Recent Advisories

Severity ID Title Vendor Product Date Type
CRITICAL 9.8 CVE-2026-12417

SignUp & SignIn <= 1.0.0 - Unauthenticated Privilege Escalation via Weak Password Reset Validation via 'reset_activation_code' Leading to Account Takeover_CVE-2026-12417

The SignUp & SignIn plugin for WordPress is vulnerable to Authentication Bypass via Weak Password Reset Validation leading to Account Takeover in v...

pravel SignUp & SignIn CVE
CRITICAL 9.8 CVE-2026-12416

Invoice Generator <= 1.0.0 - Unauthenticated Account Takeover via Weak Password Reset Validation via 'reset_user_id' Parameter_CVE-2026-12416

The Invoice Generator plugin for WordPress is vulnerable to Account Takeover via Password Reset in all versions up to, and including, 1.0.0. This i...

pravel Invoice Generator CVE
CRITICAL 10 59505BC0-DE3A-

MCATester_59505BC0-DE3A-56CF-96BF-33C4639271E6

MCATester — AI-Powered OSINT & Vulnerability Discovery Platform Built during a security research internship at the National e-Governance Division N...

N/A N/A GITHUBEXPLOIT
CRITICAL 9.1 CVE-2026-12851

GeoVision GV-I/O Box 4E libNetSetObj.so OS command injection vulnerability_CVE-2026-12851

Multiple OS command injection vulnerabilities exist in the libNetSetObj.so functionality of GeoVision GV-I/O Box 4E 2.09. A specially crafted netwo...

GeoVision Inc. GV-I/O Box 4E V2.09 CVE
CRITICAL 9.1 CVE-2026-12850

GeoVision GV-I/O Box 4E libNetSetObj.so OS command injection vulnerability_CVE-2026-12850

Multiple OS command injection vulnerabilities exist in the libNetSetObj.so functionality of GeoVision GV-I/O Box 4E 2.09. A specially crafted netwo...

GeoVision Inc. GV-I/O Box 4E V2.09 CVE
CRITICAL 9.1 CVE-2026-12849

GeoVision GV-I/O Box 4E libNetSetObj.so OS command injection vulnerability_CVE-2026-12849

Multiple OS command injection vulnerabilities exist in the libNetSetObj.so functionality of GeoVision GV-I/O Box 4E 2.09. A specially crafted netwo...

GeoVision Inc. GV-I/O Box 4E V2.09 CVE
CRITICAL 10 CVE-2026-12848

GeoVision GV-I/O Box DVRSearch buffer overflow vulnerabilities in CMD_IP_SET command_CVE-2026-12848

GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that can be controlled over Ethernet and RS-485. DVRSearch is a service ...

GeoVision Inc. GV-I/O Box 4E V2.09 CVE
CRITICAL 10 CVE-2026-12847

GeoVision GV-I/O Box DVRSearch buffer overflow vulnerabilities in CMD_IP_SET command_CVE-2026-12847

GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that can be controlled over Ethernet and RS-485. DVRSearch is a service ...

GeoVision Inc. GV-I/O Box 4E V2.09 CVE
CRITICAL 10 CVE-2026-12846

GeoVision GV-I/O Box DVRSearch buffer overflow vulnerabilities in CMD_IP_SET command_CVE-2026-12846

GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that can be controlled over Ethernet and RS-485. DVRSearch is a service ...

GeoVision Inc. GV-I/O Box 4E V2.09 CVE
CRITICAL 9.1 CVE-2026-12486

GeoVision GV-I/O Box 4E libNetSetObj.so OS command injection vulnerability_CVE-2026-12486

Multiple OS command injection vulnerabilities exist in the libNetSetObj.so functionality of GeoVision GV-I/O Box 4E 2.09. A specially crafted netwo...

GeoVision Inc. GV-I/O Box 4E V2.09 CVE