NVD disclosure day

Published threat advisories for July 14, 2026

CVE advisoryCRITICAL

CVE-2026-5270

Ciena Authentication Bypass Vulnerability in Navigator NCS MCP and Blue Planet

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

An authentication bypass vulnerability exists in Ciena network control and management products, allowing unauthenticated attackers to manipulate requests to bypass security and logging. This could lead to unauthorized access to sensitive network operations and data if the affected systems are reachable.

CVE advisoryCRITICAL

CVE-2026-5269

Ciena NCS and MCP Hidden Accounts Vulnerability

Halo Surface Signal: 2 out of 5 — less likely to be public-facing.

Ciena's network management software contains hidden system accounts that may have predictable default passwords. While these accounts have limited permissions, an attacker could combine this with other weaknesses to escalate privileges on the system, potentially impacting network control and management functions.

CVE advisoryCRITICAL

CVE-2026-51808

OpenHTJ2K Buffer Overflow Allows Arbitrary Code Execution

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

A buffer overflow vulnerability exists in OpenHTJ2K's image decoding functions, potentially allowing an unauthenticated attacker to execute arbitrary code by providing a malicious image file. This could lead to system compromise if the vulnerable library is used within the environment to process such files. The extent

CVE advisoryCRITICAL

CVE-2026-45363

Ruby JWT Vulnerability Allows Unauthenticated Token Verification.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A critical vulnerability exists in the ruby-jwt library, allowing attackers to forge tokens by exploiting improper handling of empty keys during signature verification. This could lead to unauthorized access by bypassing authentication and authorization mechanisms in applications that use this library for JWT validatio

CVE advisoryCRITICAL

CVE-2026-53486

Node.js decompress Path Traversal Vulnerability

Halo Surface Signal: 2 out of 5 — less likely to be public-facing.

A vulnerability in the Node.js decompress package allows crafted archives to create files or links outside the target directory, potentially leading to unauthorized file access or modification. This issue arises from how the package handles certain archive entries and path validation. Understanding where this package i

CVE advisoryCRITICAL

CVE-2026-52101

andreimarcu linux-server Information Disclosure Vulnerability.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A critical vulnerability exists in a Linux server software allowing remote attackers to obtain sensitive information via its file upload function. If reachable, this could lead to unauthorized access to confidential data. Understanding its presence in the environment is important.

CVE advisoryCRITICAL

CVE-2026-48324

ColdFusion SQL Injection Leading to Code Execution.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A SQL injection vulnerability in ColdFusion could allow an authenticated attacker to execute arbitrary code. This occurs due to improper neutralization of special elements in SQL commands, potentially impacting the confidentiality, integrity, and availability of affected systems. The reader should care because this vul

CVE advisoryCRITICAL

CVE-2026-48321

Adobe ColdFusion Incorrect Authorization Vulnerability Allows Privilege Escalation.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

Adobe ColdFusion has an incorrect authorization vulnerability that could permit privilege escalation. An attacker could exploit this to gain unauthorized read and write access to system data without user interaction, if the service is reachable.

CVE advisoryCRITICAL

CVE-2026-48320

Adobe ColdFusion Reflected Cross-Site Scripting Vulnerability

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

Adobe ColdFusion is affected by a reflected cross-site scripting vulnerability. This flaw allows an attacker to inject malicious scripts into a web page if a user opens a malicious file. Exploitation could lead to elevated access or control over a victim's account or session. Confirming the reachability and relevance o

CVE advisoryCRITICAL

CVE-2026-48319

ColdFusion Path Traversal Leading to Arbitrary Code Execution.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

ColdFusion is vulnerable to a path traversal flaw that could permit arbitrary code execution. Exploitation requires authenticated access, allowing an attacker to manipulate file paths to access or modify unintended directories, potentially leading to server compromise.

CVE advisoryCRITICAL

CVE-2026-48318

ColdFusion Path Traversal Allows Arbitrary File Read

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A path traversal vulnerability in ColdFusion allows an attacker to read sensitive files outside the intended access scope. This issue can be exploited without user interaction, potentially leading to unauthorized access to system information. Confirmation of ColdFusion usage is advised.

CVE advisoryCRITICAL

CVE-2026-48284

Adobe ColdFusion Improper Input Validation Arbitrary Code Execution.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

Adobe ColdFusion contains an improper input validation vulnerability that allows for arbitrary code execution. An attacker can exploit this without user interaction, leading to system compromise. You should care because this affects internet-facing applications.

