Trend Micro Apex Central Improper Authentication Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of Trend Micro Apex Central. Authentication is required to exploit this vulnerability. The specific flaw exists within the management console. The issue results from incorrect implementation of the...

Trend Micro Apex Central Hub Server Server-Side Request Forgery Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Trend Micro Apex Central. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of hub server URLs. By providing a crafted URL, an attacker ca...

BIT-MOODLE-2026-26045 Moodle: moodle: improper validation in file restore functionality leading to remote code execution

A flaw was identified in Moodle’s backup restore functionality where specially crafted backup files were not properly validated during processing. If a malicious backup file is restored, it could lead to unintended execution of server-side code. Since restore capabilities are typically available ...

UBUNTU-CVE-2026-27810

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, an HTTP Response Header Injection vulnerability in the calibre Content Server allows any authenticated user to inject arbitrary HTTP headers into server responses via an...

CVE-2026-27810

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, an HTTP Response Header Injection vulnerability in the calibre Content Server allows any authenticated user to inject arbitrary HTTP headers into server responses via an...

CVE-2026-2383

The Simple Download Monitor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom field in all versions up to, and including, 4.0.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access...

CVE-2026-28226

CVE-2026-28226 — Phishing Club : An authenticated SQL injection exists in the GetOrphaned recipient listing endpoint for versions before 1.30.2. The endpoint concatenates a user-controlled sortBy value directly into the SQL ORDER BY clause without allowlist validation, allowing injection of SQL e...

CVE-2026-25927

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the DICOM viewer state API e.g. upload or state save/load accepts a document ID docid without verifying that the document belongs to the current user’s authorized patie...

CVE-2026-27839

CVE-2026-27839 affects wger up to version 2.4, where three nutritional_values endpoints fetch objects via Model.objects.get(pk=pk) instead of using a user-scoped queryset. This allows any authenticated user to read another user’s private nutrition data (caloric intake and full macro breakdown) by...

CVE-2026-26985

LORIS Longitudinal Online Research and Imaging System is a self-hosted web application that provides data- and project-management for neuroimaging research. Starting in version 24.0.0 and prior to versions 26.0.5, 27.0.2, and 28.0.0, an authenticated user with the appropriate authorization can re...

CVE-2026-2845

An issue has been discovered in GitLab CE/EE affecting all versions from 11.2 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an authenticated user to cause denial of service by exploiting a Bitbucket Server import endpoint via repeatedly sending large responses...

EUVD-2026-8666

A vulnerability in the CLI and web-based management interface of Cisco UCS Manager Software could allow an authenticated, remote attacker with valid administrative privileges to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to...

CVE-2026-24890

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, an authorization bypass vulnerability in the patient portal signature endpoint allows authenticated portal users to upload and overwrite provider signatures by setting...

CVE-2026-27705

Plane is an an open-source project management tool. Prior to version 1.2.2, the ProjectAssetEndpoint.patch method in apps/api/plane/app/views/asset/v2.py lines 579–593 performs a global asset lookup using only the asset ID pk via FileAsset.objects.getid=pk, without verifying that the asset belong...

Plane 安全漏洞

Plane is an open-source, self-hosted project planning tool developed by Plane OpenSource. Versions of Plane prior to 1.2.2 contained security vulnerabilities. These vulnerabilities stemmed from the ProjectAssetEndpoint.patch method, which performed global asset searches based solely on asset IDs,...

PT-2026-22025

Name of the Vulnerable Software and Affected Versions LORIS versions prior to 26.0.5 LORIS versions prior to 27.0.2 LORIS versions prior to 28.0.0 Description LORIS is a self-hosted web application used for data and project management in neuroimaging research. An authenticated user with appropria...

GHSA-VXG3-V4P6-F3FP Pimcore vulnerable to SQL injection via unsanitized filter value in Dependency Dao RLIKE clause

The filter query parameter in the dependency listing endpoints is JSON-decoded and the value field is concatenated directly into RLIKE clauses without sanitization or parameterized queries. Affected code in models/Dependency/Dao.php: - getFilterRequiresByPath lines 90, 95, 100 -...

CVE-2026-27483

The CVE-2026-27483 entry describes MindsDB prior to version 25.9.1.1 with a path traversal in the /api/files "Upload File" module. The vulnerability arises because multipart uploads do not filter the uploaded filename path, allowing an authenticated attacker to inject "../" sequences and cause fi...

CVE-2026-23984 Apache Superset: SQLLab Read-Only Bypass on PostgreSQL

An Improper Input Validation vulnerability exists in Apache Superset that allows an authenticated user with SQLLab access to bypass the read-only verification check when using a PostgreSQL database connection. While the system effectively blocks standard Data Manipulation Language DML statements...

PT-2026-21762

Name of the Vulnerable Software and Affected Versions AVideo versions prior to 22.0 Description AVideo is an open source video platform. The aVideoEncoder.json.php API endpoint accepts a downloadURL parameter and fetches the referenced resource server-side without proper validation or an...