Medium-severity CVEs
120967 medium-severity CVEs (36746 with public PoCs). Browse the most dangerous vulnerabilities.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-54500 | Medium | 5.3 | 2026-07-01 | Oj (Optimized JSON) is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.3, Oj.load in :object mode reads uninitialized sta… |
CVE-2026-56777 | Medium | 5.0 | 2026-06-30 | n8n before 2.25.7 and 2.26.x before 2.26.2 contains an abstract syntax tree (AST) security validator bypass in the Python Code node. An authenticated user with… |
CVE-2026-56399 | Medium | 5.0 | 2026-06-30 | Open WebUI before 0.6.27 contains a server-side request forgery vulnerability in the /api/v1/retrieval/process/web endpoint that allows authenticated users to… |
CVE-2026-56356 | Medium | 5.4 | 2026-06-30 | n8n contains a stored cross-site scripting vulnerability in the Chat Trigger node's Custom CSS field due to a misconfiguration of the sanitize-html library. Af… |
CVE-2026-56350 | Medium | 6.3 | 2026-06-30 | n8n before 2.8.0 contains an authentication bypass vulnerability allowing authenticated SSO users to disable SSO enforcement through the API. Attackers can cre… |
CVE-2026-56334 | Medium | 4.3 | 2026-06-30 | Capgo before 12.128.2 lacks an UPDATE row-level security policy for the build_requests table, preventing API-key and anonymous access from persisting builder s… |
CVE-2026-56333 | Medium | 4.3 | 2026-06-30 | Capgo before 12.128.2 contains a server-side validation bypass vulnerability in organization security settings that allows authenticated org admins to persist… |
CVE-2026-56331 | Medium | 5.3 | 2026-06-30 | Capgo before 12.128.2 contains improper error handling in the /private/accept_invitation endpoint that returns HTTP 500 instead of safe 4xx errors when magic_i… |
CVE-2026-56328 | Medium | 6.5 | 2026-06-30 | Capgo before 12.128.2 allows multiple public channels for the same app and platform to coexist simultaneously, while unnamed /updates requests without defaultC… |
CVE-2026-56327 | Medium | 5.3 | 2026-06-30 | Capgo before 12.128.2 contains an information disclosure vulnerability in the public.invite_user_to_org RPC function that allows unauthenticated attackers to e… |
CVE-2026-56318 | Medium | 5.3 | 2026-06-30 | Capgo before 12.128.2 contains an information disclosure vulnerability in the /private/validate_password_compliance endpoint that returns different error respo… |
CVE-2026-56224 | Medium | 5.4 | 2026-06-30 | Capgo console.capgo.app/login before 12.128.2 accepts access_token and refresh_token in URL query parameters, automatically authenticating users without confir… |
CVE-2026-50040 | Medium | 6.1 | 2026-06-30 | Storage Concentrator (SC & SCVM) is vulnerable to reflected cross-site scripting due to unsanitized content being echoed back in 404 error pages. An attacker c… |
CVE-2026-28322 | Medium | 5.6 | 2026-06-30 | SolarWinds Database Performance Analyzer was found to be affected by a stored cross-site scripting vulnerability, which when exploited, can lead to unintended… |
CVE-2025-71381 | Medium | 6.5 | 2026-06-30 | Hono before 4.10.2 (fixed in 4.10.3) contains a flaw in its CORS middleware: when the origin is not set to "*", the middleware copies the Vary header from the… |
CVE-2026-58450 | Medium | 4.3 | 2026-06-30 | Invoice Ninja through 5.13.26 contains an open redirect vulnerability in the client portal login that allows unauthenticated attackers to redirect authenticate… |
CVE-2026-58448 | Medium | 6.5 | 2026-06-30 | yudao-cloud before 2026.06 contains a broken access control vulnerability in the BPM module that allows any authenticated user to access arbitrary process inst… |
CVE-2026-58447 | Medium | 6.5 | 2026-06-30 | Invidious through 2.20260626.0, fixed in commit 77ad416, contains a broken object level authorization vulnerability that allows authenticated attackers to dele… |
CVE-2026-58446 | Medium | 6.5 | 2026-06-30 | Presenton before 0.8.8-beta bundles an MCP server that, on server/Docker deployments configured with session authentication (AUTH_USERNAME/AUTH_PASSWORD), is r… |
CVE-2025-36336 | Medium | 5.9 | 2026-06-30 | IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 transmits data in clear text that could allow an attacker to obtain sensitive information using man in… |