CVE advisoryCRITICAL

CVE-2026-24227

NVIDIA TensorRT Untrusted Data Deserialization Vulnerability Leading to Code Execution

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

A vulnerability in NVIDIA TensorRT could allow an attacker to execute code by deserializing untrusted data. This could lead to code execution if the affected software is reachable. The practical impact depends on how TensorRT is deployed and whether it processes external data.

CVE advisoryCRITICAL

CVE-2026-15773

Google Chrome Sandbox Escape Vulnerability

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

A use-after-free vulnerability in Google Chrome's core component may allow a remote attacker to escape the browser's sandbox via a crafted HTML page, potentially leading to system compromise. This affects client-side browsers and requires user interaction, making end-user device security teams the primary stakeholders

CVE advisoryCRITICAL

CVE-2026-15643

AWS HealthLake MCP Server Server-Side Request Forgery.

Halo Surface Signal: 3 out of 5 — possibly public-facing.

A server-side request forgery in the AWS HealthLake MCP Server allows a remote authenticated user to exfiltrate temporary AWS security credentials to an arbitrary endpoint. This occurs because the server does not validate pagination URLs, enabling redirection to an attacker-controlled server. This impacts the security

CVE advisoryCRITICAL

CVE-2026-53633

Vitest Browser Mode Remote Code Execution Vulnerability

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

A vulnerability in Vitest's browser mode could allow remote attackers to overwrite configuration files and execute arbitrary code. This occurs due to the framework's handling of certain developer tool protocols. It is uncertain if this framework is exposed in a way that could be exploited.

CVE advisoryCRITICAL

CVE-2026-48359

Adobe Experience Manager XXE Vulnerability Allows Code Execution

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

Adobe Experience Manager has an XXE vulnerability allowing a low-privileged attacker to read sensitive files. This could lead to elevated access or control and does not require user interaction. The issue affects the system's scope, and its potential impact on internet-facing content systems warrants confirmation of re

CVE advisoryCRITICAL

CVE-2026-48358

Adobe Commerce Improper Encoding Code Execution Vulnerability

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

An improper encoding vulnerability in Adobe Commerce could allow an authenticated attacker to execute arbitrary code. The issue could lead to arbitrary code execution in the context of the current user without requiring interaction. This affects Adobe Commerce, a platform often deployed as a public-facing e-commerce ap

CVE advisoryCRITICAL

CVE-2026-48356

Adobe Commerce Unrestricted File Upload Vulnerability

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

Adobe Commerce is vulnerable to unrestricted file uploads of dangerous types, potentially allowing arbitrary code execution within a user's session. While exploitation requires user interaction via a malicious URL or webpage, this could grant attackers elevated access or control. This vulnerability is reachable via the

CVE advisoryCRITICAL

CVE-2026-48259

Adobe Experience Manager SSRF Vulnerability Allows Code Execution

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

Adobe Experience Manager has a critical Server-Side Request Forgery vulnerability that allows low-privileged attackers to issue unauthorized server-side requests, potentially leading to arbitrary code execution in the context of the current user and elevated access without user interaction. The reachability and impact

CVE advisoryCRITICAL

CVE-2026-47988

Adobe Commerce Incorrect Authorization Vulnerability Allows Unauthorized Access.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

Adobe Commerce has an incorrect authorization vulnerability allowing attackers to bypass security features and gain unauthorized read/write access. This could impact data integrity and system access without user interaction. Organizations should confirm relevance and potential exposure.

CVE advisoryCRITICAL

CVE-2026-47984

Adobe Commerce Incorrect Authorization Vulnerability Allows Unauthorized Access.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

An incorrect authorization vulnerability in Adobe Commerce could allow an attacker to bypass security measures and gain unauthorized read and write access. This issue does not require user interaction and affects a widely used e-commerce platform. It is important to confirm if your environment is relevant and exposed t

CVE advisoryCRITICAL

CVE-2026-47429

Vitest UI Path Traversal and Script Execution Vulnerability

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

A vulnerability in the Vitest UI/API server allows path traversal to read files outside the project and arbitrary script execution. This impacts the confidentiality and integrity of systems where Vitest is used, particularly on Windows. Readers should care if Vitest is in use, as this could expose sensitive information

CVE advisoryCRITICAL

CVE-2026-47428

Vitest Browser Mode JavaScript Execution and Token Exposure

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

A vulnerability in Vitest Browser Mode allows attackers to execute arbitrary JavaScript and potentially steal authentication tokens by directing users to a crafted URL. This could enable unauthorized API calls if the testing framework is exposed externally.

