CVE Security

The WishList Member plugin for WordPress is vulnerable to Missing Authorization leading to Sensitive Information Disclosure and Privilege Escalation i...

Web


                                    CVE-2026-6895

Lire l'article

high 8.8

29/05/2026

Vulnérabilité high détectée - CVE-2026-6897

The Wishlist Member plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'WishListMember\F...

Web


                                    CVE-2026-6897

Lire l'article

critical 10

29/05/2026

Vulnérabilité critical détectée - CVE-2026-41104

Deserialization of untrusted data in Microsoft Planetary Computer Pro allows an unauthorized attacker to disclose information over a network.

Windows


                                    CVE-2026-41104

Lire l'article

unknown

29/05/2026

Vulnérabilité unknown détectée - CVE-2026-41148

Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Versions 10.9.5 and prior, in addition to 11.0...

Applications


                                    CVE-2026-41148

Lire l'article

unknown

29/05/2026

Vulnérabilité unknown détectée - CVE-2026-41149

Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Versions 10.9.5 and earlier, as well as 11.0.0...

Applications Web


                                    CVE-2026-41149

Lire l'article

medium 6.5

29/05/2026

Vulnérabilité medium détectée - CVE-2026-42827

Improper neutralization of special elements used in a command ('command injection') in M365 Copilot allows an unauthorized attacker to disclose inform...

Windows


                                    CVE-2026-42827

Lire l'article

critical 10

29/05/2026

Vulnérabilité critical détectée - CVE-2026-42901

Origin validation error in Microsoft Entra ID allows an unauthorized attacker to elevate privileges over a network.

Windows


                                    CVE-2026-42901

Lire l'article

high 8.8

29/05/2026

Vulnérabilité high détectée - CVE-2026-45659

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

Applications Windows


                                    CVE-2026-45659

Lire l'article

critical 10

29/05/2026

Vulnérabilité critical détectée - CVE-2026-47280

Improper authentication in Azure Resource Manager (ARM) allows an unauthorized attacker to elevate privileges over a network.

Windows


                                    CVE-2026-47280

Lire l'article

critical 10

29/05/2026

Vulnérabilité critical détectée - CVE-2026-40412

Unrestricted upload of file with dangerous type in Azure Orbital Spatio allows an unauthorized attacker to execute code over a network.

Windows


                                    CVE-2026-40412

Lire l'article

critical 9.3

29/05/2026

Vulnérabilité critical détectée - CVE-2026-41090

Improper neutralization of special elements used in a command ('command injection') in Microsoft Copilot allows an unauthorized attacker to perform ta...

Windows


                                    CVE-2026-41090

Lire l'article

high 8.8

29/05/2026

Vulnérabilité high détectée - CVE-2026-35430

Authorization bypass through user-controlled key in Azure Privileged Identity Management (PIM) allows an authorized attacker to elevate privileges ove...

Windows


                                    CVE-2026-35430

Lire l'article

12 13 14 15 16