VulDB Recent Entries

A vulnerability was found in WaMate Confirm Plugin up to 2.0.1 on WordPress. It has been declared as problematic. This vulnerability affects unknown code of the component Phone Number Handler. The manipulation results in missing authorization. This vulnerability is cataloged as CVE-2026-1833. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Twitter Posts to Blog Plugin up to 1.11.25 on WordPress. It has been classified as problematic. This affects the function dg_tw_options of the component Setting Handler. The manipulation leads to missing authorization. This vulnerability is listed as CVE-2026-1786. The attack may be initiated remotely. There is no available exploit.

A vulnerability was found in Invoct Plugin up to 1.6 on WordPress and classified as problematic. Affected by this issue is some unknown functionality. Executing a manipulation can lead to missing authorization. This vulnerability is tracked as CVE-2026-1748. The attack can be launched remotely. No exploit exists.

A vulnerability has been found in Invoct Plugin up to 1.6 on WordPress and classified as problematic. Affected by this vulnerability is an unknown functionality. Performing a manipulation results in missing authorization. This vulnerability is identified as CVE-2026-1748. The attack can be initiated remotely. There is not any exploit available.

A vulnerability, which was classified as critical, was found in Custom Block Builder Plugin up to 4.2.0 on WordPress. Affected is the function LazyBlocks_Blocks. Such manipulation leads to privilege escalation. This vulnerability is referenced as CVE-2026-1560. It is possible to launch the attack remotely. No exploit is available.

A vulnerability, which was classified as critical, has been found in wpForo Forum Plugin up to 2.4.13 on WordPress. This impacts the function wpforo_display_array_data. This manipulation causes deserialization. The identification of this vulnerability is CVE-2026-0910. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability classified as critical was found in Migration, Backup, Staging Plugin up to 0.9.123 on WordPress. This affects the function openssl_private_decrypt. The manipulation results in path traversal. This vulnerability was named CVE-2026-1357. The attack may be performed from remote. There is no available exploit.

A vulnerability classified as problematic has been found in AMD EPYC 9005 Processors, Ryzen 9000HX Processors, Ryzen AI 300 Processors, Ryzen 9000 Desktop Processors, Ryzen AI Max 300 Processors, Ryzen Z2 Processors Extreme, Ryzen AI 400 Processors, Ryzen Threadripper 9000 Processors, Ryzen Threadripper PRO 9000 WX-Series Processors and EPYC Embedded 9005 Processors. The impacted element is an unknown function. The manipulation leads to improper isolation of shared resources on system-on-a-chip (soc). This vulnerability is uniquely identified as CVE-2025-54514. Local access is required to approach this attack. No exploit exists. It is recommended to upgrade the affected component.

A vulnerability described as problematic has been identified in ZOLL ePCR IOS Mobile Application 2.6.7. The affected element is an unknown function. Executing a manipulation of the argument run number/incident/call sign/notes can lead to file and directory information exposure. This vulnerability is handled as CVE-2025-12699. It is possible to launch the attack on the local host. There is not any exploit available.

A vulnerability marked as problematic has been reported in AMD EPYC 9004 Processors, EPYC 7003 Processors, EPYC 9005 Processors, EPYC 8004 Processors, EPYC Embedded 7003 Processors, EPYC Embedded 9004 Processors, EPYC Embedded 9005 Processors and EPYC Embedded 8004 Processors. Impacted is an unknown function of the component SEV Firmware. Performing a manipulation results in improper prevention of lock bit modification. This vulnerability is known as CVE-2025-52536. Attacking locally is a requirement. No exploit is available. It is suggested to upgrade the affected component.

A vulnerability labeled as problematic has been found in AMD EPYC 9005 Processors. This issue affects some unknown processing of the component Guest Handler. Such manipulation leads to improper validation of specified quantity in input. This vulnerability is traded as CVE-2025-52534. The attack may be launched remotely. There is no exploit available. The affected component should be upgraded.

