CVE-2026-48189 Bypass DedicatedAgentToCustomerGroups Setting

An improper Input Validation vulnerability in OTRS Customer Backend module allows to access customer information which are restricted to other groups. Please note that the feature has to be anabled and CustomerGroupSupport has to be used to be affected. This issue affects OTRS: 7.0.X 8.0.X 2023.X...

CVE-2026-47674 Hono: IP Restriction bypasses static deny rules for non-canonical IPv6

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.21, the ip-restriction middleware hono/ip-restriction compares incoming IP addresses against configured deny and allow rules using string equality after partial normalization. Non-canonical IPv6...

CrowdSec LAPI: Denial of Service via Unbounded Gzip Decompression

The LAPI router uses gin-contrib/gzip with DefaultDecompressHandle globally pkg/apiserver/controllers/controller.go. This middleware decompresses incoming request bodies without enforcing a maximum decompressed size. The endpoints /v1/watchers or /v1/watchers/login require no authentication. An...

EUVD-2026-31505

RT is an open source, enterprise-grade issue and ticket tracking system. Versions 5.0.0 through 5.0.9 and 6.0.0 through 6.0.2 contain an SQL injection vulnerability. An authenticated user can craft input that is incorporated into database queries without proper validation, potentially allowing th...

EUVD-2026-30815

Discourse is an open-source discussion platform. In versions prior to 2026.1.4, 2026.3.1, 2026.4.1 and 2026.5.0-latest.1, outdated cached AI summaries can leak removed content to anonymous and unprivileged users who cannot regenerate summaries. This issue has been fixed in versions 2026.1.4,...

CVE-2026-6735

A flaw was found in PHP, specifically within the PHP-FPM status page. Due to improper sanitation of user data, a remote attacker can craft a malicious URL. When a user views the PHP-FPM status page with this crafted URL, it can lead to the execution of arbitrary JavaScript code Cross-Site Scripti...

CVE-2026-28374

Editors could delete any annotation, even those they do not have read access to. The editor user cannot create or read the annotations...

CVE-2026-40016

Attacker can upload a malicious Sieve script over ManageSieve service or locally to bypass configured CPU time limits for Sieve up to 130 times of the configured limit. Attacker can use this to degrade server performance and bypass configured CPU time limits for Sieve scripts. Install fixed...

EUVD-2026-29298

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.5. An app may be able to access protected user data...

CVE-2026-7817

Local file inclusion LFI and server-side request forgery SSRF vulnerabilities in pgAdmin 4 LLM API configuration endpoints. User-supplied apikeyfile and apiurl preferences were passed to the LLM provider clients without validation. An authenticated user could read arbitrary server-side files by...

CVE-2026-40309

CVE-2026-40309 : Masa CMS (fork of Mura CMS) contains a CSRF flaw in the trash management path. In versions up to 7.5.2, cTrash.empty does not validate anti-CSRF tokens, allowing an authenticated administrator to be tricked into submitting a forged request that permanently deletes all trashed con...

CVE-2026-0300

A buffer overflow vulnerability in the User-ID™ Authentication Portal aka Captive Portal service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets. T...

CVE-2026-34002

A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB X Keyboard Extension modifier map handling. An attacker with access to the X11 server can exploit this by sending a malformed request, which causes the server to read beyond its intended memory...

PT-2026-36604

Name of the Vulnerable Software and Affected Versions itsourcecode Courier Management System version 1.0 Description A remote SQL injection exists in the /edit user.php file. This issue occurs when the ID argument is manipulated, allowing an attacker to execute arbitrary SQL commands...

Allocation of Resources Without Limits or Throttling

Overview n8n is a n8n Workflow Automation Tool Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the MCP OAuth client registration process. An attacker can exhaust server memory resources and render the instance unavailable by sending lar...

OpenVPN OpenSource 安全漏洞

OpenVPN OpenSource is a virtual private network communication software developed by OpenVPN Inc., based on the SSL/TLS protocol. OpenVPN OpenSource has a security vulnerability; this vulnerability stems from bypassing access restrictions through the TLS handshake, potentially leading to the readi...

EUVD-2026-23962

In OpenXiangShan NEMU, when Smstateen is enabled, clearing mstateen0.ENVCFG does not correctly restrict access to henvcfg and senvcfg. As a result, less-privileged code may read or write these CSRs without the required exception, potentially bypassing intended state-enable based isolation control...

Directory Traversal

Overview openmage/magento-lts is a This repository is the home of an unofficial community-driven project. Affected versions of this package are vulnerable to Directory Traversal through the files request parameter in the dataflow import parsers. An attacker with administrative privileges can read...

CVE-2026-40338

A flaw was found in libgphoto2, a library for camera access and control. An out-of-bounds read vulnerability exists in the ptpunpackSonyDPD function. This occurs when the function attempts to read a 2-byte enumeration count without first verifying that sufficient data remains in the buffer. A loc...

GHSA-H97W-PM3W-MWMC Apache Airflow allows users with asset materialize permissions to trigger DAGs outside of their permissions

UI / API User with asset materialize permission could trigger dags they had no access to. Users are advised to migrate to Airflow version 3.2.0 that fixes the issue...