Linux Distros Unpatched Vulnerability : CVE-2026-44581

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Next.js is a React framework for building full-stack web applications. From 13.4.0 to before 15.5.16 and 16.2.5, App Router applications that rely on CSP nonces...

CVE-2026-44581 vulnerabilities

Vulnerabilities for packages: keep...

PT-2026-39417

Name of the Vulnerable Software and Affected Versions Next.js versions 12.2.0 through 15.5.15 Next.js versions 16.0.0 through 16.2.4 Description An external client can send an x-nextjs-data header on a request to a path handled by middleware that returns a redirect. This causes the middleware or...

PT-2026-39411

Name of the Vulnerable Software and Affected Versions Next.js versions prior to 15.5.16 Next.js versions prior to 16.2.5 Description Applications utilizing Partial Prerendering via the Cache Components feature are susceptible to connection exhaustion. A crafted POST request to a server action can...

PT-2026-39412

Name of the Vulnerable Software and Affected Versions Next.js versions 13.0.0 through 15.5.15 Next.js versions 16.0.0 through 16.2.4 Description Applications using beforeInteractive scripts combined with untrusted content are susceptible to cross-site scripting XSS, a flaw where malicious scripts...

PT-2026-39418

Name of the Vulnerable Software and Affected Versions Next.js versions 14.2.0 through 15.5.15 Next.js versions 16.0.0 through 16.2.4 Description Applications using React Server Components RSC are susceptible to cache poisoning when shared caches fail to correctly partition response variants. An...

CVE-2026-44581

creationtimestamp| type| source ---|---|--- 2026-05-07 23:40:51+00:00| seen| https://bsky.app/profile/securestep9.bsky.social/post/3mlcfbrg7m62h...

CVE-2022-44581

Insecure Storage of Sensitive Information vulnerability in WPMU DEV Defender Security allows : Screen Temporary Files for Sensitive Information.This issue affects Defender Security: from n/a through 3.3.2...

WordPress Defender Security Plugin <= 3.3.2 is vulnerable to Broken Authentication

Software Defender Security Type Plugin Vulnerable versions = 3.3.2 Fixed in 3.3.3 OWASP Top 10 A2: Broken Authentication Classification Broken Authentication CVE CVE-2022-44581 Patch priority Low CVSS severity Low 5.3 Developer WPMU DEV PSID e5d5684810f0 Credits Snicco Required privilege...

CVE-2022-44581 WordPress Defender Security plugin <= 3.3.2 - Broken Authentication vulnerability

Insecure Storage of Sensitive Information vulnerability in WPMU DEV Defender Security allows : Screen Temporary Files for Sensitive Information.This issue affects Defender Security: from n/a through 3.3.2...

CVE-2021-44581

creationtimestamp| type| source ---|---|--- 2022-03-29 07:40:49+00:00| seen| https://t.me/cibsecurity/39708...

CVE-2021-44581

An SQL Injection vulnerabilty exists in Kreado Kreasfero 1.5 via the id parameter...

CVE-2021-44581

An SQL Injection vulnerabilty exists in Kreado Kreasfero 1.5 via the id parameter...

CVE-2021-44581

CVE-2021-44581 affects Kreado Kreasfero 1.5 (an open-source CMS). The vulnerability is an SQL injection via the id parameter, with CVSS v3.1 base score 7.5 (high impact, network access, no user interaction). Connected sources confirm the root cause is improper handling of the id parameter leading...