Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 6.7 CVE-2026-20463

CVE-2026-20463_CVE-2026-20463

In Modem, there is a possible escalation of privilege due to a permissions bypass. This could lead to local escalation of privilege if a malicious ...

MediaTek, Inc. MediaTek chipset MT2716 CVE
MEDIUM 6.7 CVE-2026-20462

CVE-2026-20462_CVE-2026-20462

In Telephony, there is a possible memory corruption due to a heap buffer overflow. This could lead to local escalation of privilege if a malicious ...

MediaTek, Inc. MediaTek chipset MT6739 CVE
MEDIUM 5.9 CVE-2026-20461

CVE-2026-20461_CVE-2026-20461

In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service, if a UE has connected...

MediaTek, Inc. MediaTek chipset MT2737 CVE
MEDIUM 5.9 CVE-2026-20460

CVE-2026-20460_CVE-2026-20460

In Modem, there is a possible information disclosure due to improper input validation. This could lead to remote information disclosure, if a UE ha...

MediaTek, Inc. MediaTek chipset MT2735 CVE
NONE BD8F41A8-2577-

Know_Your_Customer_Adverse_Media_Check_BFSI_POC_BD8F41A8-2577-5B9B-8210-A532BF6C727D

CITADEL-Governed ADIB AMC Starter PoC This repository is a VM-native proof of concept for the CITADEL gateway pattern around a synthetic Adverse Me...

N/A N/A GITHUBEXPLOIT
MEDIUM 5.9 CVE-2026-20459

CVE-2026-20459_CVE-2026-20459

In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to ...

MediaTek, Inc. MediaTek chipset MT2716 CVE
HIGH 7.5 CVE-2026-20458

CVE-2026-20458_CVE-2026-20458

In Modem, there is a possible memory corruption due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has conne...

MediaTek, Inc. MediaTek chipset MT2716 CVE
MEDIUM 4.3 CVE-2026-11887

Salon Booking System < 10.30.20 - Subscriber+ Booking Approval Bypass_CVE-2026-11887

The Salon Booking System WordPress plugin before 10.30.20 does not have proper authorisation checks on one of its AJAX actions, allowing any authe...

Unknown Salon Booking System CVE
HIGH 7.2 CVE-2026-11883

WebAuthn Provider for Two Factor < 2.5.6 - 2FA Bypass_CVE-2026-11883

The WebAuthn Provider for Two Factor WordPress plugin before 2.5.6 does not correctly validate the second-factor authentication response, allowing ...

Unknown WebAuthn Provider for Two Factor CVE
LOW 3.1 CVE-2026-11880

Fluent Forms < 6.2.1 - Subscriber+ Subscription Cancellation via IDOR_CVE-2026-11880

The Fluent Forms WordPress plugin before 6.2.1 does not properly verify ownership before processing a subscription cancellation request, allowing ...

Unknown Fluent Forms CVE