CVE-2026-43002

An issue was discovered in OpenStack Horizon 25.6 and 25.7 before 25.7.3. There is a write operation to the session storage backend before authentication and thus storage can be exhausted by unauthenticated requests. This is a regression of the CVE-2014-8124 fix...

UBUNTU-CVE-2026-43002

An issue was discovered in OpenStack Horizon 25.6 and 25.7 before 25.7.3. There is a write operation to the session storage backend before authentication and thus storage can be exhausted by unauthenticated requests. This is a regression of the CVE-2014-8124 fix...

CVE-2026-43002

An issue was discovered in OpenStack Horizon 25.6 and 25.7 before 25.7.3. There is a write operation to the session storage backend before authentication and thus storage can be exhausted by unauthenticated requests. This is a regression of the CVE-2014-8124 fix...

CVE-2026-1232

CVE-2026-1232 affects BeyondTrust Privilege Management for Windows, versions ≤ 25.7. The vulnerability is an anti-tamper bypass that can occur under certain conditions, allowing a local authenticated user with elevated privileges to access protected application components and modify product confi...

EUVD-2025-32218

Malicious code in bioql PyPI...

CVE-2025-11241

The Yoast SEO Premium plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions 25.7 to 25.9 due to a flawed regex used to remove an attribute in post content, which can be abused to inject arbitrary HTML attributes, including JavaScript event handlers. This vulnerability allo...

CVE-2025-11241 Yoast SEO Premium 25.7-25.9 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Yoast SEO Premium plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions 25.7 to 25.9 due to a flawed regex used to remove an attribute in post content, which can be abused to inject arbitrary HTML attributes, including JavaScript event handlers. This vulnerability allo...

CVE-2025-11241 Yoast SEO Premium 25.7-25.9 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Yoast SEO Premium plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions 25.7 to 25.9 due to a flawed regex used to remove an attribute in post content, which can be abused to inject arbitrary HTML attributes, including JavaScript event handlers. This vulnerability allo...

WordPress plugin Yoast SEO Premium 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

PT-2025-40451

Name of the Vulnerable Software and Affected Versions Yoast SEO Premium plugin for WordPress versions 25.7 through 25.9 Description The software is susceptible to a Stored Cross-Site Scripting issue stemming from a flawed regular expression used to remove an attribute within post content. This fl...

CVE-2024-20753

Adobe Photoshop Desktop (Windows/macOS) is affected by CVE-2024-20753, an out-of-bounds read in PDF/file parsing that could allow code execution in the context of the current user. Affected versions include 24.7.3, 25.7 and earlier; exploitation requires the user to open a crafted file. Several c...