PT-2026-28382

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.8.6 Description Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.6, any authenticated user can overwrite any file's content by ID through the...

Outline 安全漏洞

Outline is an open-source knowledge base developed by Outline. Versions of Outline from 0.86.0 to 1.6.0 have security vulnerabilities. These vulnerabilities stem from the failure to invalidate OTP codes based on the number or frequency of invalid submissions, which can lead to brute-force attacks...

PT-2026-28357

Name of the Vulnerable Software and Affected Versions CPCI85 Central Processing/Communication versions prior to V26.10 SICORE Base system versions prior to V26.10.0 Description An out-of-bounds write issue exists when parsing specially crafted XML inputs. This could allow an unauthenticated...

AlmaLinux 8 : 389-ds:1.4 (ALSA-2026:5513)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:5513 advisory. 389-ds-base: 389-ds-base: Remote Code Execution and Denial of Service via heap buffer overflow CVE-2025-14905 Tenable has extracted the preceding description block...

SUSE: Security Advisory (SUSE-SU-2026:0993-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EUVD-2026-16058

Saloon is vulnerable to SSRF and credential leakage via absolute URL in endpoint overriding base URL...

Authorization Bypass Through User-Controlled Key

Overview n8n-nodes-base is a Base nodes of n8n Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the credential resolution and permission check. An attacker can access and decrypt plaintext secrets belonging to other users by exploiting chain...

RHSA-2026:5598 Red Hat Security Advisory: 389-ds-base security update

Bulletin has no description...

RHSA-2026:5597 Red Hat Security Advisory: 389-ds-base security update

Bulletin has no description...

Ja4Scanner

Ja4Scanner — Bug Bounty Hunter's Toolkit A Python CLI tool fo...

SUSE CVE-2026-28492

File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Prior to version 2.61.0, when a user creates a public share link for a directory, the withHashFile middleware in http/public.go uses...

SUSE CVE-2026-30857

WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.3.0, a cross-tenant authorization bypass in the knowledge base copy endpoint allows any authenticated user to clone duplicate another tenant's knowledge base into their own tena...

PT-2026-28160

Name of the Vulnerable Software and Affected Versions Saloon versions prior to 4.0.0 Description Saloon is a PHP library used for building API integrations and SDKs. A flaw exists where the library combines a connector's base URL with a request endpoint. If the endpoint is a valid absolute URL,...

CVE-2019-25640

Inout Article Base CMS contains SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries through the 'p' and 'u' parameters. Attackers can inject SQL code using XOR-based payloads in GET requests to portalLogin.php to extract sensitive database information...

CVE-2019-25640 Inout Article Base CMS Lastest SQL Injection via portalLogin.php

Inout Article Base CMS contains SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries through the 'p' and 'u' parameters. Attackers can inject SQL code using XOR-based payloads in GET requests to portalLogin.php to extract sensitive database information...

389-ds-base: 389-ds-base: Remote Code Execution and Denial of Service via heap buffer overflow

A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the schemaattrenumcallback function within the schema.c file. This occurs because the code incorrectly calculates the buffer size by summing alias string lengths without accounting for additional formatting...

389-ds-base: 389-ds-base: Remote Code Execution and Denial of Service via heap buffer overflow

A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the schemaattrenumcallback function within the schema.c file. This occurs because the code incorrectly calculates the buffer size by summing alias string lengths without accounting for additional formatting...

Important: Red Hat Security Advisory: Red Hat Ceph Storage

A new version of Red Hat build of Ceph Storage has been released The Red Hat Storage Ceph container images are based on the latest ubi9 base image and Ceph 8.1. This release updates to the latest version...

389-ds-base: 389-ds-base: Remote Code Execution and Denial of Service via heap buffer overflow

A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the schemaattrenumcallback function within the schema.c file. This occurs because the code incorrectly calculates the buffer size by summing alias string lengths without accounting for additional formatting...

389-ds-base: 389-ds-base: Remote Code Execution and Denial of Service via heap buffer overflow

A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the schemaattrenumcallback function within the schema.c file. This occurs because the code incorrectly calculates the buffer size by summing alias string lengths without accounting for additional formatting...