tag
Privilege-Escalation
High
MyBB 1.8.40 Limited Admin CP User-Manager to Full Administrator Privilege Escalation
None assigned as of 2026-07-03 (see Notes — CVE-2026-45115 identifies a separate, already-patched MyBB issue)·
MyBB forum software, Admin CP add-user flow
unpatched
Critical
Gogs Admin User Edit CSRF to Git Hook RCE
None assigned as of 2026-07-03·
Gogs (self-hosted Git service)
unpatched
High
Gitea act_runner container.options Host Namespace Escape
None assigned as of 2026-07-03·
Gitea Actions act_runner (Docker-backed)
unpatched
High
Discourse Scoped API Key Pre-Route Authorization Bypass
None assigned as of 2026-07-03·
Discourse (forum platform)
unpatched
High
AnyDesk Printer Pipe COM Impersonation Local Privilege Escalation
None assigned as of 2026-07-03·
AnyDesk for Windows 9.7.6
unpatched
High
Linux Kernel act_pedit Partial COW Page-Cache LPE (CVE-2026-46331)
CVE-2026-46331·
Linux Kernel — net/sched/act_pedit (traffic control packet editing)
unpatched
High
DirtyClone — Linux Kernel LPE via Cloned Packet Page-Cache Overwrite (CVE-2026-43503)
CVE-2026-43503·
Linux kernel (netfilter TEE / __pskb_copy_fclone())
patched
High
Cisco Catalyst SD-WAN Manager Privilege Escalation (CVE-2026-20245)
CVE-2026-20245·
Cisco Catalyst SD-WAN Manager (vManage), SD-WAN Controller (vSmart), SD-WAN Validator (vBond)
unpatched
Critical
Azure Networking Privilege Escalation via Missing Privilege Check
CVE-2025-54914·
Microsoft Azure Networking service (GetRouteTable API)
patched
High
Linux XFRM ESP-in-TCP Local Privilege Escalation (Fragnesia)
CVE-2026-46300·
Linux kernel (XFRM ESP-in-TCP subsystem)
unpatched