CVE advisoryKnown Exploit

CVE-2026-15410

SonicWall SMA1000 AMC Code Injection Allows OS Command Execution

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A post-authentication code injection vulnerability in the SMA1000 Appliance Management Console may allow a remote administrator to execute arbitrary OS commands. This could impact appliance behavior and data. The reader should care to confirm if this technology is in use and assess potential exposure.

• CISA KEV

CVE advisoryKnown Exploit

CVE-2026-15409

SonicWall SMA1000 SSRF Vulnerability Allows Unintended Requests.

Halo Surface Signal: 5 out of 5 — more likely to be public-facing.

A critical Server-Side Request Forgery vulnerability in the SMA1000 Appliance Work Place interface allows unauthenticated remote attackers to make the appliance send requests to unintended locations. This could expose internal resources or sensitive information, and active threats are known.

• CISA KEV

CVE advisoryCRITICAL

CVE-2026-13001

Podlove Podcast Publisher Arbitrary File Upload Vulnerability

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A vulnerability in the Podlove Podcast Publisher WordPress plugin allows unauthenticated attackers to upload arbitrary files, potentially enabling remote code execution on the server. This issue is relevant to WordPress sites using the plugin and could impact their integrity if exploited.

CVE advisoryCRITICAL

CVE-2026-45063

Symfony X509Authenticator Allows Authentication via Malformed Distinguished Names.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A vulnerability in the Symfony PHP framework's X509Authenticator could allow an attacker to authenticate as another user by presenting a specially crafted certificate. This might lead to unauthorized access to system or user data if the vulnerable component is used in internet-facing applications. Uncertainty exists re

CVE advisoryCRITICAL

CVE-2026-58617

Microsoft 365 Copilot for iOS Improper Access Control Privilege Escalation

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

An improper access control flaw in Microsoft 365 Copilot for iOS can enable attackers to remotely gain elevated privileges over a network. While the vulnerability exists, its threat is considered very unlikely due to the client-side nature of mobile applications, suggesting limited public-facing network exposure.

CVE advisoryCRITICAL

CVE-2026-56190

Windows RDP Uninitialized Resource Vulnerability Allows Network Code Execution.

Halo Surface Signal: 5 out of 5 — more likely to be public-facing.

A critical vulnerability in Windows Remote Desktop Protocol allows unauthorized network-based code execution. Attackers could exploit this by sending crafted data, potentially leading to system compromise. Given RDP's frequent internet exposure, understanding its presence and reachability is crucial.

CVE advisoryCRITICAL

CVE-2026-56188

Windows Server Network Driver Race Condition Allows Remote Code Execution

Halo Surface Signal: 2 out of 5 — less likely to be public-facing.

A race condition in the Windows Server network driver allows an unauthorized attacker to execute code over a network. This vulnerability arises from improper synchronization when accessing shared resources. While reachable via a network, such low-level drivers are typically protected by infrastructure controls, making

CVE advisoryCRITICAL

CVE-2026-56159

Windows DHCP Server Heap-Based Buffer Overflow Remote Code Execution

Halo Surface Signal: 2 out of 5 — less likely to be public-facing.

A heap-based buffer overflow vulnerability exists in Windows DHCP Server, enabling an unauthorized attacker to execute code over a network. This could impact the availability and integrity of the affected server, potentially leading to further network compromise.

CVE advisoryCRITICAL

CVE-2026-55944

Microsoft Dynamics NAV Deserialization Vulnerability Allows Network Code Execution

Halo Surface Signal: 3 out of 5 — possibly public-facing.

A critical deserialization vulnerability in Microsoft Dynamics NAV enables unauthorized attackers to execute code remotely over a network. This could compromise system integrity and availability. Confirming the relevance and exposure of your Dynamics NAV instances is advised.

CVE advisoryCRITICAL

CVE-2026-55040

Microsoft SharePoint Weak Authentication Bypass

Halo Surface Signal: 5 out of 5 — more likely to be public-facing.

