| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, the client-controlled username is passed without proper escaping of shell meta-characters. This vulnerability allows an attacker to achieve remote command execution on the affected system. This issue primarily affects non-standard configurations where the "check password script" is used with %u and the samba-dcerpcd service is started as a system service. |
| A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without proper verification. An attacker with the ability to intercept or redirect network traffic could exploit this behavior to supply a malicious certificate authority certificate, potentially allowing interception or spoofing of trusted communications. |
| A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read only = yes. Due to missing SMB-layer access checks, authenticated users with underlying filesystem write permissions may create or delete reparse point metadata through SMB operations even on read-only exports. This could allow modification of SMB-visible file behavior, including converting files into symbolic links or other reparse point types. |
| LiteSpeed cPanel plugin before 2.4.8 (as distributed in LiteSpeed WHM PlugIn before 5.3.2.0) mishandles symlinks provided by a user with FTP or web shell access on a shared hosting server running CloudLinux/CageFS, as exploited in the wild in May 2026. |
| Unauthenticated Cross Site Scripting (XSS) in MW WP Form <= 5.1.3 versions. |
| Unauthenticated Broken Access Control in Contact Form by WPForms <= 1.10.0.4 versions. |
| Subscriber Sensitive Data Exposure in Contest Gallery <= 28.1.7 versions. |
| Subscriber Broken Authentication in WP Full Stripe Free <= 8.4.1 versions. |
| Unauthenticated Broken Access Control in WP Event SOlution <= 4.1.8 versions. |
| Subscriber Broken Access Control in rtMedia for WordPress, BuddyPress and bbPress <= 4.7.9 versions. |
| Unauthenticated Broken Access Control in Redsys for WooCommerce Light <= 7.0.0 versions. |
| Subscriber Broken Access Control in Ultra Addons for WPForms <= 1.0.11 versions. |
| Subscriber Cross Site Scripting (XSS) in Shipment Tracker for Woocommerce <= 1.5.3.2 versions. |
| Contributor PHP Object Injection in Events Calendar for GeoDirectory <= 2.3.25 versions. |
| Unauthenticated Broken Access Control in Booking Activities <= 1.16.48.1 versions. |
| Subscriber Insecure Direct Object References (IDOR) in EventPrime <= 4.3.0.0 versions. |
| Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. |
| Unauthenticated Cross Site Scripting (XSS) in Social Slider Feed <= 2.3.2 versions. |
| Unauthenticated SQL Injection in WP Maps <= 4.9.1 versions. |
| Shop manager Privilege Escalation in WooCommerce Cart Abandonment Recovery < 2.1.0 versions. |