A vulnerability identified as problematic has been detected in GE Vernova Enervista 8.6 on Windows. This vulnerability affects unknown code. This manipulation causes Local Privilege Escalation. This vulnerability appears as CVE-2026-1763. It is feasible to perform the attack on the physical device. There is no available exploit.

A vulnerability categorized as problematic has been discovered in GE Vernova Enervista up to 8.6 on Windows. This affects an unknown part. The manipulation results in relative path traversal. This vulnerability is reported as CVE-2026-1762. An attack on the physical device is feasible. No exploit exists.

A vulnerability was found in AMD EPYC 9004 Processors, EPYC 8004 Processors and EPYC Embedded 9004 Processors. It has been rated as problematic. Affected by this issue is some unknown functionality of the component IOMMU. The manipulation leads to improper validation of specified quantity in input. This vulnerability is documented as CVE-2024-21953. The attack needs to be performed locally. There is not any exploit available. Upgrading the affected component is advised.

A vulnerability was found in AMD EPYC 9004 Processors, EPYC 7003 Processors, EPYC 9005 Processors, EPYC 8004 Processors, EPYC Embedded 7003 Processors, EPYC Embedded 9004 Processors, EPYC Embedded 9005 Processors and EPYC Embedded 8004 Processors. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. Executing a manipulation can lead to improper initialization. This vulnerability is registered as CVE-2025-48509. The attack needs to be launched locally. No exploit is available. It is recommended to upgrade the affected component.

A vulnerability was found in AVEVA PI Data Archive PI Server up to 2018_SP3_Patch_7. It has been classified as problematic. Affected is an unknown function. Performing a manipulation results in uncaught exception. This vulnerability is cataloged as CVE-2026-1507. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in langchain-ai langchain up to 1.2.10 and classified as critical. This impacts the function ChatOpenAI.get_num_tokens_from_messages of the component Image Parser. Such manipulation of the argument image_url leads to server-side request forgery. This vulnerability is listed as CVE-2026-26013. The attack may be performed from remote. There is no available exploit. It is suggested to upgrade the affected component.

A vulnerability has been found in AMD EPYC 9004 Processors, EPYC 7003 Processors, EPYC 7002 Processors, EPYC 7001 Processors, EPYC 9005 Processors, Instinct MI300A, EPYC 9V64H Processor, Ryzen Threadripper PRO 3000WX Processors, Ryzen Threadripper PRO 5000 WX-Series Processors, Ryzen Threadripper 7000 Processors, Ryzen Threadripper PRO 7000 WX-Series Processors, Ryzen Threadripper 9000 Processors, Ryzen Threadripper PRO 9000 WX-Series Processors, EPYC Embedded 7003 Processors, EPYC Embedded 9004 Processors, EPYC Embedded 7002 Processors, EPYC Embedded 3000 Processors, EPYC Embedded 9005 Processors and EPYC Embedded 8004 Processors and classified as critical. This affects an unknown function of the component System Management Mode. This manipulation causes improper access control for volatile memory containing boot code. This vulnerability is tracked as CVE-2025-29950. The attack is restricted to local execution. No exploit exists. The affected component should be upgraded.

A vulnerability, which was classified as critical, was found in AMD Athlon 3000 Mobile Processors with Radeon Graphics, Ryzen Embedded R1000 Processors, Ryzen Embedded R2000 Processors and Ryzen Embedded V1000 Processors. The impacted element is an unknown function. The manipulation results in stack-based buffer overflow. This vulnerability is identified as CVE-2025-29951. The attack is only possible with local access. There is not any exploit available. You should upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in AMD EPYC 9005 Processors and EPYC Embedded 9005 Processors. The affected element is an unknown function of the component SEV-SNP Guest Memory. The manipulation leads to detection of error condition without action. This vulnerability is referenced as CVE-2025-0029. The attack can only be performed from a local environment. No exploit is available. It is advisable to upgrade the affected component.