A critical weakness in Microsoft Office SharePoint enables an unauthorized attacker to bypass security features over a network, potentially impacting data confidentiality and integrity. This vulnerability, if reachable, could lead to unauthorized access. Given SharePoint's common use as an internet-facing portal, confi

CVE advisoryCRITICAL

CVE-2026-55010

Minecraft Bedrock Dedicated Server Heap Overflow Allows Network Code Execution.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A critical heap-based buffer overflow in Minecraft Bedrock Dedicated Server can allow unauthorized attackers to execute code remotely over a network. This vulnerability is relevant to organizations running internet-facing game servers.

CVE advisoryCRITICAL

CVE-2026-50518

Windows DHCP Server Heap Buffer Overflow Remote Code Execution

Halo Surface Signal: 2 out of 5 — less likely to be public-facing.

A critical heap-based buffer overflow vulnerability in Windows DHCP Server allows an unauthorized attacker to execute code over a network. This could impact the confidentiality, integrity, and availability of the DHCP service. Confirmation of affected technology and potential exposure is advised.

CVE advisoryCRITICAL

CVE-2026-50447

Windows Message Queuing Heap Overflow Allows Network Code Execution.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A critical heap-based buffer overflow in Windows Message Queuing allows an unauthorized attacker to execute code over a network. This vulnerability, reachable via network, could lead to unauthorized code execution, impacting system integrity. Organizations should verify if this technology is in use to assess potential

CVE advisoryCRITICAL

CVE-2026-50380

Windows GDI+ Heap Overflow Allows Network Code Execution

Halo Surface Signal: 2 out of 5 — less likely to be public-facing.

A critical vulnerability in Windows GDI+ allows an unauthorized remote attacker to execute code over a network. This affects the graphics rendering component of Windows. While exploitation may require specific conditions, the potential for remote code execution is a significant concern for system security. The primary

CVE advisoryCRITICAL

CVE-2026-15747

Mojolicious CSRF Token Exposure via Compression Oracle

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A critical vulnerability in the Mojolicious web framework allows attackers to recover session CSRF tokens by observing compressed responses containing attacker-controlled input, potentially enabling bypass of security validations. This issue requires confirmation of Mojolicious deployment and network exposure to assess

CVE advisoryCRITICAL

CVE-2026-59891

sigstore-js Incorrect Registry Credential Matching Vulnerability.

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

A vulnerability exists in the sigstore-js library where it incorrectly matches registry credentials using a substring comparison. This could lead to credentials being sent to unintended registries, potentially exposing sensitive information. It is important to confirm if your development or build environments utilize t

CVE advisoryKnown Exploit

CVE-2026-58644

SharePoint Deserialization Vulnerability Allows Remote Code Execution

Halo Surface Signal: 5 out of 5 — more likely to be public-facing.

A critical deserialization vulnerability in Microsoft Office SharePoint allows an unauthorized attacker to execute code over a network. This could potentially lead to a full compromise of affected systems. Confirmation of relevance and exposure to your environment is crucial for understanding the risk.

• CISA KEV

CVE advisoryKnown Exploit

CVE-2026-56164

Microsoft SharePoint Missing Authentication Privilege Escalation Vulnerability

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

Microsoft SharePoint has a critical function vulnerability due to missing authentication, which an attacker could exploit over a network to elevate privileges. This could potentially allow unauthorized access to systems or data.

• CISA KEV

CVE advisoryKnown Exploit

CVE-2026-56155

AD FS Local Privilege Elevation Vulnerability

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

A local access control vulnerability in Active Directory Federation Services could allow an authorized attacker with existing local access to elevate their privileges. This could lead to increased unauthorized actions on the affected system. The vulnerability requires local access, meaning remote exploitation is not in

• CISA KEV

CVE advisoryCRITICAL

CVE-2026-55008

Microsoft Exchange Server Cross-Site Scripting Spoofing Vulnerability

Halo Surface Signal: 5 out of 5 — more likely to be public-facing.

Microsoft Exchange Server has a cross-site scripting vulnerability due to improper input handling during web page generation. An unauthenticated attacker could exploit this over a network to perform spoofing, potentially impersonating users or displaying misleading content. This issue is rated CRITICAL and affects a co

CVE advisoryCRITICAL

CVE-2026-54990

Remote Desktop Client Heap Overflow Allows Network Code Execution

Halo Surface Signal: 2 out of 5 — less likely to be public-facing.

A heap-based buffer overflow in the Remote Desktop Client allows an unauthorized attacker to execute code over a network. While the threat is network-reachable, its impact is uncertain as client applications are typically not publicly exposed. The primary concern is to determine if this technology is deployed within th

CVE advisoryCRITICAL

CVE-2026-50694

Windows SSTP Use After Free Allows Network Code Execution.

