Security Bulletin: Security vulnerabilities have been found in IBM Verify Identity Access and IBM Security Verify Access (CVE-2026-5926)

Summary Security vulnerabilities have been addressed in IBM Verify Identity Access and IBM Security Verify Access Vulnerability Details CVEID:CVE-2026-5926 DESCRIPTION: IBM Security Verify Access uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly...

CGA-5926-72FF-MP26

Bulletin has no description...

CVE-2025-5926

creationtimestamp| type| source ---|---|--- 2025-06-13 02:34:08+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/18252 2025-06-13 05:07:49+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lrho5kcgi52a...

CVE-2025-5926 Link Shield <= 0.5.4 - Cross-Site Request Forgery to Stored Cross-Site Scripting

The Link Shield plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.5.4. This is due to missing or incorrect nonce validation on the linkshieldmenuoptions function. This makes it possible for unauthenticated attackers to update settings and...

CVE-2025-5926

The CVE-2025-5926 entry concerns the Link Shield WordPress plugin. Connected sources confirm a Cross-Site Request Forgery weakness due to missing nonce validation in link_shield_menu_options(), enabling unauthenticated requests to update settings and inject stored scripts. Affected versions are u...

CVE-2023-5926

A vulnerability, which was classified as critical, was found in Campcodes Simple Student Information System 1.0. Affected is an unknown function of the file /admin/students/updatestatus.php. The manipulation of the argument studentid leads to sql injection. The exploit has been disclosed to the...

CVE-2019-5926

Cross-site scripting vulnerability in KinagaCMS versions prior to 6.5 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2007-5926

creationtimestamp| type| source ---|---|--- 2025-04-03 14:35:16+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10227...

CVE-2024-5926

A path traversal vulnerability in the get-project-files functionality of stitionai/devika allows attackers to read arbitrary files from the filesystem and cause a Denial of Service DoS. This issue is present in all versions of the application. The vulnerability arises due to insufficient path...

CVE-2024-5926 Path Traversal in stitionai/devika

A path traversal vulnerability in the get-project-files functionality of stitionai/devika allows attackers to read arbitrary files from the filesystem and cause a Denial of Service DoS. This issue is present in all versions of the application. The vulnerability arises due to insufficient path...

CVE-2024-5926 Path Traversal in stitionai/devika

A path traversal vulnerability in the get-project-files functionality of stitionai/devika allows attackers to read arbitrary files from the filesystem and cause a Denial of Service DoS. This issue is present in all versions of the application. The vulnerability arises due to insufficient path...

CVE-2024-5926

CVE-2024-5926 involves a path traversal in stitionai/devika’s get-project-files function. The root cause is insufficient path sanitization for the project-name parameter, enabling an attacker to traverse the filesystem and read arbitrary files, potentially causing a Denial of Service across all v...

CVE-2023-5926

creationtimestamp| type| source ---|---|--- 2023-11-02 23:22:48+00:00| seen| https://t.me/cibsecurity/73485...

CVE-2023-5926 Campcodes Simple Student Information System update_status.php sql injection

A vulnerability, which was classified as critical, was found in Campcodes Simple Student Information System 1.0. Affected is an unknown function of the file /admin/students/updatestatus.php. The manipulation of the argument studentid leads to sql injection. The exploit has been disclosed to the...

CVE-2023-5926

CVE-2023-5926 affects Campcodes Simple Student Information System 1.0. The vulnerability is an SQL injection in the unknown function of /admin/students/update_status.php triggered by manipulating the student_id parameter. Public exploit information is indicated. No official patch/version is provi...

Rocky Linux 9 : php (RLSA-2023:5926)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:5926 advisory. - In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, passwordverify function may accept some invalid Blowfish hashes as valid. If...

Oracle Linux 9 : php (ELSA-2023-5926)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-5926 advisory. 8.0.30-1 - rebase to 8.0.30 - Resolves: RHEL-11946 Tenable has extracted the preceding description block directly from the Oracle Linux security...

RHEL 9 : php (RHSA-2023:5926)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5926 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: XML loading external entity witho...

K42830212: BIG-IP SIP ALG profile vulnerability CVE-2020-5926

Security Advisory Description A BIG-IP virtual server with a Session Initiation Protocol SIP ALG profile, parsing SIP messages that contain a multi-part MIME payload with certain boundary strings can cause TMM to free memory to the wrong cache.CVE-2020-5926 Impact This vulnerability leads to futu...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2020-5926)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5926 advisory. - powercap: restrict energy meter to root access Kanth Ghatraju Orabug: 32137965 CVE-2020-8694 CVE-2020-8695 - netfilter: nfnetlink: correctly...