NVD disclosure day

Published threat advisories for July 15, 2026

CVE advisoryCRITICAL

CVE-2026-55652

Wekan Header Login Vulnerability Allows Remote Account Takeover.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

Wekan, an open-source kanban application, has a vulnerability allowing unauthenticated attackers to impersonate users, including administrators, by manipulating specific headers. This could lead to unauthorized access and control of the application. Teams should confirm if Wekan is deployed and assess its exposure.

CVE advisoryCRITICAL

CVE-2026-55445

Qinglong Admin Credential Reset Vulnerability

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

An unauthenticated attacker can reset administrator credentials in the Qinglong task management platform due to an incomplete check in its middleware, allowing credential modification via a network-accessible API endpoint. This could lead to unauthorized administrative control.

CVE advisoryCRITICAL

CVE-2026-52893

Wekan Accounts Merge Vulnerability Via OIDC Login.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A vulnerability in Wekan allows attackers to hijack user accounts by merging attacker-controlled OpenID Connect (OIDC) credentials into existing accounts if the attacker's OIDC email or username matches a victim's. This enables unauthorized access and control over the victim's Wekan account.

CVE advisoryCRITICAL

CVE-2026-30623

LiteLLM MCP Server Command Injection Vulnerability

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

LiteLLM's MCP server creation functionality has a critical vulnerability allowing unauthenticated remote command execution. This occurs when the application processes unvalidated JSON configurations, enabling attackers to run arbitrary operating system commands with the privileges of the LiteLLM process. The primary co

CVE advisoryCRITICAL

CVE-2026-26718

XXL-Job Admin CSRF Vulnerability Allows Unauthorized Script Modifications

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A critical CSRF vulnerability in the xxl-job-admin web application allows attackers to make unauthorized changes to Glue IDE shell scripts. This could disrupt job execution if the application is in use and reachable externally. Confirmation of usage and exposure is needed.

CVE advisoryCRITICAL

CVE-2025-65720

Open Source GPT Researcher Command Execution Vulnerability

Halo Surface Signal: 3 out of 5 — possibly public-facing.

An open-source AI research tool has a vulnerability allowing arbitrary command execution on a victim's system through user interaction with a crafted HTML page. This could lead to system compromise, affecting data and sensitive information. The tool is typically used by development or research teams and is not usually

CVE advisoryCRITICAL

CVE-2026-54052

n8n-MCP Tenant Data Exposure and Deletion Vulnerability

Halo Surface Signal: 3 out of 5 — possibly public-facing.

A vulnerability in n8n-MCP, an AI assistant tool for n8n, allows authenticated users to access and modify workflow backups of other tenants when multi-tenancy is enabled in HTTP mode. This could lead to unauthorized access to sensitive data, including credentials and authorization headers, and disruption of other tenan

CVE advisoryCRITICAL

CVE-2026-52887

NocoBase In-App Message Plugin SQL Injection Leads to Command Execution.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A vulnerability in NocoBase's in-app messaging feature allows authenticated users to execute arbitrary commands on the server. This impacts applications built with NocoBase and could lead to unauthorized access or control of systems. Confirm relevance and potential exposure to understand business impact.

CVE advisoryCRITICAL

CVE-2026-51380

Tenda AC10 v3 Buffer Overflow Allows Remote Code Execution or DoS

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A critical buffer overflow vulnerability in Tenda AC10 v3 routers, accessible via the /cgi-bin/UploadCfg endpoint, could permit attackers to cause a denial of service or execute remote code. This issue could impact the availability and integrity of network services on devices deployed at network edges.

CVE advisoryCRITICAL

CVE-2026-49352

9Router Hardcoded JWT Secret Allows Authentication Bypass.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A critical vulnerability exists in 9Router due to a hardcoded secret used for JWT authentication, potentially allowing unauthenticated attackers to forge tokens and gain unauthorized access when the secret is unset. This issue could lead to session hijacking and compromise of the router's functions. Organizations using

CVE advisoryCRITICAL

CVE-2026-46339

9Router Unauthenticated Command Execution Vulnerability

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A critical vulnerability in 9Router, an AI router, permits unauthenticated users to register custom plugins and execute commands. If the affected API endpoints are reachable, this could lead to system compromise. Security leaders should confirm if 9Router is in use to understand potential risks to service integrity.

