PT-2026-46994

Name of the Vulnerable Software and Affected Versions NocoDB versions prior to 2026.04.1 Description The password-reset page renders the URL token directly into a JavaScript string literal within a server-rendered EJS template. Because EJS HTML-entity-encodes only a fixed set of characters and...

PT-2026-46997

Name of the Vulnerable Software and Affected Versions NocoDB versions prior to 2026.05.1 Description The shared-view password check used strict-equality === comparison for legacy plaintext passwords. This creates a timing oracle, allowing a network-positioned attacker to leak the password length...

📄 Craft CMS 5.9.5 Missing Authorization / Denial of Service

Craft CMS versions 5.9.5 and below suffer from a missing authorization vulnerability that can trigger an unwanted migration. CVE-2026-31266 - Craft CMS Missing Authorization CVE Information | Field | Value | |-------|-------| | CVE ID | CVE-2026-31266 | | Vendor | Pixel & Tonic | | Product | Craf...

TinyIce 访问控制错误漏洞

TinyIce is a streaming server developed by Sylwester that supports multiple protocol inputs and outputs. Versions 0.8.95 to 2.4.1 of TinyIce contain access control vulnerability issues. This vulnerability stems from the lack of authentication for WebRTC ingestion endpoints, which may allow...

Redline WR3200 安全漏洞

The Redline WR3200 is a Wi-Fi 4 router from the Turkish company Redline, capable of supporting 300Mbps wireless transmission. The Redline WR3200 versions from 7.1.3 to 7.1.8 have security vulnerabilities. These vulnerabilities stem from improper authentication, lack of authentication for critical...

Ubuntu 14.04 LTS / 16.04 LTS : Tomcat vulnerabilities (USN-8383-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8383-1 advisory. It was discovered that Tomcat incorrectly handled digest authentication. A remote attacker could possibly use this issue to bypass...

Lyrion Music Server 9.2.0 Arbitrary Directory Listing

Summary Lyrion Music Server formerly Logitech Media Server, and often abbreviated as "LMS" is open-source software which can control and serve stream music to a wide range of physical and virtual audio players called Squeezeboxes. Lyrion Music Server can stream your local music collection, intern...

CVE-2026-48567

Authentication bypass by spoofing in Azure HorizonDB allows an unauthorized attacker to elevate privileges over a network...

CVE-2023-5502

On affected platforms running Arista EOS with 802.1x authentication configured on the access/trunk ports, and routing enabled on the access VLAN of the ports, a malicious supplicant may be able to bypass the requirement to perform 802.1x authentication...

CVE-2026-10906

CVE-2026-10906 : Use-after-free in WebAuthentication of Google Chrome before 149.0.7827.53 allows a remote attacker, user must engage in specific UI gestures, potentially leading to heap corruption via a crafted HTML page. Affected component: WebAuthentication in Chrome/Chromium stack. Root cause...

CVE-2026-10906

Use after free in WebAuthentication in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2026-10906

Use after free in WebAuthentication in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2023-5502 On affected platforms running Arista EOS with 802.1x authentication configured on the access/trunk ports, a malicious supplicant may bypass authentication.

On affected platforms running Arista EOS with 802.1x authentication configured on the access/trunk ports, and routing enabled on the access VLAN of the ports, a malicious supplicant may be able to bypass the requirement to perform 802.1x authentication...

CVE-2023-5502 On affected platforms running Arista EOS with 802.1x authentication configured on the access/trunk ports, a malicious supplicant may bypass authentication.

On affected platforms running Arista EOS with 802.1x authentication configured on the access/trunk ports, and routing enabled on the access VLAN of the ports, a malicious supplicant may be able to bypass the requirement to perform 802.1x authentication...

CVE-2026-48567

Authentication bypass by spoofing in Azure HorizonDB allows an unauthorized attacker to elevate privileges over a network...

CVE-2024-6858 In Arista’s EOS when in 802.1X mode, multi-auth unauthenticated hosts might be allowed access to a switch port if there exists an EAPOL capable device in the fallback VLAN.

In Arista’s EOS when in 802.1X mode, multi-auth unauthenticated hosts might be allowed access to a switch port if there exists an EAPOL capable device in the fallback VLAN...

CVE-2024-6858 In Arista’s EOS when in 802.1X mode, multi-auth unauthenticated hosts might be allowed access to a switch port if there exists an EAPOL capable device in the fallback VLAN.

In Arista’s EOS when in 802.1X mode, multi-auth unauthenticated hosts might be allowed access to a switch port if there exists an EAPOL capable device in the fallback VLAN...

Shopware: SSRF in Media External-Link Endpoint Bypasses IP Validation

Summary The /api/action/media/external-link endpoint allows authenticated admin users to make server-side HTTP HEAD requests to arbitrary internal IP addresses. While the parallel uploadFromURL flow validates target IPs against private/reserved ranges via FileUrlValidator, the linkURL flow only...

Shopware: Unauthorized Payment Trigger for Foreign Orders via /store-api/handle-payment

Summary The Shopware Store API endpoint /store-api/handle-payment contains an object-level authorization flaw that allows a low-privileged external user with a normal customer or guest context to trigger the payment flow for another user’s order by supplying a foreign orderId. The affected...

GHSA-9V5M-39WH-5CHQ Shopware: Unauthorized Payment Trigger for Foreign Orders via /store-api/handle-payment

Summary The Shopware Store API endpoint /store-api/handle-payment contains an object-level authorization flaw that allows a low-privileged external user with a normal customer or guest context to trigger the payment flow for another user’s order by supplying a foreign orderId. The affected...