribers to bypass configured firewall filters. On MX Series devices with MPC10/11, LC4800/9600, and MX304 with subscribers c...

CISA Known Exploited Vulnerabilities

CVE-2026-45659 Microsoft SharePoint Server: Microsoft SharePoint Server contains a deserialization of untrusted data vulnerability which allows an authorized attacker to execute code over a network.

CVE-2026-48558 SimpleHelp SimpleHelp: SimpleHelp contains an authentication bypass vulnerability in the OIDC authentication flow. When OIDC authentication is configured, identity tokens submitted during login are accepted without verifying their cryptographic signature. In a vulnerable configuration, a remote, unauthenticated attacker can submit a forged token containing arbitrary identity claims to obtain a fully authenticated technician session. In some configurations, this may also allow bypass of multi-factor authentication.

CVE-2026-20230 Cisco Unified Communications Manager: Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) contain a server-side request forgery (SSRF) Vulnerability that could allow an unauthenticated, remote attacker to write files to the underlying operating system that could be used later to elevate to root.

CVE-2026-12569 PTC Windchill and FlexPLM: PTC Windchill and FlexPLM contains an improper input validation vulnerability allowing an unauthenticated, remote attacker to execute arbitrary code by sending a malicious request to the network.

CVE-2025-67038 Lantronix EDS5000: Lantronix EDS5000 contains a code injection vulnerability that could allow attackers to inject arbitrary OS commands into the username parameter. Injected commands are executed with root privileges.