22 vulnerabilities across 15 products scored HIGH or above on July 09, 2026.
- ๐ HIGH: 22
Exploit Status Upgrades
The following CVEs from previous bulletins have been upgraded based on new exploit intelligence:
- [UPGRADED] CVE-2026-55952 (erlang/erlang_otp) โ F1: theoretical โ poc, AAS: 9.2 โ 11.7 (HIGH โ HIGH). Originally in 2026-07-02 bulletin.
๐ [HIGH] ruvnet/ruflo
1 CVE | CVSS 3.1: 10.0 | AAS 11.8
cpe:2.3:a:ruvnet:ruflo:*:*:*:*:*:*:*:*(< 3.16.3)
Ruflo, an agent meta-harness for Claude Code and Codex developed by ruvnet, is affected by one critical vulnerability (CVE-2026-59726, CVSS 10.0). The default docker-compose deployment exposes MCP bridge endpoints without authentication, allowing an unauthenticated attacker to execute arbitrary commands in the bridge container, steal provider API keys, and poison the AgentDB learning store. This vulnerability is considered exploitable.
Teams running ruflo in any networked environment should upgrade to version 3.16.3 immediately. Until patched, restrict network access to the MCP bridge endpoints and audit API key exposure. Refer to the vendor’s GitHub commit for full remediation details.
- ๐ CVE-2026-59726 (CVSS 3.1: 10.0)
๐ [HIGH] getkirby/kirby
3 CVEs | CVSS 4.0: 9.1 | AAS 11.8
cpe:2.3:a:getkirby:kirby:*:*:*:*:*:*:*:*
Kirby CMS by getkirby is affected by three vulnerabilities (max CVSS 9.1), including multiple issues where reverse proxy headers such as Forwarded, X-Client-IP, or X-Real-IP are incorrectly trusted for local-IP checks. The most severe flaw could allow a remote attacker to bypass access controls and install the Panel with a new admin account on sites that have no existing user accounts configured. These issues are currently considered theoretical but carry significant risk for publicly accessible Kirby deployments behind reverse proxies.
Administrators running Kirby should upgrade to version 4.9.4 or 5.4.4 immediately. As an interim measure, ensure reverse proxies are not forwarding spoofable client-IP headers to the application and verify that at least one admin account is configured on all public-facing instances. Review the vendor’s GitHub commit for additional details.
- ๐ CVE-2026-54003 (CVSS 4.0: 9.1)
- ๐ CVE-2026-54005 (CVSS 4.0: 7.1)
- ๐ CVE-2026-54002 (CVSS 4.0: 8.5)
๐ [HIGH] metabase/metabase
2 CVEs | CVSS 3.1: 9.9 | AAS 11.2
cpe:2.3:a:metabase:metabase:*:*:*:*:*:*:*:*(< 1.58.15)cpe:2.3:a:metabase:metabase:*:*:*:*:*:*:*:*(>= 1.59.0, < 1.59.12)cpe:2.3:a:metabase:metabase:*:*:*:*:*:*:*:*(>= 1.60.0, < 1.60.6.3)cpe:2.3:a:metabase:metabase:*:*:*:*:*:*:*:*(>= 1.55.0, < 1.58.15.1)cpe:2.3:a:metabase:metabase:*:*:*:*:*:*:*:*(>= 1.61.0, < 1.61.2)
Metabase, an open-source business intelligence and analytics platform, is affected by two vulnerabilities (max CVSS 9.9), including at least one exploitable remote code execution flaw. The most severe issue allows an authenticated user with native query access to exploit unsafe Java object deserialization through H2 database connections, including the default sample database, to execute arbitrary code on the Metabase server.
Organizations running Metabase should upgrade immediately to version 1.58.15, 1.59.12, 1.60.6.3, or 1.61.1.4 depending on their release track. As an interim mitigation, restrict native query permissions and consider removing or disabling H2 database connections, particularly the default sample database. Refer to the vendor’s GitHub advisory for full details.
