Search Results (1071 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-53075 1 Linux 1 Linux Kernel 2026-06-28 8.8 High
In the Linux kernel, the following vulnerability has been resolved: ppp: require CAP_NET_ADMIN in target netns for unattached ioctls /dev/ppp open is currently authorized against file->f_cred->user_ns, while unattached administrative ioctls operate on current->nsproxy->net_ns. As a result, a local unprivileged user can create a new user namespace with CLONE_NEWUSER, gain CAP_NET_ADMIN only in that new user namespace, and still issue PPPIOCNEWUNIT, PPPIOCATTACH, or PPPIOCATTCHAN against an inherited network namespace. Require CAP_NET_ADMIN in the user namespace that owns the target network namespace before handling unattached PPP administrative ioctls. This preserves normal pppd operation in the network namespace it is actually privileged in, while rejecting the userns-only inherited-netns case.
CVE-2026-56010 2 Tychesoftwares, Wordpress 2 Abandoned Cart Pro For Woocommerce, Wordpress 2026-06-26 8.8 High
Subscriber Privilege Escalation in Abandoned Cart Pro for WooCommerce <= 10.4.0 versions.
CVE-2026-53249 1 Linux 1 Linux Kernel 2026-06-26 7.0 High
In the Linux kernel, the following vulnerability has been resolved: ipv4: restrict IPOPT_SSRR and IPOPT_LSRR options This patch restricts setting Loose Source and Record Route (LSRR) and Strict Source and Record Route (SSRR) IP options to users with CAP_NET_RAW capability. This prevents unprivileged applications from forcing packets to route through attacker-controlled nodes to leak TCP ISN and possibly other protocol information. While LSRR and SSRR are commonly filtered in many network environments, they may still be supported and forwarded along some network paths. RFC 7126 (Recommendations on Filtering of IPv4 Packets Containing IPv4 Options) recommend to drop these options in 4.3 and 4.4.
CVE-2026-53168 1 Linux 1 Linux Kernel 2026-06-26 7.0 High
In the Linux kernel, the following vulnerability has been resolved: fuse: reject fuse_notify() pagecache ops on directories The operations FUSE_NOTIFY_STORE and FUSE_NOTIFY_RETRIEVE allow the FUSE daemon to actively write/read pagecache contents. For directories with FOPEN_CACHE_DIR, the pagecache is used as kernel-internal cache storage, and userspace is not supposed to have direct access to this cache - in particular, fuse_parse_cache() will hit WARN_ON() if the cache contains bogus data. Reject FUSE_NOTIFY_STORE and FUSE_NOTIFY_RETRIEVE on anything other than regular files with -EINVAL.
CVE-2026-39470 2 Brainstorm Force, Wordpress 2 Woocommerce Cart Abandonment Recovery, Wordpress 2026-06-26 7.2 High
Shop manager Privilege Escalation in WooCommerce Cart Abandonment Recovery < 2.1.0 versions.
CVE-2026-49111 2 Themegrill, Wordpress 2 Masteriyo, Wordpress 2026-06-26 8.8 High
Incorrect Privilege Assignment vulnerability in ThemeGrill Masteriyo - LMS allows Privilege Escalation. This issue affects Masteriyo - LMS: from n/a through 2.2.0.
CVE-2026-27407 2 Meowapps, Wordpress 2 Ai Engine, Wordpress 2026-06-26 7.2 High
Editor Privilege Escalation in AI Engine <= 3.4.9 versions.
CVE-2026-39583 2 Datalogics Ecommerce Delivery, Wordpress 2 Datalogics Ecommerce Delivery, Wordpress 2026-06-26 9.8 Critical
Unauthenticated Privilege Escalation in Datalogics Ecommerce Delivery <= 2.6.62 versions.
CVE-2026-9795 1 Redhat 2 Build Keycloak, Build Of Keycloak 2026-06-26 7.3 High
A flaw was found in Keycloak's Fine-Grained Admin Permissions (FGAPv2) feature. An administrator with limited client management permissions can exploit this vulnerability to assign any realm role, including highly privileged roles, to a client's scope mapping. This bypasses intended security controls, allowing the injected role to be projected into a user's authentication token when they access the modified client. This could lead to unauthorized privilege escalation within the Keycloak realm.