CVE advisoryCRITICAL

CVE-2026-46684

DataEase Token Validation Vulnerability Allows Forged Token Acceptance

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A vulnerability exists in the DataEase data visualization tool that allows forged security tokens to be accepted, potentially granting unauthorized access to the system. This occurs when the token validation process fails to verify token signatures, allowing an attacker to use custom tokens to impersonate users, especi

CVE advisoryCRITICAL

CVE-2026-45534

DataEase Redshift SQL Injection Leads to Remote Code Execution.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A vulnerability in DataEase, an open-source data visualization tool, allows for remote code execution through Redshift data source connections by loading attacker-controlled configuration files. This could lead to compromised servers and data if the Redshift datasource is reachable.

CVE advisoryCRITICAL

CVE-2026-46421

SAP Cloud Application Programming Model Dependency Compromise Harvests Credentials

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

Malicious versions of SAP Cloud Application Programming Model database service packages were published, which could harvest credentials and attempt to spread. If these compromised packages were installed, any accessible credentials on the machine, such as cloud provider credentials or API keys, should be considered com

CVE advisoryCRITICAL

CVE-2026-62948

OpenWrt DHCPv6 FQDN Option Vulnerability Allows HTML Injection in Admin Page.

Halo Surface Signal: 2 out of 5 — less likely to be public-facing.

A vulnerability exists in OpenWrt's DHCPv6 client, allowing for the injection of malicious code into administrative interfaces when lease data is displayed. This could lead to unauthorized actions or data exposure if an administrator views the affected lease information. The main concern is confirming relevance and exp

CVE advisoryCRITICAL

CVE-2026-53513

Better Auth SSO Plugin Server-Side Request Forgery and Account Linking Vulnerability

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A vulnerability exists in the @better-auth/sso plugin that can allow an attacker to perform server-side request forgery and potentially link accounts by manipulating endpoint URLs. This could lead to unauthorized access or data exposure.

CVE advisoryCRITICAL

CVE-2026-53512

Better Auth OAuth Token Endpoints Allow Unauthenticated Access to Access Tokens

Halo Surface Signal: 5 out of 5 — more likely to be public-facing.

A critical vulnerability exists in an authentication library that could allow an attacker with a valid refresh token and client ID to mint new access and refresh tokens without proper verification. This issue affects specific OAuth token endpoints, potentially enabling unauthorized access to protected resources. It is

CVE advisoryCRITICAL

CVE-2026-50562

FastGPT Workflow Artifact Download Vulnerability

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

A vulnerability in FastGPT's build process allows for the injection of malicious code via untrusted pull requests, potentially enabling the deployment of attacker-controlled Docker images with sensitive secrets during documentation previews. This impacts the integrity of the supply chain and code deployment.

CVE advisoryCRITICAL

CVE-2026-14960

Pegatron Tdelo64.sys Privileged Hardware Access Vulnerability

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

A vulnerability in Pegatron's `Tdelo64.sys` driver allows local attackers to perform unauthorized hardware I/O operations, potentially leading to system instability or persistent compromise. This could enable manipulation of hardware registers and firmware interfaces. The relevance depends on whether this specific driv

CVE advisoryCRITICAL

CVE-2026-62378

RustFS Console Stored XSS Exposes Cloud Credentials.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

RustFS Console's PDF preview component is vulnerable to stored cross-site scripting, allowing an attacker to execute arbitrary HTML content and potentially expose administrator cloud credentials. This vulnerability is a regression of a previous issue and affects versions prior to 0.1.10. The RustFS Console is a web man

CVE advisoryCRITICAL

CVE-2026-52843

Lightpanda Cookie Handling Vulnerability Allows Authenticated Cross-Origin Requests

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

A vulnerability in the Lightpanda headless browser could allow an attacker to issue authenticated cross-origin requests by bypassing session cookie handling. This could potentially lead to unauthorized access to sensitive information or actions on behalf of a user within a Lightpanda session. The main concern is confir

CVE advisoryCRITICAL

CVE-2026-52842

Lightpanda Same-Origin Policy Bypass Vulnerability

Halo Surface Signal: 3 out of 5 — possibly public-facing.