- ๐ CVE-2026-59827 (CVSS 3.1: 9.9)
- ๐ CVE-2026-59826 (CVSS 3.1: 9.1)
๐ [HIGH] creativethemeshq/blocksy_companion
1 CVE | CVSS 3.1: 9.8 | AAS 10.6
cpe:2.3:a:creativethemeshq:blocksy_companion:*:*:*:*:*:*:*:*(< 2.1.47)
The Blocksy Companion plugin for WordPress by creativethemeshq is affected by one critical vulnerability (CVE-2026-15158, CVSS 9.8) that is considered exploitable. A flaw in the Custom Fonts extension’s file upload validation uses substring matching instead of proper extension checking, allowing attackers to upload malicious files with double extensions such as shell.woff2.php and achieve remote code execution on the web server.
WordPress administrators using Blocksy Companion should update beyond version 2.1.46 immediately. If an update is not yet available, disable the Custom Fonts extension as an interim measure and audit the server for any recently uploaded files with suspicious double extensions. Refer to the vendor’s plugin source for technical details.
- ๐ CVE-2026-15158 (CVSS 3.1: 9.8)
๐ [HIGH] yeswiki/yeswiki
2 CVEs | CVSS 3.1: 9.5 | AAS 10.0
cpe:2.3:a:yeswiki:yeswiki:*:*:*:*:*:*:*:*(< 4.4.5)
YesWiki, an open-source wiki platform, is affected by two vulnerabilities (max CVSS 9.5), including at least one exploitable flaw that allows arbitrary page deletion without authorization. The most severe issue stems from the EraseSpamedCommentsAction handler, which accepts user-supplied page tags for deletion with no access control checks, meaning any user with default write permissions can permanently destroy arbitrary wiki content.
Administrators running YesWiki should check for available patches and apply them immediately. As an interim mitigation, restrict the default write ACL from the open wildcard setting to trusted users only, and audit wiki action ACLs across the installation. Refer to the vendor’s GitHub advisory for full remediation guidance.
- ๐ CVE-2026-52766 (CVSS 3.1: 9.1)
- ๐ CVE-2026-52777 (CVSS 3.1: 9.5)
๐ [HIGH] nesquena/hermes-webui
2 CVEs | CVSS 4.0: 9.3 | AAS 9.9
cpe:2.3:a:nesquena:hermes-webui:*:*:*:*:*:*:*:*(< 0.51.788)
Hermes WebUI by nesquena is affected by two vulnerabilities (max CVSS 9.3), including at least one exploitable unauthenticated remote code execution flaw. The most severe issue allows a remote attacker to gain full shell access as the server process user through exposed terminal API endpoints that require no credentials, achievable in as few as four sequential HTTP requests.
Organizations running Hermes WebUI should upgrade to version 0.51.788 or later immediately. If an immediate update is not possible, restrict network access to the application and block external access to terminal API endpoints until the patch is applied. Refer to the vendor’s GitHub commit for full details.
- ๐ CVE-2026-58123 (CVSS 4.0: 9.3)
- ๐ CVE-2026-58122 (CVSS 4.0: 9.3)
๐ [HIGH] coollabsio/coolify
1 CVE | CVSS 3.1: 8.8 | AAS 9.6
cpe:2.3:a:coollabsio:coolify:*:*:*:*:*:*:*:*(< 4.0.0-beta.469)
Coolify, an open-source self-hosted server and application management platform by coollabsio, is affected by one exploitable vulnerability (CVE-2026-59734, CVSS 8.8). The flaw allows authenticated users to achieve arbitrary command execution inside deployment containers by injecting shell commands through unsanitized health check configuration parameters including host, method, and path fields.
Teams running Coolify should upgrade to version 4.0.0-beta.469 or later immediately. As an interim measure, restrict access to deployment configuration settings and audit existing health check parameters for suspicious values. Refer to the vendor’s GitHub commit for technical details.