Halo Surface Signal: 5 out of 5 — more likely to be public-facing.

A use-after-free vulnerability in Windows' Secure Socket Tunneling Protocol (SSTP) allows an unauthorized remote attacker to execute code over a network. This is a concern for systems using SSTP for remote access, as it could enable unauthenticated code execution.

CVE advisoryCRITICAL

CVE-2026-50522

SharePoint Remote Code Execution via Untrusted Data Deserialization

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A critical deserialization vulnerability exists in Microsoft Office SharePoint, allowing an unauthorized attacker to execute code over a network. This could lead to the compromise of affected systems. Organizations using SharePoint should verify its exposure and assess potential impact.

CVE advisoryCRITICAL

CVE-2026-49164

Active Directory Domain Services Code Execution Vulnerability

Halo Surface Signal: 2 out of 5 — less likely to be public-facing.

A heap-based buffer overflow in Active Directory Domain Services allows an unauthorized attacker to execute code over a network, potentially leading to system compromise and broader domain impact. This vulnerability is reachable via network requests without authentication.

CVE advisoryCRITICAL

CVE-2026-48561

Microsoft Copilot Network Code Execution Vulnerability

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

Microsoft Copilot has a critical vulnerability that could allow an attacker to execute code over a network. This issue stems from improper neutralization of special elements in commands, potentially enabling unauthorized code execution. Understanding its reachability and relevance is important for security awareness.

CVE advisoryCRITICAL

CVE-2026-42990

SQL Server ODBC Driver Heap Overflow Network Code Execution

Halo Surface Signal: 2 out of 5 — less likely to be public-facing.

A heap-based buffer overflow in the SQL Server ODBC driver allows unauthorized attackers to execute code over a network. This vulnerability could lead to system compromise if the driver is reachable. It's uncertain if this technology is used in our environment or how widely.

CVE advisoryCRITICAL

CVE-2026-60082

DBI for Perl Row Buffer Read Vulnerability CVE-2026-60082

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

A critical flaw in the Perl DBI module allows attackers to read from invalid memory locations by providing inconsistent data, potentially leading to data exposure or application crashes. This vulnerability affects systems using the DBI module that process database interactions. While the component itself is not directl

CVE advisoryCRITICAL

CVE-2026-59836

Fortinet FortiClientEMS Improper Certificate Validation Leads to Information Disclosure.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

An improper certificate validation vulnerability in Fortinet FortiClientEMS could allow an attacker to disclose sensitive information. The affected technology is a central management tool for endpoints, often accessible across networks, making this a significant issue if exploited. It is uncertain how this vulnerabilit

CVE advisoryCRITICAL

CVE-2026-55954

Ueberauth Apple Authentication Bypass Allows Account Takeover

Halo Surface Signal: 5 out of 5 — more likely to be public-facing.

An authentication bypass vulnerability exists in ueberauth_apple, allowing attackers to take over accounts by spoofing Apple ID tokens. This occurs because the component doesn't fully validate claims within the token, enabling unauthorized access through replayed or forged tokens. This issue could impact user accounts

CVE advisoryCRITICAL

CVE-2025-11698

5380/5480/5580 Controller Firmware Denial-of-Service Vulnerability

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

A denial-of-service vulnerability exists in the boot firmware of certain industrial controllers. An attacker could write invalid data, causing the device to enter an unrecoverable fault and disrupt operations. It is uncertain if these controllers are reachable or relevant in your environment.

CVE advisoryCRITICAL

CVE-2026-58479

Sustainable Irrigation Platform Command Injection Vulnerability

Halo Surface Signal: 3 out of 5 — possibly public-facing.

A command injection vulnerability exists in the optional cli_control plugin for the Sustainable Irrigation Platform, allowing unauthenticated attackers to execute arbitrary operating-system commands via the plugin's HTTP endpoint. Exploitation requires triggering an associated irrigation station, particularly if passph

CVE advisoryCRITICAL

CVE-2026-15265

Tenable Agent Path Traversal Leading to Remote Code Execution.

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

A path traversal vulnerability in Tenable Agent may allow a privileged attacker to write arbitrary files outside the intended plugin directory, potentially enabling remote code execution. This issue is relevant because it could compromise the integrity and security of affected systems.

