CVE-2026-26190

Milvus is an open-source vector database built for generative AI applications. Prior to 2.5.27 and 2.6.10, Milvus exposes TCP port 9091 by default, which enables authentication bypasses. The /expr debug endpoint uses a weak, predictable default authentication token derived from etcd.rootPath...

milvus 访问控制错误漏洞

Milvus is a high-performance cloud-native vector database open source project by The Milvus Project. Versions of Milvus prior to 2.5.27 and 2.6.10 contained an access control vulnerability. This vulnerability stemmed from an authentication bypass in the default exposed TCP port 9091, which could...

PT-2026-8025

Name of the Vulnerable Software and Affected Versions Milvus versions prior to 2.5.27 Milvus versions prior to 2.6.10 Description Milvus, an open-source vector database for generative AI applications, is affected by an issue that allows authentication bypasses. The software exposes TCP port 9091 ...

EUVD-2005-0531

Malware in sbrugna...

EUVD-2010-2323

Malware in sbrugna...

EUVD-2024-28156

Malicious code in bioql PyPI...

EUVD-2022-0903

Malicious code in bioql PyPI...

EUVD-2023-0404

Malicious code in bioql PyPI...

CVE-2023-22795 affecting package ruby 2.6.10-1

CVE-2023-22795 affecting package ruby 2.6.10-1. This CVE either no longer is or was never applicable...

WordPress Jeg Elementor Kit Plugin <= 2.6.9 is vulnerable to Sensitive Data Exposure

Software Jeg Elementor Kit Type Plugin Vulnerable versions = 2.6.9 Fixed in 2.6.10 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-8899 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID a83345ae77b9 Credits Ankit Patel Required...

RHSA-2022:1402 Red Hat Security Advisory: OpenShift Virtualization 2.6.10 RPMs security and bug fix update

Bulletin has no description...

OESA-2024-1840 openvpn security update

OpenVPN is a full-featured open source SSL VPN solution that accommodates a wide range of configurations, including remote access, site-to-site VPNs, Wi-Fi security, and enterprise-scale remote access solutions with load balancing, failover, and fine-grained access-controls. Starting with the...

DEBIAN-CVE-2024-28882

OpenVPN from 2.6.0 through 2.6.10 in a server role accepts multiple exit notifications from authenticated clients which will extend the validity of a closing session...

CVE-2024-28882

OpenVPN from 2.6.0 through 2.6.10 in a server role accepts multiple exit notifications from authenticated clients which will extend the validity of a closing session...

OpenVPN Security Vulnerabilities

OpenVPN is a software package for creating encrypted tunnels for Virtual Private Networks VPNs from US-based OpenVPN, which uses the OpenSSL library to encrypt data and control information, and allows created VPNs to be authenticated using a public key, an electronic certificate, or a...

WordPress Loco Translate Plugin <= 2.6.9 is vulnerable to Cross Site Request Forgery (CSRF)

Software Loco Translate Type Plugin Vulnerable versions = 2.6.9 Fixed in 2.6.10 OWASP Top 10 A4: Insecure Design Classification Cross Site Request Forgery CSRF CVE CVE-2024-37236 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID f02123bf72f2 Credits Nosa Shandy Required...

CVE-2024-25116 Specially crafted CF.RESERVE command can lead to denial-of-service

RedisBloom adds a set of probabilistic data structures to Redis. Starting in version 2.0.0 and prior to version 2.4.7 and 2.6.10, authenticated users can use the CF.RESERVE command to trigger a runtime assertion and termination of the Redis server process. The problem is fixed in RedisBloom 2.4.7...

CVE-2024-25115

RedisBloom (the RedisBloom library) is affected by CVE-2024-25115 due to a heap overflow in CF.LOADCHUNK. Specifically, authenticated users could trigger a heap overflow in versions prior to 2.4.7 and prior to 2.6.10, potentially enabling remote code execution. The issue is fixed in RedisBloom 2....

CVE-2024-30225

Deserialization of Untrusted Data vulnerability in WPENGINE, INC. WP Migrate.This issue affects WP Migrate: from n/a through 2.6.10...

PT-2023-26814 · Crocoblock · Crocoblock Jetelements For Elementor

Name of the Vulnerable Software and Affected Versions: Crocoblock JetElements For Elementor versions 2.6.10 and earlier Description: The issue is related to an Improper Control of Generation of Code 'Code Injection' vulnerability. This allows for code injection, which can be exploited by attacker...