A critical vulnerability exists in the Lightpanda headless browser that allows bypassing origin security checks, potentially enabling malicious sites to interact with trusted content. This issue affects automation and AI tools that process web content, and needs to be assessed for relevance and exposure.

CVE advisoryCRITICAL

CVE-2026-50148

Metabase Snowflake Connection Remote Code Execution Via Arbitrary File Write.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A vulnerability in Metabase, an open-source business intelligence tool, allows for remote code execution on the server by exploiting a flaw in the Snowflake JDBC driver. An attacker can achieve this by configuring a database connection to a malicious server, which could lead to unauthorized file writes and arbitrary co

CVE advisoryCRITICAL

CVE-2026-44986

Penpot Invitation Token and Profile Takeover Vulnerability

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

An authentication vulnerability in Penpot, an open-source design tool, allows a registered user to take over any non-blocked profile without password verification. This could lead to unauthorized access and control over design assets and team data within collaborative workflows.

CVE advisoryCRITICAL

CVE-2026-61740

LightRAG API Key Bypass Allows Unauthenticated Access to Sensitive Endpoints.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A critical vulnerability in LightRAG allows unauthenticated remote attackers to bypass API key protections and access sensitive endpoints, including document operations and data querying. This could lead to unauthorized data access or manipulation.

CVE advisoryCRITICAL

CVE-2026-61736

LightRAG Allows Malicious Websites to Exfiltrate Data or Perform Destructive Actions via Cross-Origin Requests

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A vulnerability in LightRAG's API server allows any malicious website to make authenticated API requests on behalf of a logged-in user. This could lead to the exfiltration of sensitive documents and knowledge graph data, or destructive actions like deleting the document store. Organizations using LightRAG should confir

CVE advisoryCRITICAL

CVE-2026-42533

NGINX Heap Buffer Overflow and Potential Code Execution Vulnerability

Halo Surface Signal: 5 out of 5 — more likely to be public-facing.

A vulnerability exists in NGINX that could allow unauthenticated attackers to cause a denial-of-service or potentially execute code by sending crafted HTTP requests. This issue impacts the data plane and could lead to NGINX worker process restarts or, under certain conditions, code execution.

CVE advisoryCRITICAL

CVE-2026-61451

Grav API Plugin Password Reset Token Poisoning Vulnerability.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

The Grav API plugin allows an unauthenticated attacker to poison password reset links, leading to account takeover. This is achieved by manipulating the `admin_base_url` to redirect reset emails to an attacker-controlled server, enabling the theft of valid reset tokens when victims click the malicious link. The vulnera

CVE advisoryCRITICAL

CVE-2026-56699

Wazuh Manager NDJSON Injection Vulnerability.

Halo Surface Signal: 2 out of 5 — less likely to be public-facing.

Wazuh Manager can allow enrolled agents to inject malicious operations into data requests due to improper handling of field values. This vulnerability may enable unauthorized document deletion, alert tampering, and manipulation of security information across agents when the affected technology is reachable.

CVE advisoryCRITICAL

CVE-2026-56400

open-webui Cross-Origin Resource Sharing Misconfiguration Allows Remote Code Execution.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A cross-origin resource sharing misconfiguration in open-webui allows attackers to execute arbitrary code by crafting malicious cross-site requests from attacker-controlled websites when an administrator visits them. This vulnerability, affecting applications providing AI interfaces, could lead to code execution on the