|
251
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Improper validation of SSH host keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier
New
|
CWE-295
Improper Certificate Validation
|
CVE-2026-9258
|
2026-06-16 23:53 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Improper validation of server certificates in Canon EOS Network Setting Tool Version 1.5.0 or earlier
New
|
CWE-295
Improper Certificate Validation
|
CVE-2026-9259
|
2026-06-16 23:53 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253
|
6.2 |
MEDIUM
Local
|
-
|
-
|
Use of hard-coded cryptographic keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier
New
|
CWE-321
Use of Hard-coded Cryptographic Key
|
CVE-2026-9260
|
2026-06-16 23:53 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254
|
6.8 |
MEDIUM
Network
|
-
|
-
|
Use of weak SSH cryptographic algorithms in Canon EOS Network Setting Tool Version 1.5.0 or earlier
New
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2026-9261
|
2026-06-16 23:53 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Use of a non-secure protocol as the default FTP configuration in Canon EOS Network Setting Tool Version 1.5.0 or earlier
New
|
CWE-1188
Insecure Default Initialization of Resource
|
CVE-2026-9262
|
2026-06-16 23:53 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256
|
7.5 |
HIGH
Network
|
-
|
-
|
Unauthenticated Broken Access Control in WP Event SOlution <= 4.1.12 versions.
New
|
CWE-862
Missing Authorization
|
CVE-2025-68045
|
2026-06-16 23:52 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257
|
7.1 |
HIGH
Network
|
-
|
-
|
Unauthenticated Cross Site Scripting (XSS) in Min Max Step Quantity Limits Manager for WooCommerce <= 5.2.2 versions.
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-39437
|
2026-06-16 23:52 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258
|
7.5 |
HIGH
Network
|
-
|
-
|
Unauthenticated Broken Access Control in JupiterX Core <= 4.14.1 versions.
New
|
CWE-862
Missing Authorization
|
CVE-2026-39490
|
2026-06-16 23:52 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259
|
9.3 |
CRITICAL
Network
|
-
|
-
|
Unauthenticated SQL Injection in InPost Gallery <= 2.1.4.6 versions.
New
|
CWE-89
SQL Injection
|
CVE-2026-39574
|
2026-06-16 23:52 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260
|
8.5 |
HIGH
Network
|
-
|
-
|
Subscriber SQL Injection in WP Sessions Time Monitoring Full Automatic <= 1.1.4 versions.
New
|
CWE-89
SQL Injection
|
CVE-2026-39581
|
2026-06-16 23:52 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
