CVE-2026-40682

creationtimestamp| type| source ---|---|--- 2026-05-05 21:00:06+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3ml53ehoq2x2t...

org.apache.opennlp:opennlp-distr (>=3.0.0-M1 <=3.0.0-M2) potentially affected by CVE-2026-40682 via org.apache.opennlp:opennlp-tools (>=3.0.0-M1 <=3.0.0-M2)

org.apache.opennlp:opennlp-tools MAVEN version =3.0.0-M1, =3.0.0-M1, =3.0.0-M2 Source cves: CVE-2026-40682 Source advisory: OSV:GHSA-4V8G-86X5-3VRC...

ai.aletyx.kogito:aletyx-kogito-ai-addons-quarkus-adhoc-subprocess (>=0.1.0 <=0.2.0), ai.aletyx.kogito:aletyx-kogito-ai-addons-quarkus-adhoc-subprocess-storage-jpa (>=0.1.0 <=0.2.0) +785 more potentially affected by CVE-2026-40682 via org.apache.opennlp:opennlp-tools (>=2.0.0 <=2.5.8)

org.apache.opennlp:opennlp-tools MAVEN version =2.0.0, =0.1.0, =0.1.0, =2.12.1, =2.12.1, =22.9.0, =22.9.0, =22.9.0, =22.9.0, =22.9.0, =22.9.0, =22.9.0, =22.9.0, =22.9.0, =0.0.6, =0.0.9 and more Source cves: CVE-2026-40682 Source advisory: SNYK:JAVA-ORGAPACHEOPENNLP-16419377...

org.apache.opennlp:opennlp-cli (>=3.0.0-M1 <=3.0.0-M2), org.apache.opennlp:opennlp-distr (>=3.0.0-M1 <=3.0.0-M2) +6 more potentially affected by CVE-2026-40682 via org.apache.opennlp:opennlp-runtime (>=3.0.0-M1 <=3.0.0-M2)

org.apache.opennlp:opennlp-runtime MAVEN version =3.0.0-M1, =3.0.0-M1, =3.0.0-M1, =3.0.0-M1, =3.0.0-M1, =3.0.0-M1, =3.0.0-M1, =3.0.0-M2 Source cves: CVE-2026-40682 Source advisory: SNYK:JAVA-ORGAPACHEOPENNLP-16419378...

UBUNTU-CVE-2026-40682

XML External Entity XXE via Unsanitized Dictionary Parsing in Apache OpenNLP DictionaryEntryPersistor Versions Affected: before 2.5.9, before 3.0.0-M3 Description: The DictionaryEntryPersistor class initializes a static SAXParserFactory at class-load time without enabling FEATURESECUREPROCESSING ...

MAL-2025-40682 Malicious code in yxdvksjmpunoarit (npm)

The package yxdvksjmpunoarit was found to contain malicious code...

CVE-2025-40682

SQL injection vulnerability in Human Resource Management System version 1.0, which allows an attacker to retrieve, create, update and delete databases via the “city” and “state” parameters in the /controller/ccity.php endpoint...

CVE-2024-40682

IBM SmartCloud Analytics - Log Analysis 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, and 1.3.8.2 could allow a local user to cause a denial of service due to improper validation of specified type of input...

CVE-2024-40682

creationtimestamp| type| source ---|---|--- 2025-07-23 15:11:43+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lunck7qf7d2h...

CVE-2024-40682

IBM SmartCloud Analytics - Log Analysis 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, and 1.3.8.2 could allow a local user to cause a denial of service due to improper validation of specified type of input...

CVE-2024-40682

CVE-2024-40682 affects IBM Operations Analytics - Log Analysis. Affected versions are 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, and 1.3.8.2. The vulnerability arises from improper validation of a specified input type, allowing a local user to cause a denial of service. IBM’s remediation advise...

CVE-2024-40682 IBM SmartCloud Analytics - Log Analysis denial of service

IBM SmartCloud Analytics - Log Analysis 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, and 1.3.8.2 could allow a local user to cause a denial of service due to improper validation of specified type of input...

CVE-2024-40682 IBM SmartCloud Analytics - Log Analysis denial of service

IBM SmartCloud Analytics - Log Analysis 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, and 1.3.8.2 could allow a local user to cause a denial of service due to improper validation of specified type of input...

Security Bulletin: Input Validation and Client-Side Bypass Vulnerabilities in IBM Operations Analytics - Log Analysis (CVE-2024-40682, CVE-2024-41750)

Summary Vulnerabilities in IBM Operations Analytics - Log Analysis allow bypassing client-side validation checks for allowable characters, and failure to validate input from the environment. This has been addressed. Vulnerability Details CVEID:CVE-2024-40682 DESCRIPTION: IBM SmartCloud Analytics ...

CVE-2022-40682

A incorrect authorization in Fortinet FortiClient Windows 7.0.0 - 7.0.7, 6.4.0 - 6.4.9, 6.2.0 - 6.2.9 and 6.0.0 - 6.0.10 allows an attacker to execute unauthorized code or commands via sending a crafted request to a specific named pipe...

CVE-2023-40682

creationtimestamp| type| source ---|---|--- 2023-10-13 20:29:07+00:00| seen| https://t.me/cibsecurity/72267...

CVE-2023-40682

IBM App Connect Enterprise 12.0.1.0 through 12.0.8.0 contains an unspecified vulnerability that could allow a local privileged user to obtain sensitive information from API logs. IBM X-Force ID: 263833...

CVE-2023-40682

CVE-2023-40682 affects IBM App Connect Enterprise versions 12.0.1.0 through 12.0.8.0 and describes an unspecified vulnerability enabling a local privileged user to obtain sensitive information from API logs. Multiple connected sources corroborate the affected product and the information-disclosur...

Security Bulletin: IBM App Connect Enterprise is vulnerable to a potential information disclosure

Summary IBM App Connect Enterprise contains an unspecified vulnerability that could allow a local privileged user to obtain sensitive information from API logs CVE-2023-40682. Vulnerability Details CVEID:CVE-2023-40682 DESCRIPTION: IBM App Connect Enterprise contains an unspecified vulnerability...

Fortinet FortiClient Arbitrary file creation from unprivileged users due to process impersonation (FG-IR-22-336)

The version of FortiClient installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-336 advisory. - A incorrect authorization in Fortinet FortiClient Windows 7.0.0 - 7.0.7, 6.4.0 - 6.4.9, 6.2.0 - 6.2.9 and 6.0.0 - 6.0.10...