CVE-2026-4146

creationtimestamp| type| source ---|---|--- 2026-03-31 07:15:18+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3midmxg2ok625 2026-04-01 16:45:05+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mih5b677xn2j...

CVE-2026-4146 Loco Translate <= 2.8.2 - Reflected Cross-Site Scripting via 'update_href' Parameter

The Loco Translate plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘updatehref’ parameter in all versions up to, and including, 2.8.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary w...

RockyLinux 8 : python-pyasn1 (RLSA-2026:4146)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:4146 advisory. pyasn1: pyasn1: Denial of Service due to memory exhaustion from malformed RELATIVE-OID CVE-2026-23490 Tenable has extracted the preceding description block direct...

Oracle Linux 8 : python-pyasn1 (ELSA-2026-4146)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-4146 advisory. 0.3.7-6.el810.1 - Resolves: RHEL-148145 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus...

EUVD-2026-4146

A security vulnerability has been detected in Totolink NR1800X 9.1.0u.6279B20210910. This issue affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Such manipulation of the argument command leads to command injection. The attack can be...

EUVD-2019-4146

Malware in sbrugna...

CVE-2012-4146

Opera before 12.01 allows remote attackers to cause a denial of service application crash via a crafted web site, as demonstrated by the Lenovo "Shop now" page...

CVE-2025-4146 Netgear EX6200 sub_41940 buffer overflow

A vulnerability, which was classified as critical, was found in Netgear EX6200 1.0.3.94. Affected is the function sub41940. The manipulation of the argument host leads to buffer overflow. It is possible to launch the attack remotely. The vendor was contacted early about this disclosure but did no...

DLA-4146-1 libxml2 - security update

Bulletin has no description...

CVE-2022-4146

Expression Language Injection vulnerability in Hitachi Replication Manager on Windows, Linux, Solaris allows Code Injection.This issue affects Hitachi Replication Manager: before 8.8.5-02...

CVE-2024-4146

In lunary-ai/lunary version v1.2.13, an incorrect authorization vulnerability exists that allows unauthorized users to access and manipulate projects within an organization they should not have access to. Specifically, the vulnerability is located in the checkProjectAccess method within the...

RHEL 9 : golang (RHSA-2024:4146)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4146 advisory. The golang packages provide the Go programming language compiler. Security Fixes: golang: net/http, x/net/http2: unlimited number of...

CVE-2024-4146

In lunary-ai/lunary version v1.2.13, an incorrect authorization vulnerability exists that allows unauthorized users to access and manipulate projects within an organization they should not have access to. Specifically, the vulnerability is located in the checkProjectAccess method within the...

CVE-2024-4146 Incorrect Authorization in lunary-ai/lunary

In lunary-ai/lunary version v1.2.13, an incorrect authorization vulnerability exists that allows unauthorized users to access and manipulate projects within an organization they should not have access to. Specifically, the vulnerability is located in the checkProjectAccess method within the...

CVE-2022-4146

creationtimestamp| type| source ---|---|--- 2023-07-18 07:25:41+00:00| seen| https://t.me/cibsecurity/66869...

CVE-2022-4146

Expression Language Injection vulnerability in Hitachi Replication Manager on Windows, Linux, Solaris allows Code Injection.This issue affects Hitachi Replication Manager: before 8.8.5-02...

CVE-2022-4146

CVE-2022-4146 is an Expression Language Injection vulnerability in Hitachi Replication Manager. The issue affects Hitachi Replication Manager on Windows, Linux, and Solaris and is triggered by injection into the product’s expression language handling, potentially allowing code injection. The affe...

CVE-2022-4146 EL Injection Vulnerability in Hitachi Replication Manager

Expression Language Injection vulnerability in Hitachi Replication Manager on Windows, Linux, Solaris allows Code Injection.This issue affects Hitachi Replication Manager: before 8.8.5-02...

RHEL 8 : kpatch-patch (RHSA-2023:4146)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4146 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel...

SUSE: Security Advisory (SUSE-SU-2022:4146-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...