CVE-2026-42591

CVE-2026-42591 (Gotenberg) affects the LibreOffice conversion endpoint in Gotenberg up to version 8.32.0. Uploaded documents are passed directly to LibreOffice for conversion without content inspection, enabling SSRF because LibreOffice can fetch embedded external URLs on its own, bypassing the G...

CVE-2026-30844

Wekan is an open source kanban tool built with Meteor. Versions 8.32 and 8.33 are vulnerable to Server-Side Request Forgery SSRF via attachment URL loading. During board import in Wekan, attachment URLs from user-supplied JSON data are fetched directly by the server without any URL validation or...

CVE-2026-30843 Wekan has Cross-Board IDOR in Custom Fields Update Endpoints

Wekan is an open source kanban tool built with Meteor. Versions 8.32 and 8.33 have a critical Insecure Direct Object Reference IDOR issue which could allow unauthorized users to modify custom fields across boards through its custom fields update endpoints, potentially leading to unauthorized data...

PT-2026-23743

🚨 CVE-2026-30843 Wekan is an open source kanban tool built with Meteor. Versions 8.32 and 8.33 have a critical Insecure Direct Object Reference IDOR issue which could allow unauthorized users to modify custom fields across boards through its custom fields update endpoints, potentially leading to...

WeKan 安全漏洞

WeKan is an open-source dashboard application developed by WeKan. Versions 8.32 and 8.33 of WeKan contain security vulnerabilities. These vulnerabilities stem from insecure direct object references, which could allow unauthorized users to modify custom fields across dashboards...

OPENSUSE-SU-2024:10694-1 coreutils-8.32-8.5 on GA media

These are all security issues fixed in the coreutils-8.32-8.5 package on the GA media of openSUSE Tumbleweed...

CVE-2024-28099

VT STUDIO Ver.8.32 and earlier contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running application...

CVE-2024-28099

VT STUDIO Ver.8.32 and earlier contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running application...

CVE-2024-28099

CVE-2024-28099 affects VT STUDIO versions 8.32 and earlier. The root cause is an insecure DLL search path that may allow loading malicious DLLs, enabling arbitrary code execution with the application’s privileges. Reported across multiple sources (Red Hat, NVD, JVN/JVNVU, PT-Security, and others)...

Advisory ROSA-SA-2021-1947

Software: pcre 8.32 OS: Cobalt 7.9 CVE-ID: CVE-2015-2327 CVE-Crit: MEDIUM CVE-DESC: PCRE before version 8.36 incorrectly handles the pattern / a \ 2 | a \ g / / and related patterns with certain internal recursive backlinks, allowing remote attackers to cause a denial of service segmentation erro...

CVE-2018-20211

ExifTool 8.32 allows local users to gain privileges by creating a %TEMP%\par-%username%\cache-exiftool-8.32 folder with a victim's username, and then copying a Trojan horse ws3232.dll file into this new folder, aka DLL Hijacking. NOTE: 8.32 is an obsolete version from 2010 9.x was released starti...

CVE-2018-20211

ExifTool 8.32 allows local users to gain privileges by creating a %TEMP%\par-%username%\cache-exiftool-8.32 folder with a victim's username, and then copying a Trojan horse ws3232.dll file into this new folder, aka DLL Hijacking. NOTE: 8.32 is an obsolete version from 2010 9.x was released starti...

CVE-2018-20211

CVE-2018-20211 affects ExifTool v8.32. Local privilege escalation via DLL hijacking: an attacker creates a TEMP\par-%username%\cache-exiftool-8.32 folder and places a malicious ws32_32.dll there, allowing privilege gain when a victim runs the tool. Root cause is loading a DLL from a user-writable...

pcre security update

8.32-15.1 - Fix CVE-2015-2328 infinite recursion compiling pattern with recursive reference in a group with indefinite repeat bug 1330508 - Fix CVE-2015-8385 buffer overflow caused by named forward reference to duplicate group number bug 1330508 - Fix CVE-2015-8386 buffer overflow caused by...