CVE-2026-7312

Same vendor

• CVE-2026-7313 — CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from 8.0.5700 to 13.3.7652 allows a remote a... (8.7 HIGH)
• CVE-2026-7201 — CWE-639: Authorization Bypass Through User-Controlled Key in web services in Progress Sitefinity 15.2.x before 15.2.8441, 15.3.x before 1... (8.8 HIGH)
• CVE-2026-7198 — CWE-284: Improper Access Control in web services in Progress Sitefinity 15.4.8623 before 15.4.8630 allows a remote unauthenticated attack... (9.8 CRITICAL)
• CVE-2026-7195 — CWE-20: Improper Input Validation in web services in Progress Sitefinity 14.1.x through 14.3.x, 14.4.x before 14.4.8152, 15.0.x before 15... (8.8 HIGH)
• CVE-2026-8488 — Allocation of resources without limits or throttling vulnerability in Progress Software MOVEit Automation allows Excessive Allocation (4.3 MEDIUM)

Same CWE

• CVE-2026-41715 — In specific scenarios involving HTTP redirects from a secure to an insecure endpoint, the Reactor Netty HTTP client may leak credentials (6.1 MEDIUM)
• CVE-2026-39908 — OpenBullet2 through version 0.3.2 on Windows contains a credential disclosure vulnerability that allows remote attackers to capture the N... (6.5 MEDIUM)
• CVE-2026-46440 — Flowise is a drag & drop user interface to build a customized large language model flow (9.1 CRITICAL)
• CVE-2026-46511 — HAX CMS helps manage microsite universe with PHP or NodeJs backends
• CVE-2026-7313 — CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from 8.0.5700 to 13.3.7652 allows a remote a... (8.7 HIGH)