CVE advisoryCRITICAL

CVE-2026-10577

EtherNet/IP Adapter Debug Port Unauthorized Access

Halo Surface Signal: 2 out of 5 — less likely to be public-facing.

A security vulnerability in the 1715-AENTR EtherNet/IP Adapter allows unauthenticated remote access to its debug port. This could let an attacker execute commands to read or delete files, stop tasks, modify memory, or change I/O states, potentially impacting device confidentiality, integrity, and availability. Readers

CVE advisoryCRITICAL

CVE-2026-56451

Opcenter X JWT Algorithm Validation Vulnerability Allows Authentication Bypass

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A critical vulnerability in Opcenter X allows unauthenticated remote attackers to forge JSON Web Tokens, bypassing authentication and impersonating users, including administrators, potentially granting unauthorized access. The issue arises from improper validation of JWT algorithms. The primary concern is to determine

CVE advisoryCRITICAL

CVE-2026-15043

DBI SQL Nano Inverted Comparison Vulnerability Affects File-Backed Data Filtering.

Halo Surface Signal: 2 out of 5 — less likely to be public-facing.

A vulnerability in DBI::SQL::Nano for Perl incorrectly evaluates text-based comparisons, potentially returning incorrect data. This could impact applications that use this module for filtering file-backed data, affecting policy enforcement or authorization by returning the wrong rows.

CVE advisoryCRITICAL

CVE-2026-59084

Apache Tomcat EncryptInterceptor Configuration Documentation Flaw.

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

An issue exists in Apache Tomcat due to insufficient documentation for securely configuring the EncryptInterceptor, potentially leading to misconfigurations. This could impact data confidentiality and integrity if the unclear documentation is exploited to create insecure settings. Confirmation of relevance and exposure

CVE advisoryCRITICAL

CVE-2026-59083

Apache Tomcat Security Constraint Bypass via URL Encoding Vulnerability

Halo Surface Signal: 5 out of 5 — more likely to be public-facing.

A vulnerability in Apache Tomcat's rewrite valve allows bypassing security constraints due to improper handling of URL hex encoding. This could enable unauthorized access to applications hosted on vulnerable Tomcat instances. The rewrite valve is often exposed to public internet traffic, making this a potential concern

CVE advisoryCRITICAL

CVE-2026-57898

Eclipse BaSyx SDK Arbitrary File Write via AAS Thumbnail API

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

Eclipse BaSyx Java Server SDK has a critical vulnerability allowing unauthenticated arbitrary file writes via its AAS thumbnail API when using the MongoDB backend, potentially leading to remote code execution. The vulnerability is reachable over the network, and an attacker could exploit it by uploading crafted filenam

CVE advisoryCRITICAL

CVE-2026-15183

Snowflake Spark Connector Input Validation Vulnerabilities Allow Credential Exfiltration and SQL Injection.

Halo Surface Signal: 2 out of 5 — less likely to be public-facing.

Multiple input validation vulnerabilities in the Snowflake Spark Connector can allow attackers to exfiltrate OAuth client credentials or execute arbitrary SQL. These vulnerabilities can be exploited by supplying a crafted OAuth token request URL or by injecting SQL via staging options in a shared Spark environment. Suc

CVE advisoryCRITICAL

CVE-2026-11563

Word Count and Social Shares Plugin Arbitrary File Deletion Vulnerability

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A WordPress plugin fails to properly validate file paths before deletion and lacks authorization checks, enabling authenticated users to delete arbitrary files on the server. This could lead to a complete website takeover if critical files are removed. The issue is relevant if the plugin is installed and reachable exte

CVE advisoryCRITICAL

CVE-2026-44747

SAP NetWeaver ABAP Memory Corruption Leading to Unauthorized Access

Halo Surface Signal: 2 out of 5 — less likely to be public-facing.

An authenticated user could exploit a memory management flaw in SAP NetWeaver Application Server ABAP, potentially leading to unauthorized data access, modification, or system unavailability, impacting confidentiality, integrity, and availability.

CVE advisoryCRITICAL

CVE-2026-27690

SAP Approuter HTTP Request Smuggling Vulnerability Exposes User Responses and Causes Unavailability

Halo Surface Signal: 5 out of 5 — more likely to be public-facing.

An HTTP Request Smuggling vulnerability in SAP Approuter could allow an unauthenticated attacker to cause request-response desynchronization. This could expose user responses and lead to system unavailability, impacting confidentiality and availability.