CVE-2026-28511 elabftw has entry title leakage through autocompletion search

eLabFTW is an open source electronic lab notebook. Prior to version 5.4.2, in certain cases, an authenticated user performing a numeric reference/search can return results that include resources the requesting user is not authorized to view. The exposed information is limited only the title...

CVE-2026-28511 elabftw has entry title leakage through autocompletion search

eLabFTW is an open source electronic lab notebook. Prior to version 5.4.2, in certain cases, an authenticated user performing a numeric reference/search can return results that include resources the requesting user is not authorized to view. The exposed information is limited only the title...

CVE-2026-28510

eLabFTW is an open source electronic lab notebook. In elabftw versions through 5.4.1, the login flow did not reliably preserve the multi-factor authentication state across authentication steps. Under certain conditions, an attacker with valid primary credentials could complete authentication with...

EUVD-2026-27311

eLabFTW is an open source electronic lab notebook. In elabftw versions through 5.4.1, the login flow did not reliably preserve the multi-factor authentication state across authentication steps. Under certain conditions, an attacker with valid primary credentials could complete authentication with...

PT-2026-37035

Name of the Vulnerable Software and Affected Versions eLabFTW versions prior to 5.4.2 Description The login flow in this open source electronic lab notebook does not reliably preserve the multi-factor authentication state across authentication steps. An attacker possessing valid primary credentia...

WordPress AI Lab theme < 5.4.2 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme AI Lab versions 5.4.2...

CVE-2025-50001

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tagDiv tagDiv Composer td-composer allows Reflected XSS.This issue affects tagDiv Composer: from n/a through = 5.4.2...

CVE-2026-25892

Adminer is open-source database management software. Adminer v5.4.1 and earlier has a version check mechanism where adminer.org sends signed version info via JavaScript postMessage, which the browser then POSTs to ?script=version. This endpoint lacks origin validation and accepts POST data from a...

CVE-2026-25892

Adminer is open-source database management software. Adminer v5.4.1 and earlier has a version check mechanism where adminer.org sends signed version info via JavaScript postMessage, which the browser then POSTs to ?script=version. This endpoint lacks origin validation and accepts POST data from a...

PT-2026-7169

Name of the Vulnerable Software and Affected Versions Adminer versions prior to 5.4.2 Description Adminer is database management software. Versions 5.4.1 and earlier have a flawed version check process. The adminer.org domain sends signed version information via JavaScript postMessage, which is...

Joomla! XSS Vulnerability (20260102)

Joomla! is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:joomla:joomla";...

EUVD-2018-11723

Malware in sbrugna...

EUVD-2020-17974

Malware in sbrugna...

EUVD-2018-8003

Malware in sbrugna...

EUVD-2018-8002

Malware in sbrugna...

EUVD-2019-9367

Malware in sbrugna...

EUVD-2016-9341

Malware in sbrugna...

EUVD-2022-32556

Malicious code in bioql PyPI...

EUVD-2022-32555

Malicious code in bioql PyPI...

SUSE-SU-2025:20805-1 Security update for podman

This update for podman fixes the following issues: - CVE-2025-6032: Fixed machine init command failing to verify TLS certificate bsc1245320 - Fix conditional Requires remove deprecated sleversion macro - Update to version 5.4.2: Add release notes for v5.4.2 Fix a potential deadlock during podman ...