161615 matches found
PT-2026-37258
Name of the Vulnerable Software and Affected Versions MagicMirror² versions prior to 2.36.0 Description An unauthenticated Server-Side Request Forgery SSRF exists in the '/cors' endpoint, which acts as an open HTTP proxy without authentication or URL validation. This allows remote attackers to...
PT-2026-37035
Name of the Vulnerable Software and Affected Versions eLabFTW versions prior to 5.4.2 Description The login flow in this open source electronic lab notebook does not reliably preserve the multi-factor authentication state across authentication steps. An attacker possessing valid primary credentia...
CVE-2026-43002
CVE-2026-43002 (OpenStack Horizon) affects Horizon 25.6 and 25.7 prior to 25.7.3. A write operation to the session storage backend occurs before authentication, allowing unauthenticated requests to exhaust storage. This is a regression of CVE-2014-8124. Impact: potential denial of service due to ...
PT-2026-37266
Name of the Vulnerable Software and Affected Versions Mongoose versions prior to 6.13.9 Mongoose versions prior to 7.8.9 Mongoose versions prior to 8.22.1 Mongoose versions prior to 9.1.6 Description A flaw in the sanitizeFilter query sanitization mechanism allows it to be bypassed using the $nor...
Vaultwarden 数据伪造问题漏洞
Vaultwarden is an alternative implementation of the Bitwarden server API, developed by Daniel García. Versions of Vaultwarden 1.35.4 and earlier contained a data manipulation vulnerability. This vulnerability stemmed from updating credential metadata before signature verification during the...
PT-2026-37215
Name of the Vulnerable Software and Affected Versions Vaultwarden versions prior to 1.35.5 Description The WebAuthn authentication flow in the validate webauthn login function updates persistent credential metadata, specifically the backup eligible and backup state flags, using unverified...
Mikrotik RouterOS 信任管理问题漏洞
Mikrotik RouterOS is an operating system for network devices developed by the Latvian company Mikrotik. There is a vulnerability in MikroTik RouterOS’s trust management mechanism. This vulnerability stems from the shared certificate validation logic, which leads to scope confusion. As a result, a...
📄 Craft CMS 5.6.16 Remote Code Execution
Craft CMS version 5.6.16 remote code execution exploit. Exploit Title: Craft CMS 5.6.16 - RCE Google Dork: N/A Date: 2026-01-24 Exploit Author: Mohammed Idrees Banyamer Author Country: Jordan Vendor Homepage: https://craftcms.com Software Link: https://github.com/craftcms/cms Version: = 3.9.14, =...
📄 JUNG Smart Visu Server 1.1.1050 Denial of Service
JUNG Smart Visu Server version 1.1.1050 suffers from a denial of service vulnerability. Exploit Title: JUNG Smart Visu Server 1.1.1050- Dos CVE: CVE-2026-26235 Date: 2026-02-12 Exploit Author: Mohammed Idrees Banyamer Author Country: Jordan Instagram: @banyamersecurity Author GitHub:...
OpenStack Horizon 安全漏洞
OpenStack Horizon is an OpenStack-based project built using Django. It aims to provide a complete OpenStack dashboard along with a scalable framework for building new dashboards from reusable components. Versions 25.6, 25.7, and prior to 25.7.3 of OpenStack Horizon contained security...
PT-2026-37285
Name of the Vulnerable Software and Affected Versions FireFighter versions prior to 0.0.54 Description The 'POST /api/v2/firefighter/raid/jira bot' endpoint CreateJiraBotView is accessible without authentication. The attachments payload is processed via httpx.get without URL validation, allowing ...
CVE-2026-33006
A timing attack against modauthdigest in Apache HTTP Server 2.4.66 allows a bypass of Digest authentication by a remote attacker. Users are recommended to upgrade to version 2.4.67, which fixes this issue...
ALSA-2026:13830 Important: dovecot security update
Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fixes: doveco...
FreeBSD : www/apache24 -- Multiple vulnerabilities (1ccc383b-486a-11f1-8b62-8447094a420f)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 1ccc383b-486a-11f1-8b62-8447094a420f advisory. The Apache httpd project reports: modproxyajp: CVE-2026-34059, CVE-2026-34032, CVE-2026-33857,...
Nginx-UI: Authenticated settings disclosure exposes node.secret and enables trusted-node authentication abuse, backup exfiltration, and restore-based nginx-ui state rollback
An authenticated user can call GET /api/settings and retrieve sensitive configuration values, including node.secret. The same node.secret is accepted by AuthRequired through the X-Node-Secret header or nodesecret query parameter, causing the request to be treated as authenticated via the...
RHEL 9 : nginx (RHSA-2026:13680)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:13680 advisory. nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage...
AlmaLinux 8 : dovecot (ALSA-2026:13830)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:13830 advisory. dovecot: ManageSieve: Denial of Service via crafted SASL initial response in AUTHENTICATE command CVE-2025-59032 dovecot: denial of service via crafted...
UBUNTU-CVE-2026-33007
A NULL pointer dereference in the modauthnsocache in Apache HTTP Server 2.4.66 and earlier allows an unauthenticated remote user to crash a child process in a caching forward proxy configuration. Users are recommended to upgrade to version 2.4.67, which fixes this issue...
PT-2026-36944
Name of the Vulnerable Software and Affected Versions MoreConvert Pro versions prior to 1.9.15 Description The MoreConvert Pro plugin for WordPress contains an authentication bypass flaw. The issue exists because the guest waitlist verification flow fails to invalidate or regenerate verification...
PT-2026-37283
Name of the Vulnerable Software and Affected Versions Network-AI versions prior to 5.1.3 Description The MCP HTTP transport accepts JSON-RPC tools/call requests without requiring authentication, sessions, origins, or token checks, dispatching them directly to the orchestrator's tool registry...