CVE-2026-7519

A vulnerability has been found in Fujian Apex LiveBOS up to 2.0. Impacted is an unknown function of the file /feed/UploadImage.do of the component Endpoint. Such manipulation of the argument filename leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to t...

CVE-2026-1607

The Surbma | Booking.com Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's surbma-bookingcom shortcode in all versions up to, and including, 2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possibl...

OPENSUSE-SU-2026:10958-1 chromedriver-149.0.7827.53-2.1 on GA media

These are all security issues fixed in the chromedriver-149.0.7827.53-2.1 package on the GA media of openSUSE Tumbleweed...

CVE-2019-25731

Zuz Music 2.1 is affected by a persistent cross-site scripting vulnerability that lets unauthenticated attackers inject JavaScript via crafted data in the /gmusic/zuzconsole/___contact endpoint (name, subject, message). The payload executes when administrators view messages in the inbox. CVSS met...

OPENSUSE-SU-2026:10947-1 erlang27-27.1.3-2.1 on GA media

These are all security issues fixed in the erlang27-27.1.3-2.1 package on the GA media of openSUSE Tumbleweed...

PT-2026-47146

Name of the Vulnerable Software and Affected Versions chromedriver versions prior to 149.0.7827.53-2.1 Description An issue in Google Chrome allows attackers to affect the system. Recommendations Update to version 149.0.7827.53-2.1...

Appsmiths SQL Query autocomplete renderer contains a cross site scripting vulnerability

Overview A stored cross-site scripting XSS vulnerability has been discovered in Appsmith, specifically in the CodeMirror based SQL query editor’s autocomplete renderer. CVE-2026-7299 has been assigned to track the vulnerability. An attacker with developer level access to a shared PostgreSQL...

PT-2026-47147

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53-2.1 Description An issue in Google Chrome allows attackers to affect the system. Recommendations Update to version 149.0.7827.53-2.1...

OPENSUSE-SU-2026:10930-1 yq-4.53.2-2.1 on GA media

These are all security issues fixed in the yq-4.53.2-2.1 package on the GA media of openSUSE Tumbleweed...

Projectworlds Gate Pass Management System SQL注入漏洞

The Projectworlds Gate Pass Management System is an open-source boarding pass management system developed by Projectworlds. Version 2.1 of the Projectworlds Gate Pass Management System has a SQL injection vulnerability. This vulnerability stems from the login and password parameters, which are...

OPENSUSE-SU-2026:10898-1 matrix-synapse-1.153.0-2.1 on GA media

These are all security issues fixed in the matrix-synapse-1.153.0-2.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10901-1 rqlite-10.1.0-2.1 on GA media

These are all security issues fixed in the rqlite-10.1.0-2.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10904-1 vorbis-tools-1.4.3-2.1 on GA media

These are all security issues fixed in the vorbis-tools-1.4.3-2.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10877-1 helm3-3.21.0-2.1 on GA media

These are all security issues fixed in the helm3-3.21.0-2.1 package on the GA media of openSUSE Tumbleweed...

WordPress plugin Two-factor authentication 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

OPENSUSE-SU-2026:10869-1 roundcubemail-1.6.16-2.1 on GA media

These are all security issues fixed in the roundcubemail-1.6.16-2.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10868-1 libyang-devel-3.13.6-2.1 on GA media

These are all security issues fixed in the libyang-devel-3.13.6-2.1 package on the GA media of openSUSE Tumbleweed...

libppsdocument4_0-6-50.1-2.1 on GA media (moderate)

libppsdocument40-6-50.1-2.1 on GA media Announcement ID: openSUSE-SU-2026:10853-1 Rating: moderate Cross-References: CVE-2026-46529 CVSS scores: CVE-2026-46529 SUSE : 7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-46529 SUSE : 7.5...

OPENSUSE-SU-2026:10848-1 amazon-ecs-init-1.103.0-2.1 on GA media

These are all security issues fixed in the amazon-ecs-init-1.103.0-2.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10853-1 libppsdocument4_0-6-50.1-2.1 on GA media

These are all security issues fixed in the libppsdocument40-6-50.1-2.1 package on the GA media of openSUSE Tumbleweed...