Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 7.3 CVE-2026-57915

Apache Kerby: Kerberos Pre-Authentication Bypass_CVE-2026-57915

It is possible to bypass the Kerberos pre-authentication check in Apache Kerby by sending a PA-DATA with an unrecognized or unsupported type. Users...

Apache Software Foundation Apache Kerby CVE
MEDIUM 6.8 CVE-2026-9699

Mattermost Agents plugin logs unsanitized OpenAI API keys on authentication errors_CVE-2026-9699

Mattermost Plugins versions

Mattermost Mattermost CVE
HIGH 8.5 CVE-2026-57667

WordPress Groundhogg plugin <= 4.5 - SQL Injection vulnerability_CVE-2026-57667

Sales Representative SQL Injection in Groundhogg

Adrian Tobey Groundhogg n/a CVE
MEDIUM 5.3 CVE-2026-57665

WordPress GravityView plugin <= 3.0.0 - Insecure Direct Object References (IDOR) vulnerability_CVE-2026-57665

Unauthenticated Insecure Direct Object References (IDOR) in GravityView

GravityKit GravityView n/a CVE
MEDIUM 4.3 CVE-2026-57664

WordPress Bopo – WooCommerce Product Bundle Builder plugin <= 1.1.6 - Sensitive Data Exposure vulnerability_CVE-2026-57664

Unauthenticated Sensitive Data Exposure in Bopo – WooCommerce Product Bundle Builder

VillaTheme Bopo – WooCommerce Product Bundle Builder n/a CVE
HIGH 8.5 CVE-2026-57663

WordPress Recipe Maker For Your Food Blog from Zip Recipes plugin <= 8.2.7 - SQL Injection vulnerability_CVE-2026-57663

Contributor SQL Injection in Recipe Maker For Your Food Blog from Zip Recipes

Igor Benic Recipe Maker For Your Food Blog from Zip Recipes n/a CVE
HIGH 8.5 CVE-2026-57662

WordPress Contest Gallery plugin <= 30.0.0 - SQL Injection vulnerability_CVE-2026-57662

Contributor SQL Injection in Contest Gallery

Wasiliy Strecker Contest Gallery n/a CVE
MEDIUM 5.4 CVE-2026-57661

WordPress WPComplete plugin <= 2.9.5.5 - Broken Access Control vulnerability_CVE-2026-57661

Subscriber Broken Access Control in WPComplete

Nexcess WPComplete n/a CVE
MEDIUM 5.3 CVE-2026-57660

WordPress Booking and Rental Manager plugin <= 2.7.1 - Broken Access Control vulnerability_CVE-2026-57660

Unauthenticated Broken Access Control in Booking and Rental Manager

magepeopleteam Booking and Rental Manager n/a CVE
HIGH 8.8 CVE-2026-57659

WordPress Paid Memberships Pro – Add Member From Admin plugin <= 0.7.2 - Cross Site Request Forgery (CSRF) vulnerability_CVE-2026-57659

Unauthenticated Cross Site Request Forgery (CSRF) in Paid Memberships Pro - Add Member From Admin

Stranger Studios Paid Memberships Pro - Add Member From Admin 0.7.2 CVE