Linux Distros Unpatched Vulnerability : CVE-2026-44578

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Next.js is a React framework for building full-stack web applications. From 13.4.13 to before 15.5.16 and 16.2.5, self-hosted applications using the built-in...

ROOT-APP-NPM-CVE-2026-44578 CVE-2026-44578 in @rootio/next - Patched by Root

Root has patched CVE-2026-44578 in the @rootio/next package for Root:npm. Multiple fixed versions available...

Exploit for Server-Side Request Forgery in Vercel Next.Js

nextjs-cve-2026-44578 Nuclei templates for detecting...

PT-2026-39417

Name of the Vulnerable Software and Affected Versions Next.js versions 12.2.0 through 15.5.15 Next.js versions 16.0.0 through 16.2.4 Description An external client can send an x-nextjs-data header on a request to a path handled by middleware that returns a redirect. This causes the middleware or...

PT-2026-39418

Name of the Vulnerable Software and Affected Versions Next.js versions 14.2.0 through 15.5.15 Next.js versions 16.0.0 through 16.2.4 Description Applications using React Server Components RSC are susceptible to cache poisoning when shared caches fail to correctly partition response variants. An...

PT-2026-39412

Name of the Vulnerable Software and Affected Versions Next.js versions 13.0.0 through 15.5.15 Next.js versions 16.0.0 through 16.2.4 Description Applications using beforeInteractive scripts combined with untrusted content are susceptible to cross-site scripting XSS, a flaw where malicious scripts...

PT-2026-39411

Impact Applications using Partial Prerendering through the Cache Components feature can be vulnerable to connection exhaustion through crafted POST requests to a server action. In affected configurations, a malicious request can trigger a request-body handling deadlock that leaves connections ope...

CVE-2026-44578

creationtimestamp| type| source ---|---|--- 2026-05-07 23:40:51+00:00| seen| https://bsky.app/profile/securestep9.bsky.social/post/3mlcfbrg7m62h 2026-05-08 03:00:06+00:00| seen| Telegram/xvoYgOFnUf5jFw65bW2FC7fcn6orx4l4LTjm0d68ZkOEzo 2026-05-08 12:09:44+00:00| seen|...

CVE-2022-44578

Missing Authorization vulnerability in Pierre JEHAN Owl Carousel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Owl Carousel: from n/a through 0.5.3...

CVE-2022-44578

Missing Authorization vulnerability in Pierre JEHAN Owl Carousel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Owl Carousel: from n/a through 0.5.3...

CVE-2022-44578

creationtimestamp| type| source ---|---|--- 2024-12-13 14:29:14+00:00| seen| https://infosec.exchange/users/cve/statuses/113645987638383204...

CVE-2022-44578

CVE-2022-44578 : WordPress Owl Carousel plugin (

CVE-2022-44578 WordPress Owl Carousel plugin <= 0.5.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Pierre JEHAN Owl Carousel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Owl Carousel: from n/a through 0.5.3...

WordPress Owl Carousel Plugin <= 0.5.3 is vulnerable to Broken Access Control

Software Owl Carousel Type Plugin Vulnerable versions = 0.5.3 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2022-44578 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 544a8d98b467 Credits thiennv Required privilege...