- ๐ CVE-2026-59734 (CVSS 3.1: 8.8)
๐ [HIGH] mockoon/mockoon
1 CVE | CVSS 3.1: 8.8 | AAS 9.6
cpe:2.3:a:mockoon:mockoon:*:*:*:*:*:*:*:*(< 9.7.0)
Mockoon, a mock API design and runtime tool, is affected by one exploitable vulnerability (CVE-2026-59148, CVSS 8.8). The admin API is mounted on the same listener as user-defined mock routes with no authentication and fully permissive CORS headers, allowing any unauthenticated network attacker to read sensitive environment variables and write arbitrary process environment values through exposed admin endpoints.
Teams running Mockoon should upgrade to version 9.7.0 or later immediately. Until patched, restrict network access to mock server ports and avoid exposing Mockoon instances to untrusted networks. Refer to the vendor’s GitHub commit for full remediation details.
- ๐ CVE-2026-59148 (CVSS 3.1: 8.8)
๐ [HIGH] openwebui/open_webui
1 CVE | CVSS 3.1: 7.7 | AAS 9.5
cpe:2.3:a:openwebui:open_webui:0.9.6:*:*:*:*:*:*:*
Open WebUI, a self-hosted AI platform by openwebui, is affected by one exploitable vulnerability (CVE-2026-59221, CVSS 7.7). The terminal proxy path sanitization routine decoded percent-encoded input only eight times, allowing an attacker to bypass traversal checks with a nine-times encoded directory traversal sequence and access resources on the upstream terminal server outside the intended path.
Organizations running Open WebUI versions 0.9.6 through 0.9.x should upgrade to version 0.10.0 or later immediately. Until patched, consider disabling or restricting access to the terminal proxy feature. Refer to the vendor’s GitHub commit for full technical details.
- ๐ CVE-2026-59221 (CVSS 3.1: 7.7)
๐ [HIGH] n8n/n8n
1 CVE | CVSS 4.0: 7.6 | AAS 9.4
cpe:2.3:a:n8n:n8n:*:*:*:*:*:node.js:*:*(< 2.27.4)
n8n, an open-source workflow automation platform, is affected by one exploitable vulnerability (CVE-2026-59208, CVSS 7.6). Instances configured with multiple trusted token-exchange issuers resolved external identities using only the JWT sub claim while ignoring the iss claim, allowing an attacker holding a valid token from one trusted issuer to authenticate as any user on another trusted issuer that shares the same sub value.
Organizations running n8n with multi-issuer token exchange should upgrade to version 2.27.4 or 2.28.1 immediately. Until patched, reduce exposure by limiting the number of trusted issuers to a single provider where possible. Refer to the vendor’s release notes for full remediation details.
- ๐ CVE-2026-59208 (CVSS 4.0: 7.6)
๐ [HIGH] vim/vim
2 CVEs | CVSS 4.0: 8.4 | AAS 9.3
cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*(< 9.2.0736)
Vim, the open-source command line text editor, is affected by two vulnerabilities (max CVSS 8.4), including at least one exploitable code execution flaw. The most severe issue allows arbitrary command execution when editing a maliciously crafted PHP file, as the PHP omni-completion script fails to escape class or trait names before passing them to search(), enabling an attacker to inject and execute arbitrary Ex commands including shell commands.
Users and system administrators should upgrade Vim to version 9.2.0736 or later immediately. As an interim measure, disable PHP omni-completion or avoid editing untrusted PHP files with Vim. Refer to the vendor’s GitHub commit for full technical details.
- ๐ CVE-2026-59856 (CVSS 4.0: 8.4)
- ๐ CVE-2026-59858 (CVSS 4.0: 8.4)
๐ [HIGH] pimcore/pimcore
1 CVE | CVSS 3.1: 8.8 | AAS 9.1
cpe:2.3:a:pimcore:pimcore:*:*:*:*:*:*:*:*(< 2025.4.6)cpe:2.3:a:pimcore:pimcore:*:*:*:*:*:*:*:*(>= 2026.1.0, < 2026.1.6)
Pimcore, an open-source data and experience management platform, is affected by one vulnerability (CVE-2026-55207, CVSS 8.8) that enables admin account takeover. An unauthenticated attacker who knows a valid admin username can submit a password reset request with an attacker-controlled URL, causing the server to generate a legitimate recovery token and email the victim a link that redirects the token to the attacker.
