CVE-2026-27196

creationtimestamp| type| source ---|---|--- 2026-02-21 05:21:55+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfduvo7ni32s 2026-03-30 23:00:14+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3micrc5qn3e2r...

CVE-2026-27196

Statmatic is a Laravel and Git powered content management system CMS. Versions 5.73.8 and below in addition to 6.0.0-alpha.1 through 6.3.1 have a Stored XSS vulnerability in html fieldtypes which allows authenticated users with field management permissions to inject malicious JavaScript that...

CVE-2020-27196

An issue was discovered in PlayJava in Play Framework 2.6.0 through 2.8.2. The body parsing of HTTP requests eagerly parses a payload given a Content-Type header. A deep JSON structure sent to a valid POST endpoint that may or may not expect JSON payloads causes a StackOverflowError and Denial of...

CVE-2025-27196 Premiere Pro | Heap-based Buffer Overflow (CWE-122)

Premiere Pro versions 25.1, 24.6.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2024-27196

creationtimestamp| type| source ---|---|--- 2024-03-15 14:22:16+00:00| seen| https://t.me/ctinow/208785 2024-03-15 14:26:41+00:00| seen| https://t.me/ctinow/208796...

CVE-2024-27196

Cross Site Scripting XSS vulnerability in Joel Starnes postMash – custom post order allows Reflected XSS.This issue affects postMash – custom post order: from n/a through 1.2.0...

CVE-2024-27196

CVE-2024-27196 affects the WordPress plugin postMash – custom post order (versions up to and including 1.2.0). Public docs describe a Reflected XSS vulnerability in that plugin. Core details in connected sources specify affected product/version and the nature of the vulnerability (Reflected XSS);...

CVE-2024-27196 WordPress postMash – custom post order plugin <= 1.2.0 - Reflected Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability in Joel Starnes postMash – custom post order allows Reflected XSS.This issue affects postMash – custom post order: from n/a through 1.2.0...

CVE-2024-27196 WordPress postMash – custom post order plugin <= 1.2.0 - Reflected Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability in Joel Starnes postMash – custom post order allows Reflected XSS.This issue affects postMash – custom post order: from n/a through 1.2.0...

WordPress postMash – custom post order Plugin <= 1.2.0 is vulnerable to Cross Site Scripting (XSS)

Software postMash – custom post order Type Plugin Vulnerable versions = 1.2.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-27196 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f81d96aa3cf3 Credits Dimas Maulana Require...

EUVD-2022-27196

Windows Hyper-V Information Disclosure Vulnerability...

CVE-2022-27196

Jenkins Favorite Plugin 2.4.0 and earlier does not escape the names of jobs in the favorite column, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure or Item/Create permissions...

io.jenkins.blueocean:blueocean (>=1.0-alpha-1 <=1.27.25), io.jenkins.blueocean:blueocean-bitbucket-pipeline (>=1.27.17 <=1.27.25) +10 more potentially affected by CVE-2022-27196 via org.jvnet.hudson.plugins:favorite (>=1.16 <=2.3.1)

org.jvnet.hudson.plugins:favorite MAVEN version =1.16, =1.0-alpha-1, =1.27.17, =1.0.0, =1.0-alpha-1, =1.0-alpha-1, =1.0.0, =1.0.0, =1.0-alpha-8, =1.0-alpha-4, =0.1-preview-4, =1.0-alpha-1, =0.1, =1.0.0 Source cves: CVE-2022-27196 Source advisory: OSV:GHSA-874R-46C6-7P4R...

CVE-2022-27196

The CVE-2022-27196 entry concerns Jenkins Favorite Plugin (versions up to 2.4.0 and earlier). The vulnerability arises because the plugin does not escape job names in the favorite column, causing stored XSS. This is exploitable by attackers with Item/Configure or Item/Create permissions. Connecte...

Hitachi Energy Relion 670, 650 and SAM600-IO Improper Input Validation (CVE-2021-27196)

Improper Input Validation vulnerability in Hitachi ABB Power Grids Relion 670 Series, Relion 670/650 Series, Relion 670/650/SAM600-IO, Relion 650, REB500, RTU500 Series, FOX615 TEGO1, MSM, GMS600, PWC600 allows an attacker with access to the IEC 61850 network with knowledge of how to reproduce th...

CVE-2021-27196

CVE-2021-27196 affects Hitachi Energy Relion 670/650 series and related IEC 61850 interfaces. The issue is caused by improper input validation that allows an attacker with IEC 61850 network access to trigger a reboot, rendering affected devices inoperable for about 60 seconds. Affected products a...

Hitachi Energy Relion 670, 650 and SAM600-IO

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: Relion 670, 650, and SAM600-IO Vulnerabilities: Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled...

CVE-2020-27196

creationtimestamp| type| source ---|---|--- 2020-11-06 16:50:54+00:00| seen| https://t.me/cibsecurity/15974...

CVE-2020-27196

CVE-2020-27196 affects Play Framework’s PlayJava in versions 2.6.0–2.8.2. The vulnerability arises from body parsing of HTTP requests that eagerly parses a payload when a Content-Type header is present; sending a deep JSON structure to a valid POST endpoint can trigger a StackOverflowError, resul...