PT-2026-40332

Pingvin Share X is a secure and easy self-hosted file sharing platform. From 1.14.1 to 1.16.2, a critical authentication bypass vulnerability allows an attacker who has obtained a valid username and password to skip the second-factor authentication TOTP requirement entirely. Although, an attacker...

PT-2026-39960

The GWD Connect plugin for WordPress is vulnerable to missing authorization to limited code execution in all versions up to, and including, 2.9. This is due to the plugin's standalone agent endpoints gwd-backup.php and gwd-logs.php not verifying authentication when the API key has not been...

Apache Tomcat 9.0.0.M1 < 9.0.118 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 9.0.118. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat9.0.118security-9 advisory. - DEPRECATED: Authentication Bypass Issues vulnerability in digest authentication in Apache Tomcat. Th...

Apache Tomcat 10.1.0.M1 < 10.1.55 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 10.1.55. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat10.1.55security-10 advisory. - DEPRECATED: Authentication Bypass Issues vulnerability in digest authentication in Apache Tomcat...

Zyxel WRE6505 安全漏洞

Zyxel WRE6505 is a wireless signal expansion device produced by Zyxel Corporation in China. The Zyxel WRE6505 v2 V1.00ABDV.3C0 version contains a security vulnerability. This vulnerability stems from the improper limit on the number of authentication attempts made by the web management interface...

PT-2026-40031

pam authnft is a PAM session module binding nftables firewall rules to authenticated sessions via cgroupv2 inodes. Prior to 0.2.0-alpha, a heap buffer over-read in peer lookup tcp src/peer lookup.c:134, prior to the fix allowed a crafted NETLINK SOCK DIAG reply to slip past the message-size check...

PT-2026-40546

Name of the Vulnerable Software and Affected Versions SillyTavern versions prior to 1.18.0 Description An issue exists in the "/api/extensions/delete" endpoint where it accepts the value "." for the extensionName variable. This bypasses the sanitize-filename validation, which converts the dot to ...

PT-2026-40070

Name of the Vulnerable Software and Affected Versions Apache Tomcat versions 11.0.0-M1 through 11.0.21 Apache Tomcat versions 10.1.0-M1 through 10.1.54 Apache Tomcat versions 9.0.2 through 9.0.117 Apache Tomcat versions 8.5.24 through 8.5.100 Apache Tomcat versions 7.0.83 through 7.0.109...

Apache Tomcat 安全漏洞

Apache Tomcat is a lightweight web application server developed by the Apache Foundation in the United States. It supports Servlet and JavaServer Page JSP technologies. Security vulnerabilities exist in versions of Apache Tomcat ranging from 11.0.0-M1 to 11.0.21, from 10.1.0-M1 to 10.1.54, from...

Apache Tomcat 信息泄露漏洞

Apache Tomcat is a lightweight web application server developed by the Apache Foundation in the United States. It supports Servlet and JavaServer Page JSP technologies. Apache Tomcat has a vulnerability related to information leakage, which stems from exposing HTTP authentication headers to...

Open-Xchange OX Dovecot Pro 安全漏洞

Open-Xchange OX Dovecot Pro is a mail storage and delivery system provided by the German company Open-Xchange. Open-Xchange OX Dovecot Pro has a security vulnerability. This vulnerability arises from the use of a security filter for variable expansion, where all subsequent pipes on the same strin...

PT-2026-40024

Name of the Vulnerable Software and Affected Versions dovecot versions prior to 2.4.4-1.1 Description When the safe filter is used with variable expansion, subsequent pipelines on the same string are incorrectly treated as safe. This behavior allows unsafe data to be unescaped, which can lead to...

mem0 安全漏洞

mem0 is an open-source benchmark tool for efficient memory algorithms developed by Mem0. Version 1.0.0 of mem0 contains a security vulnerability. This vulnerability stems from the lack of authentication and authorization controls in the memory creation API endpoints, which may allow remote...

PT-2026-40071

Name of the Vulnerable Software and Affected Versions Apache Tomcat versions 11.0.0-M1 through 11.0.21 Apache Tomcat versions 10.1.0-M1 through 10.1.54 Apache Tomcat versions 9.0.0.M1 through 9.0.117 Apache Tomcat versions 8.5.0 through 8.5.100 Apache Tomcat versions prior to 7.0.0 Description An...

PT-2026-40458

Name of the Vulnerable Software and Affected Versions ChurchCRM versions prior to 7.3.2 Description A pre-authentication remote code execution issue exists in the setup wizard. The flaw allows for remote code execution via the unsanitized DB PASSWORD variable. Recommendations Update to version...

CVE-2026-31234

Horovod through v0.28.1 exposes an insecure deserialization vulnerability (CWE-502) in its KVStore HTTP server. The KVStore server lacks authentication/authorization, allowing remote attackers to write arbitrary data via HTTP PUT. When a Horovod worker subsequently reads data from KVStore (via HT...

PT-2026-40242

Name of the Vulnerable Software and Affected Versions Microsoft SSO Plugin for Jira & Confluence affected versions not specified Description An incorrect implementation of the authentication algorithm allows an unauthorized attacker to forge login responses and bypass Entra ID. This enables the...

PT-2026-40322

The mem0 1.0.0 server lacks authentication and authorization controls for its memory creation API endpoint POST /memories. The endpoint allows unauthenticated users to submit arbitrary memory records without verifying their identity or permissions. A remote attacker can exploit this by sending...

AMD Device Management Portal Key Download

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2025-62619| Missing authentication in the KVM key download endpoint could allow an unauthenticated attacker with knowledge of the exposed URL to retrieve sensitive keys, potentially leading to...

CVE-2026-31215

The nexent v1.7.5.2 backend service contains an unauthorized arbitrary file deletion vulnerability in its ElasticSearch service interface. The DELETE /indexname/documents endpoint lacks proper authentication and authorization controls and does not validate the user-supplied pathorurl parameter...