Organizations running Pimcore should upgrade to version 2025.4.6 or 2026.1.6 immediately. Until patched, monitor for suspicious password reset activity and consider restricting access to the password reset functionality. Refer to the vendor’s GitHub security advisory for full remediation guidance.
- ๐ CVE-2026-55207 (CVSS 3.1: 8.8)
๐ [HIGH] python_software_foundation/cpython
1 CVE | CVSS 4.0: 8.7 | AAS 9.1
cpe:2.3:a:python:cpython:*:*:*:*:*:*:*:*(< 3.10.18)cpe:2.3:a:python:cpython:*:*:*:*:*:*:*:*(>= 3.11.0, < 3.11.13)cpe:2.3:a:python:cpython:*:*:*:*:*:*:*:*(>= 3.12.0, < 3.12.10)cpe:2.3:a:python:cpython:*:*:*:*:*:*:*:*(>= 3.13.0, < 3.13.4)cpe:2.3:a:python:cpython:*:*:*:*:*:*:*:*(>= 3.14.0a1, < 3.14.0b2)
CPython, the reference implementation of Python by the Python Software Foundation, is affected by one exploitable vulnerability (CVE-2026-15308, CVSS 8.7). The incremental HTML parser in html.parser.HTMLParser can be driven into excessive CPU consumption through repeated unterminated markup declarations, enabling a denial-of-service attack against any application that parses untrusted HTML input using this module.
Organizations running Python applications that process user-supplied or untrusted HTML through HTMLParser should update to a patched CPython release as soon as available. As an interim measure, impose input size limits and timeouts on HTML parsing operations handling untrusted data. Refer to the vendor’s GitHub commit for full technical details.
- ๐ CVE-2026-15308 (CVSS 4.0: 8.7)
๐ [HIGH] badhonrocks/divi_torque_lite_โdivi_modules_for_the_divi_builder&_theme
1 CVE | CVSS 3.1: 8.8 | AAS 9.1
cpe:2.3:a:badhonrocks:divi_torque_lite_divi_modules_for_the_divi_builder_theme:*:*:*:*:*:*:*:*(< 4.2.4)
The Divi Torque Lite plugin for WordPress by badhonrocks is affected by one exploitable vulnerability (CVE-2026-4275, CVSS 8.8). The plugin’s REST API endpoints for installing and activating plugins use a permissive permission callback that bypasses WordPress nonce verification, enabling cross-site request forgery attacks that can trick authenticated administrators into installing or activating arbitrary plugins through forged requests.
WordPress administrators using Divi Torque Lite should update beyond version 4.2.3 immediately. Until patched, consider deactivating the plugin and advise site administrators to exercise caution with unsolicited links while logged in. Refer to the vendor’s plugin source for technical details.
- ๐ CVE-2026-4275 (CVSS 3.1: 8.8)
๐ [HIGH] open-webui/open-webui
2 CVEs | CVSS 3.1: 8.0 | AAS 9.1
cpe:2.3:a:open-webui:open-webui:*:*:*:*:*:*:*:*
Open WebUI, a self-hosted AI platform, is affected by two vulnerabilities (max CVSS 8.0), including at least one exploitable flaw enabling server-side code execution. The most severe issue allows stored chat payloads to abuse client-side Pyodide execution in a same-origin web worker, issuing authenticated requests to admin-only endpoints and executing server-side code through configured tools when a victim clicks Run on a malicious chat payload.
Organizations running Open WebUI should upgrade to version 0.10.0 or later immediately. Until patched, restrict who can share chat sessions and advise users not to execute code blocks from untrusted sources. Refer to the vendor’s GitHub security advisory for full remediation details.
- ๐ CVE-2026-59214 (CVSS 3.1: 7.3)
- ๐ CVE-2026-59224 (CVSS 3.1: 8.0)