19 matches found
CVE-2026-26746
creationtimestamp| type| source ---|---|--- 2026-02-24 00:23:00+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfkvlw3c4b2f 2026-02-24 00:23:01+00:00| seen| https://bsky.app/profile/potato.software/post/3mfkvlxchyo2u...
CVE-2026-26746
OpenSourcePOS 3.4.1 contains a Local File Inclusion LFI vulnerability in the Sales.php::getInvoice function. An attacker can read arbitrary files on the web server by manipulating the Invoice Type configuration. This issue can be chained with the file upload functionality to achieve Remote Code...
Exploit for CVE-2026-26746
No d...
CVE-2026-26746
OpenSourcePOS 3.4.1 contains a Local File Inclusion LFI vulnerability in the Sales.php::getInvoice function. An attacker can read arbitrary files on the web server by manipulating the Invoice Type configuration. This issue can be chained with the file upload functionality to achieve Remote Code...
CVE-2022-26746
This issue was addressed by removing the vulnerable code. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to bypass Privacy preferences...
CVE-2025-26746
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in caalami Advanced Custom Fields: Link Picker Field acf-link-picker-field allows Reflected XSS.This issue affects Advanced Custom Fields: Link Picker Field: from n/a through = 1.2.8...
CVE-2025-26746 WordPress Advanced Custom Fields: Link Picker Field plugin <= 1.2.8 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in caalami Advanced Custom Fields: Link Picker Field acf-link-picker-field allows Reflected XSS.This issue affects Advanced Custom Fields: Link Picker Field: from n/a through = 1.2.8...
CVE-2025-26746
CVE-2025-26746 tracks a Reflected XSS in Advanced Custom Fields: Link Picker Field (affected: from n/a through 1.2.8). The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L) yields a base score of 7.1 ( HIGH ) with impact on confidentiality, integrity, and availability all rated as low. The at...
Linux Distros Unpatched Vulnerability : CVE-2024-26746
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Ensure safe user copy of completion record If CONFIGHARDENEDUSERCOPY is...
SUSE CVE-2024-26746
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Ensure safe user copy of completion record If CONFIGHARDENEDUSERCOPY is enabled, copying completion record from event log cache to user triggers a kernel bug. 1987.159822 usercopy: Kernel memory exposure attempt...
CVE-2024-26746
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Ensure safe user copy of completion record If CONFIGHARDENEDUSERCOPY is enabled, copying completion record from event log cache to user triggers a kernel bug. 1987.159822 usercopy: Kernel memory exposure attempt...
CVE-2024-26746
The CVE-2024-26746 issue is a Linux kernel vulnerability where event log cache allocation used kmem_cache_create is unsafe for user copies, triggering a kernel bug when HARDENED_USERCOPY is enabled. The connected PT/ Nessus entries confirm the problem is tied to the idxd event log completion reco...
CVE-2024-26746 dmaengine: idxd: Ensure safe user copy of completion record
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Ensure safe user copy of completion record If CONFIGHARDENEDUSERCOPY is enabled, copying completion record from event log cache to user triggers a kernel bug. 1987.159822 usercopy: Kernel memory exposure attempt...
CVE-2024-26746 dmaengine: idxd: Ensure safe user copy of completion record
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Ensure safe user copy of completion record If CONFIGHARDENEDUSERCOPY is enabled, copying completion record from event log cache to user triggers a kernel bug. 1987.159822 usercopy: Kernel memory exposure attempt...
CVE-2024-26746
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Ensure safe user copy of completion record If CONFIGHARDENEDUSERCOPY is enabled, copying completion record from event log cache to user triggers a kernel bug. 1987.159822 usercopy: Kernel memory exposure attempt...
CVE-2024-26746
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Ensure safe user copy of completion record If CONFIGHARDENEDUSERCOPY is enabled, copying completion record from event log cache to user triggers a kernel bug. 1987.159822 usercopy: Kernel memory exposure attempt...
CVE-2022-26746
creationtimestamp| type| source ---|---|--- 2022-05-27 00:14:26+00:00| seen| https://t.me/cibsecurity/43446...
CVE-2022-26746
Summary (CVE-2022-26746) Apple macOS contained a vulnerability that could let a malicious app bypass Privacy preferences. It was addressed by removing the vulnerable code and is fixed in Security Update 2022-004 for Catalina, macOS Monterey 12.4, and macOS Big Sur 11.6.6. Across multiple sources,...
CVE-2021-26746
CVE-2021-26746 affects Chamilo 1.11.14, with a stored/reflected cross-site scripting vector accessible via main/calendar/agenda_list.php?type= URI. The vulnerability is documented across multiple feeds (NVD, CNVD, OSV, CVE list) as Chamilo XSS, with no explicit exploitation details, patches, or m...