CVE-2026-32534 WordPress JS Help Desk plugin <= 3.0.3 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in JoomSky JS Help Desk js-support-ticket allows Blind SQL Injection.This issue affects JS Help Desk: from n/a through = 3.0.3...

CVE-2026-32534

CVE-2026-32534 describes an SQL Injection issue in the WordPress plugin “JS Help Desk” (js-support-ticket). The connected documentation confirms an authenticated SQL injection vulnerability in this plugin, caused by improper neutralization of SQL elements, affecting versions up to and including 3...

CVE-2026-4716

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component...

CVE-2026-4702

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the JavaScript Engine component...

CVE-2026-4701

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the JavaScript Engine component...

CVE-2026-4698

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the JavaScript Engine: JIT component...

SUSE CVE-2026-4698

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

SUSE CVE-2026-4701

Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

SUSE CVE-2026-4702

JIT miscompilation in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

SUSE CVE-2026-4716

Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

SUSE CVE-2026-4723

Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 149 and Thunderbird 149...

CVE-2026-4723

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the JavaScript Engine component...

CVE-2026-21712

creationtimestamp| type| source ---|---|--- 2026-03-25 03:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/node-js-multiple-vulnerabilities20260325 2026-04-09 12:45:08+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mj2tlhrxnc2b...

SUSE CVE-2026-31809

SiYuan is a personal knowledge management system. Prior to 3.5.10, SiYuan's SVG sanitizer SanitizeSVG checks href attributes for the javascript: prefix using strings.HasPrefix. However, inserting ASCII tab , newline , or carriage return characters inside the javascript: string bypasses this prefi...

PT-2026-28072

n8n is an open source workflow automation platform. Prior to versions 1.123.22, 2.9.3, and 2.10.1, an authenticated user with permission to create or modify workflows could use the JavaScript Task Runner to allocate uninitialized memory buffers. Uninitialized buffers may contain residual data fro...

Seafile Server 安全漏洞

Seafile Server is an open-source cloud storage server software developed by Seafile, offering features for file synchronization, sharing, and collaboration management. Versions of Seafile Server such as 13.0.15, 13.0.16-pro, 12.0.14, and earlier have security vulnerabilities. These vulnerabilitie...

CVE-2026-26830

pdf-image npm package through version 2.0.0 allows OS command injection via the pdfFilePath parameter. The constructGetInfoCommand and constructConvertCommandForPage functions use util.format to interpolate user-controlled file paths into shell command strings that are executed via childprocess.e...

Linux Distros Unpatched Vulnerability : CVE-2026-21717

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw in V8's string hashing mechanism causes integer-like strings to be hashed to their numeric value, making hash collisions trivially predictable. By crafti...

Linux Distros Unpatched Vulnerability : CVE-2026-4702

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - JIT miscompilation in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

PT-2026-28027

Name of the Vulnerable Software and Affected Versions JS Archive List versions through 6.1.7 Description A flaw exists in the deserialization of untrusted data within the jquery-archive-list-widget component of JS Archive List, potentially allowing for object injection. Recommendations Update JS...