CVE-2026-26246

Mattermost versions 11.3.x = 11.3.0, 11.2.x = 11.2.2, 10.11.x = 10.11.10 fail to bound memory allocation when processing PSD image files which allows an authenticated attacker to cause server memory exhaustion and denial of service via uploading a specially crafted PSD file. Mattermost Advisory I...

CVE-2026-26246

creationtimestamp| type| source ---|---|--- 2026-02-16 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0173/...

CVE-2022-26246

TMS v2.28.0 was discovered to contain a cross-site scripting XSS vulnerability in the component /TMS/admin/setting/mail/createorupdate...

CVE-2025-7298

IrfanView CADImage Plugin DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this vulnerability in that the...

CVE-2023-26246

An issue was discovered in the Hyundai Gen5WL in-vehicle infotainment system AEEPEEUR.S5WL001.001.211214. The AppUpgrade binary file, which is used during the firmware installation process, can be modified by an attacker to bypass the digital signature check. This indirectly allows an attacker to...

CVE-2020-26246

Pimcore is an open source digital experience platform. In Pimcore before version 6.8.5 it is possible to modify & create website settings without having the appropriate permissions...

CVE-2024-26246

creationtimestamp| type| source ---|---|--- 2024-03-15 00:21:30+00:00| seen| https://t.me/ctinow/208302 2024-03-15 00:26:12+00:00| seen| https://t.me/ctinow/208305...

CVE-2024-26246

Microsoft Edge Chromium-based Security Feature Bypass Vulnerability...

CVE-2024-26246 Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

...

CVE-2024-26246

CVE-2024-26246 affects Microsoft Edge (Chromium-based). The vulnerability is described as a Security Feature Bypass in Edge, with the affected component being Edge’s Chromium-based browser. The available data indicate a Low base severity (CVSS 3.1: 3.9), with confidentiality impact High and no in...

CVE-2023-26246

An issue was discovered in the Hyundai Gen5WL in-vehicle infotainment system AEEPEEUR.S5WL001.001.211214. The AppUpgrade binary file, which is used during the firmware installation process, can be modified by an attacker to bypass the digital signature check. This indirectly allows an attacker to...

CVE-2023-26246

The CVE-2023-26246 issue affects Hyundai Gen5W_L in-vehicle infotainment systems AE_E_PE_EUR.S5W_L001.001.211214. The AppUpgrade binary used during firmware installation can be modified to bypass the digital signature check, enabling an attacker to install custom firmware on the IVI system. This ...

Tenda AC9 Buffer Overflow Vulnerability (CNVD-2022-26246)

Tenda AC9 is a wireless router from Tenda, China.Tenda AC9 version 15.03.2.21 is vulnerable to a buffer overflow vulnerability, which originates when the list parameter in the SetIpMacBind function does not properly validate data boundaries when performing operations on memory, and can be exploit...

CVE-2022-26246

CVE-2022-26246 describes an XSS vulnerability in TMS v2.28.0, specifically in the component /TMS/admin/setting/mail/createorupdate. The initial entry attributes a cross-site scripting flaw to this component, with CVSS metrics indicating both a Network vector and user interaction requirements depe...

CVE-2020-26246

creationtimestamp| type| source ---|---|--- 2020-12-03 07:55:39+00:00| seen| https://t.me/cibsecurity/17069...

CVE-2020-26246

Pimcore is an open source digital experience platform. In Pimcore before version 6.8.5 it is possible to modify & create website settings without having the appropriate permissions...

CVE-2020-26246 Authorization bypass in Pimcore

Pimcore is an open source digital experience platform. In Pimcore before version 6.8.5 it is possible to modify & create website settings without having the appropriate permissions...

CVE-2020-26246

Pimcore prior to version 6.8.5 is vulnerable to an authorization bypass that allows modifying and creating website settings without proper permissions. The issue stems from insufficient access rights enforcement, enabling an unauthorised user to alter settings, redirects, and asset metadata. Affe...

Siemens Climatix POL908 and POL909 Cross-Site Scripting Vulnerabilities (CNVD-2020-26246)

Siemens Climatix is a standardized and programmable control solution for air conditioning, refrigeration and district heating OEMs from Siemens, Germany, offering a comprehensive HVAC portfolio that can be expanded to meet specific needs.BACnet IP - POL908 is one of the BACnet IP communication...

CVE-2021-26246

CVE-2021-26246 is rejected/not used and does not represent an active vulnerability entry.