Common Vulnerabilities and Exposures (CVE)

CVE-2026-35261

Jun 17, 2026 14:33:01 UTC

Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Authentication Engine). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability allows unauthenticated...

CVE-2026-55706

Jun 17, 2026 14:33:01 UTC

sppp_pap_input in sys/net/if_spppsubr.c in OpenBSD before 076e2b1 allows authentication bypass via certain zero values for lengths.

CVE-2026-40731

Jun 17, 2026 14:32:05 UTC

Unauthenticated Local File Inclusion in ChapterOne <= 1.7 versions.

CVE-2025-69126

Jun 17, 2026 14:31:31 UTC

Unauthenticated Local File Inclusion in Fortius <= 2.3.0 versions.

CVE-2026-49081

Jun 17, 2026 14:31:15 UTC

Unauthenticated Broken Access Control in User Registration Stripe <= 1.3.12 versions.

CVE-2025-69164

Jun 17, 2026 14:30:57 UTC

Unauthenticated Local File Inclusion in Skyward <= 1.10 versions.

CVE-2026-35262

Jun 17, 2026 14:30:36 UTC

Vulnerability in the Oracle Data Integrator product of Oracle Fusion Middleware (component: Market Place). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows low privileged attacker...

CVE-2026-49502

Jun 17, 2026 14:30:27 UTC

Dell PowerFlex Manager, version(s) [Versions], contain(s) an Improper Authentication vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Information disclosure, In...

CVE-2025-69157

Jun 17, 2026 14:29:41 UTC

Unauthenticated Local File Inclusion in Gamic <= 1.15 versions.

CVE-2026-39558

Jun 17, 2026 14:29:20 UTC

Unauthenticated Local File Inclusion in Malmö <= 2.2 versions.

CVE-2026-27400

Jun 17, 2026 14:28:51 UTC

Unauthenticated Arbitrary File Deletion in BookPro <= 1.1.0 versions.

CVE-2019-25293

Jun 17, 2026 14:28:46 UTC

BlueStacks App Player 2.4.44.62.57 contains an unquoted service path vulnerability in the BstHdLogRotatorSvc service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Fi...

CVE-2026-35263

Jun 17, 2026 14:28:24 UTC

Vulnerability in the WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 14.1.2.0.0 and 15.1.1.0.0. Easily exploitable vulnerability allows low privileged attacker with network a...

CVE-2026-39442

Jun 17, 2026 14:28:22 UTC

Unauthenticated PHP Object Injection in PressMart <= 1.2.26 versions.

CVE-2026-24575

Jun 17, 2026 14:28:22 UTC

Subscriber Broken Access Control in WishList Member X <= 3.29.0 versions.