Page 16

CVE-2026-26978 – Free PBX backup: Deserialization of Untrusted Data in admin/modules/backup/Models/BackupSplFileInfo.php

Posted on May 19, 2026

CVE ID :CVE-2026-26978 Published : May 18, 2026, 9:16 p.m. | 3 hours, 5 minutes ago Description :FreePBX is an open source IP PBX. In versions below 16.0.71 and 17.0.6, the backup module does…

CVE-2026-25244 – WebdriverIO has Command Injection in the BrowserStack Service

Posted on May 19, 2026

CVE ID :CVE-2026-25244 Published : May 18, 2026, 9:16 p.m. | 3 hours, 5 minutes ago Description :WebdriverIO is a test automation framework for unit, e2e and component testing using WebDriver, WebDriver BiDi and…

CVE-2026-8764 – H3C Magic B3 aspForm UpdateWanParams buffer overflow

Posted on May 18, 2026

CVE ID :CVE-2026-8764 Published : May 17, 2026, 10:16 p.m. | 2 hours, 5 minutes ago Description :A security vulnerability has been detected in H3C Magic B3 up to 100R002. This affects the function…

CVE-2018-25339 – Zechat 1.5 SQL Injection via v parameter (time-based blind)

Posted on May 18, 2026

CVE ID :CVE-2018-25339 Published : May 17, 2026, 1:16 p.m. | 11 hours, 4 minutes ago Description :Zechat 1.5 contains a SQL injection vulnerability in the v parameter that allows unauthenticated attackers to extract…

CVE-2018-25338 – Zechat 1.5 SQL Injection via hashtag parameter

Posted on May 18, 2026

CVE ID :CVE-2018-25338 Published : May 17, 2026, 1:16 p.m. | 11 hours, 5 minutes ago Description :Zechat 1.5 contains a SQL injection vulnerability in the hashtag parameter that allows unauthenticated attackers to extract…

CVE-2018-25335 – WordPress Plugin Peugeot Music 1.0 Arbitrary File Upload

Posted on May 18, 2026

CVE ID :CVE-2018-25335 Published : May 17, 2026, 1:16 p.m. | 11 hours, 5 minutes ago Description :WordPress Plugin Peugeot Music 1.0 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload…

CVE-2018-25333 – Nordex N149/4.0-4.5 Wind Turbine Web Server SQL Injection

Posted on May 18, 2026

CVE ID :CVE-2018-25333 Published : May 17, 2026, 1:16 p.m. | 11 hours, 5 minutes ago Description :Nordex N149/4.0-4.5 Wind Turbine Web Server 4.0 contains an SQL injection vulnerability that allows unauthenticated attackers to…

CVE-2026-46728 – Das U-Boot FIT Signature Verification Bypass

Posted on May 17, 2026

CVE ID :CVE-2026-46728 Published : May 16, 2026, 10:16 p.m. | 2 hours, 30 minutes ago Description :Das U-Boot before 2026.04 allows FIT (Flat Image Tree) signature verification bypass because hashed-nodes is omitted from…

CVE-2021-47979 – WordPress Plugin Backup and Restore 1.0.3 Arbitrary File Deletion

Posted on May 17, 2026

CVE ID :CVE-2021-47979 Published : May 16, 2026, 4:16 p.m. | 8 hours, 30 minutes ago Description :WordPress Plugin Backup and Restore 1.0.3 contains an arbitrary file deletion vulnerability that allows authenticated attackers to…

CVE-2021-47977 – WordPress Anti-Malware Security Bruteforce Firewall 4.20.59 Directory Traversal

Posted on May 17, 2026

CVE ID :CVE-2021-47977 Published : May 16, 2026, 4:16 p.m. | 8 hours, 30 minutes ago Description :WordPress Plugin Anti-Malware Security and Bruteforce Firewall 4.20.59 contains a directory traversal vulnerability that allows unauthenticated attackers…