257325 matches found
ROOT-APP-PYPI-CVE-2025-54121 CVE-2025-54121 in rootio-starlette - Patched by Root
Root has patched CVE-2025-54121 in the rootio-starlette package for Root:PyPI. Multiple fixed versions available...
CVE-2026-57702
creationtimestamp| type| source ---|---|--- 2026-07-13 11:16:06+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mqjkvqdtb32w...
CVE-2026-57786
creationtimestamp| type| source ---|---|--- 2026-07-13 11:08:55+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqjkivcoiu2w...
CVE-2026-57812
Missing Authorization vulnerability in NSquared Simply Schedule Appointments simply-schedule-appointments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simply Schedule Appointments: from n/a through = 1.6.12.4...
CVE-2026-57804
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor allows PHP Local File Inclusion.This issue affects TheGem Theme Elements for Elementor: from n/a through...
CVE-2026-57796
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in VLThemes Leedo leedo allows PHP Local File Inclusion.This issue affects Leedo: from n/a through = 3.0.0...
CVE-2026-57781
Missing Authorization vulnerability in Sovlix MeetingHub meetinghub allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MeetingHub: from n/a through = 1.25.10...
EUVD-2026-43315
Mattermost versions 11.7.x = 11.7.2, 11.6.x = 11.6.4 fail to verify whether a guest account is deactivated before creating a session in the magic-link token login path, which allows a deactivated guest user to obtain a fully functional session via a magic-link token issued prior to deactivation...
EUVD-2026-43286
The Database for Contact Form 7, WPforms, Elementor forms WordPress plugin before 1.5.2 does not restrict the PHP classes allowed when unserializing an attacker-supplied form-field value, allowing unauthenticated users to inject arbitrary PHP objects that are instantiated when an administrator...
EUVD-2026-43291
The WP Job Portal WordPress plugin before 2.5.5 does not perform capability or ownership checks before allowing job moderation actions, allowing authenticated users with a subscriber-level self-registerable account to approve, feature, or reject arbitrary jobs, including those owned by other user...
CVE-2026-57797 WordPress EduMall theme <= 4.5.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in ThemeMove EduMall edumall allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EduMall: from n/a through = 4.5.1...
CVE-2026-57810
CVE-2026-57810 describes a SQL injection in the WordPress plugin APIExperts Square for WooCommerce (woosquare), affecting versions up to and including 4.7.4. The vulnerability is characterized as blind SQL injection due to improper neutralization of special elements in SQL queries. The provided d...
CVE-2026-61952 WordPress WooCommerce Bulk Edit Products – WP Sheet Editor plugin <= 1.8.21 - Broken Access Control vulnerability
Missing Authorization vulnerability in Jose Vega WooCommerce Bulk Edit Products – WP Sheet Editor woo-bulk-edit-products allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Bulk Edit Products – WP Sheet Editor: from n/a through = 1.8.21...
CVE-2026-57400
The CVE-2026-57400 entry concerns the WordPress plugin Event Tickets Manager for WooCommerce. A Missing Authorization vulnerability is described as due to Incorrectly Configured Access Control Security Levels, affecting the plugin’s “Event Tickets Manager for WooCommerce” component in versions up...
ROOT-APP-NPM-CVE-2026-54307 CVE-2026-54307 in @rootio/n8n - Patched by Root
Root has patched CVE-2026-54307 in the @rootio/n8n package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-54312 CVE-2026-54312 in @rootio/n8n - Patched by Root
Root has patched CVE-2026-54312 in the @rootio/n8n package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-54309 CVE-2026-54309 in @rootio/n8n - Patched by Root
Root has patched CVE-2026-54309 in the @rootio/n8n package for Root:npm. Multiple fixed versions available...
CVE-2026-15532
creationtimestamp| type| source ---|---|--- 2026-07-13 06:43:24+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqj3o3xkkn2i...
CVE-2026-15531
creationtimestamp| type| source ---|---|--- 2026-07-13 06:30:26+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqj2wvxzcs2e...
ROOT-OS-DEBIAN-11-CVE-2026-32777 CVE-2026-32777 in rootio-expat - Patched by Root
Root has patched CVE-2026-32777 in the rootio-expat package for Root:Debian:11. Multiple fixed versions available...