7056 matches found
CVE-2026-57474
The CVE entry CVE-2026-57474 concerns Deloitte AI Assist for Customer. Public-facing API endpoints accepted unauthenticated requests, exposing configuration information that could aid an attacker’s reconnaissance. The root cause is exposure of configuration data via unauthenticated access to API ...
PT-2026-56028
Name of the Vulnerable Software and Affected Versions FOSSBilling versions 0.6.10 through 0.7.2 Description An issue exists in the Config::prettyPrintArrayToPHP method where string values are written into the config.php file without escaping single quotes during configuration updates. Since...
DRUPAL-CONTRIB-2026-060
The optional Paragraphs Library module allows the reuse of paragraphs in multiple places. The module doesn't sufficiently restrict access to unpublished library items in lists. This vulnerability is mitigated by the fact the paragraphs\library module must be in use, and that an attacker must have...
PT-2026-49149
Name of the Vulnerable Software and Affected Versions Microweber versions prior to 2.0.21 Description A path traversal issue exists in the API Endpoint component. A remote attacker can manipulate the cache path relative argument within the userfiles path function of the '/api nosession/thumbnail...
EUVD-2026-36511
Typesense is a fast, typo-tolerant search engine. Prior to versions 29.1 and 30.2, there is a cache isolation issue affecting search requests that use both server-side search result caching and Scoped Search API Keys. Under specific request ordering, cached search results could be reused across...
EEF-CVE-2026-48859 SSH server timing side-channel in ssh_auth:check_password/3 allows unauthenticated username enumeration
Summary Observable Timing Discrepancy vulnerability in Erlang/OTP ssh ssh\auth, ssh\options modules allows unauthenticated remote username enumeration via timing side-channel in password authentication. When the SSH daemon is configured with the user\passwords or password option,...
CVE-2026-10854
CVE-2026-10854 affects MISP: a visibility control issue in the event template creation workflow allowed non-site-admin users to access private galaxies belonging to other organisations. The event template builder loaded all enabled galaxies without applying organisation or distribution-based acce...
CVE-2026-48189 Bypass DedicatedAgentToCustomerGroups Setting
An improper Input Validation vulnerability in OTRS Customer Backend module allows to access customer information which are restricted to other groups. Please note that the feature has to be anabled and CustomerGroupSupport has to be used to be affected. This issue affects OTRS: 7.0.X 8.0.X 2023.X...
CVE-2026-47674 Hono: IP Restriction bypasses static deny rules for non-canonical IPv6
Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.21, the ip-restriction middleware hono/ip-restriction compares incoming IP addresses against configured deny and allow rules using string equality after partial normalization. Non-canonical IPv6...
CrowdSec LAPI: Denial of Service via Unbounded Gzip Decompression
The LAPI router uses gin-contrib/gzip with DefaultDecompressHandle globally pkg/apiserver/controllers/controller.go. This middleware decompresses incoming request bodies without enforcing a maximum decompressed size. The endpoints /v1/watchers or /v1/watchers/login require no authentication. An...
EUVD-2026-31505
RT is an open source, enterprise-grade issue and ticket tracking system. Versions 5.0.0 through 5.0.9 and 6.0.0 through 6.0.2 contain an SQL injection vulnerability. An authenticated user can craft input that is incorporated into database queries without proper validation, potentially allowing th...
EUVD-2026-30815
Discourse is an open-source discussion platform. In versions prior to 2026.1.4, 2026.3.1, 2026.4.1 and 2026.5.0-latest.1, outdated cached AI summaries can leak removed content to anonymous and unprivileged users who cannot regenerate summaries. This issue has been fixed in versions 2026.1.4,...
CVE-2026-6735
A flaw was found in PHP, specifically within the PHP-FPM status page. Due to improper sanitation of user data, a remote attacker can craft a malicious URL. When a user views the PHP-FPM status page with this crafted URL, it can lead to the execution of arbitrary JavaScript code Cross-Site Scripti...
CVE-2026-28374
Editors could delete any annotation, even those they do not have read access to. The editor user cannot create or read the annotations...
CVE-2026-40016
Attacker can upload a malicious Sieve script over ManageSieve service or locally to bypass configured CPU time limits for Sieve up to 130 times of the configured limit. Attacker can use this to degrade server performance and bypass configured CPU time limits for Sieve scripts. Install fixed...
EUVD-2026-29298
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.5. An app may be able to access protected user data...
CVE-2026-7817
Local file inclusion LFI and server-side request forgery SSRF vulnerabilities in pgAdmin 4 LLM API configuration endpoints. User-supplied apikeyfile and apiurl preferences were passed to the LLM provider clients without validation. An authenticated user could read arbitrary server-side files by...
CVE-2026-40309
CVE-2026-40309 : Masa CMS (fork of Mura CMS) contains a CSRF flaw in the trash management path. In versions up to 7.5.2, cTrash.empty does not validate anti-CSRF tokens, allowing an authenticated administrator to be tricked into submitting a forged request that permanently deletes all trashed con...
CVE-2026-0300
A buffer overflow vulnerability in the User-ID™ Authentication Portal aka Captive Portal service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets. T...
CVE-2026-34002
A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB X Keyboard Extension modifier map handling. An attacker with access to the X11 server can exploit this by sending a malformed request, which causes the server to read beyond its intended memory...