CVE-2026-53236 1 Linux 1 Linux Kernel 2026-06-25 7.0 High
In the Linux kernel, the following vulnerability has been resolved: tcp: restrict SO_ATTACH_FILTER to priv users This patch restricts the use of SO_ATTACH_FILTER (cBPF) on TCP sockets to users with CAP_NET_ADMIN capability. This blocks potential side-channel attack where an unprivileged application attaches a filter to leak TCP sequence/acknowledgment numbers.
CVE-2026-43510 1 Cisa 1 Manage.get.gov 2026-06-25 5.9 Medium
manage.get.gov is the .gov TLD registrar maintained by CISA. manage.get.gov allows an organization administrator to assign domain manager privileges for domains not already in another organization. Fixed in 1.176.0 on or around 2026-04-30.
CVE-2026-52944 1 Linux 1 Linux Kernel 2026-06-25 N/A
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix FSCTL permission bypass by adding a permission check for FSCTL_SET_SPARSE FSCTL_SET_SPARSE in fsctl_set_sparse() modifies the file's sparse attribute and saves it through xattr without any permission checks. This exposes two issues: 1) A client on a read-only share can change the sparse attribute on files it opened, even though the share is read-only. Other FSCTL write operations already check test_tree_conn_flag(work->tcon, KSMBD_TREE_CONN_FLAG_WRITABLE), but FSCTL_SET_SPARSE does not. 2) Even on writable shares, clients without FILE_WRITE_DATA or FILE_WRITE_ATTRIBUTES access should not modify the sparse attribute. Similar handle-level checks exist in other functions but are missing here. Add both share-level writable check and per-handle access check. Use goto out on error to avoid leaking file references.
CVE-2026-52978 1 Linux 1 Linux Kernel 2026-06-24 N/A
In the Linux kernel, the following vulnerability has been resolved: net: psp: require admin permission for dev-set and key-rotate The dev-set and key-rotate netlink operations modify shared device state (PSP version configuration and cryptographic key material, respectively) but do not require CAP_NET_ADMIN. The only access control is psp_dev_check_access() which merely verifies netns membership.
CVE-2026-56251 1 Cap-go 1 Cap-go 2026-06-24 6.5 Medium
Capgo before 12.128.2 contains a broken row level security policy in the org_users table that allows authenticated users to elevate privileges from admin to super_admin. Attackers can exploit the insufficient RLS enforcement to gain unauthorized super_admin access and compromise system security.
CVE-2026-12164 1 Fortra 1 File Integrity Monitoring (fim) 2026-06-24 4.4 Medium
Fortra File Integrity Monitoring (FIM), formerly Tripwire Enterprise, versions prior to 9.4.0 may assign incorrect or elevated effective permissions to users created by the tetool import command while FIM is running, particularly when the import also creates or changes roles or role-permission relationships.
CVE-2026-48172 2 Litespeed Technologies, Litespeedtech 3 Cpanel Plugin, Litespeed Cpanel Plugin, Litespeed Whm Plugin 2026-06-24 9.8 Critical
LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation (possibly to root), as exploited in the wild in May 2026. Detection is best done via a command line of grep -rE "cpanel_jsonapi_func=redisAble" /var/cpanel/logs /usr/local/cpanel/logs/ 2>/dev/null in Bash. If you get no output, you have not been hit with exploitation of the vulnerability. If there is output, we recommend you examine the IP addresses in the list, determine if they are valid IP addresses, and if not, block them. To determine damage done, examine the system logs for use by the detected IP addresses. The issue is related to mishandling of Redis enable/disable features. The recommended minimum version is 2.4.7.
CVE-2026-34901 2 Paul, Wordpress 2 Icontrolwp, Wordpress 2026-06-23 9.8 Critical
Unauthenticated Privilege Escalation in iControlWP <= 5.5.3 versions.
CVE-2026-39587 2 Hakan Ozevin, Wordpress 2 Wp Base Booking, Wordpress 2026-06-23 8.1 High
Unauthenticated Privilege Escalation in WP BASE Booking <= 5.9.0 versions.
CVE-2026-48889 2 Tms, Wordpress 2 Amelia, Wordpress 2026-06-23 8.8 High
Subscriber Privilege Escalation in Amelia <= 2.3 versions.
CVE-2026-49063 2 Webilia Inc., Wordpress 2 Listdom, Wordpress 2026-06-23 7.3 High
Unauthenticated Privilege Escalation in Listdom <= 5.5.0 versions.