CVE-2026-28496

Do Son June 26, 2026

TL;DR A critical FOSSBilling template injection flaw, CVE-2026-28496, carries a CVSS score of 9.4. Attackers can read...

🚨

Receive alerts for vulnerabilities being exploited in the wild.

⚡

Get notified instantly when a Proof of Concept (PoC) exploit is published.

🔍

Access critical info on vulnerabilities even when marked as "RESERVED".

🧠

Insights powered by decades of expertise and global intelligence sources.

🎯

Customize alerts with up to 10 keywords for your specific tech stack.

📊

Export the raw CVE database for SIEM integration and reporting.

CVE-2026-20230CVSS 8.6
A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified...
CVE-2026-12569
A critical remote code execution (RCE) vulnerability has been reported in PTC Windchill PDMlink and PTC FlexPLM. The...
CVE-2026-28496CVSS 9.4
FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 have a Server-Side Template...
CVE-2026-21509CVSS 7.8
Reliance on untrusted inputs in a security decision in Microsoft Office allows an unauthorized attacker to bypass a...
CVE-2026-34908CVSS 10.0
A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi...
CVE-2026-34909CVSS 10.0
A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi OS...
CVE-2026-34910CVSS 10.0
A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi...
CVE-2025-67038CVSS 9.8
An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The HTTP RPC module executes a shell command to write...
CVE-2024-23692CVSS 9.8
Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection vulnerability. This...
CVE-2026-48907
A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated...