CVE-2026-9051 Authentication Bypass Vulnerability in NI SystemLink Enterprise

There is an authentication bypass vulnerability in the NI SystemLink Enterprise Dashboard application that may allow an unauthenticated remote attacker to bypass authentication controls leading to privilege escalation or information disclosure. Successful exploitation requires an attacker to send...

EUVD-2026-33411

There is an authentication bypass vulnerability in the NI SystemLink Enterprise Dashboard application that may allow an unauthenticated remote attacker to bypass authentication controls leading to privilege escalation or information disclosure. Successful exploitation requires an attacker to send...

PT-2026-44971

Name of the Vulnerable Software and Affected Versions NI SystemLink Enterprise versions prior to 2026-04 Description An authentication bypass in the NI SystemLink Enterprise Dashboard application allows an unauthenticated remote attacker to circumvent authentication controls. This can be achieved...

EUVD-2026-32281

IBM WebSphere Application Server - Liberty 19.0.0.7 through 26.0.0.5 and IBM WebSphere Application Server 9.0, and 8.5 and WebSphere Application Server Liberty are vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability ...

CVE-2026-4410

IBM WebSphere Application Server - Liberty 19.0.0.7 through 26.0.0.5 and IBM WebSphere Application Server 9.0, and 8.5 and WebSphere Application Server Liberty are vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability ...

CVE-2026-4410 IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by a denial of service

IBM WebSphere Application Server - Liberty 19.0.0.7 through 26.0.0.5 and IBM WebSphere Application Server 9.0, and 8.5 and WebSphere Application Server Liberty are vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability ...

Taipy 路径遍历漏洞

Taipy is an open-source application developed by Avaiga. It was designed specifically for data scientists and machine learning engineers to build data and artificial intelligence network applications. Version 4.1.1 of Taipy contains a path traversal vulnerability. This vulnerability stems from th...

PT-2026-43955

Name of the Vulnerable Software and Affected Versions IBM WebSphere Application Server - Liberty versions 19.0.0.7 through 26.0.0.5 IBM WebSphere Application Server version 9.0 IBM WebSphere Application Server version 8.5 WebSphere Application Server Liberty affected versions not specified...

CVE-2026-8633

CVE-2026-8633 affects IBM WebSphere Application Server and WebSphere Application Server Liberty when using the optional Web Server Plug-ins for WebSphere. The VULN allows remote code execution through a specially crafted request in the plug-ins (CWE-94). Affected products are the Web Server Plug-...

CVE-2026-8633

IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5, 9.0 IBM WebSphere Application Server and WebSphere Application Server Liberty are vulnerable to remote code execution in the Web Server Plug-ins, through a specially crafted request...

EUVD-2026-31927

IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5, 9.0 IBM WebSphere Application Server and WebSphere Application Server Liberty are vulnerable to remote code execution in the Web Server Plug-ins, through a specially crafted request...

xorg: xwayland: X.Org X server: Information exposure and denial of service via out-of-bounds memory access

A flaw was found in the X.Org X server's XKB key types request validation. A local attacker could send a specially crafted request to the X server, leading to an out-of-bounds memory access vulnerability. This could result in the disclosure of sensitive information or cause the server to crash,...

PT-2026-43364

Name of the Vulnerable Software and Affected Versions IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty versions 8.5 through 9.0 Description Remote code execution is possible in the Web Server Plug-ins when processing a specially crafted request. This issue allows an...

PT-2026-43363

IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5, 9.0 IBM WebSphere Application Server and WebSphere Application Server Liberty are vulnerable to HTTP request smuggling in the Web Server Plug-ins through a specially crafted request...

CVE-2026-9249

Unverified password change in Devolutions Server allows an attacker to change a user's password without providing the previous one via a crafted password change request. This issue affects : Devolutions Server 2026.1.6.0 through 2026.1.16.0 Devolutions Server 2025.3.20.0 and earlier...

CVE-2026-8477

Improper enforcement of the sealed-entry workflow in the entry sensitive-data retrieval feature in Devolutions Server allows an authenticated user with access to a sealed entry to retrieve its sensitive data without triggering the unseal audit notification via a crafted API request. This issue...

EUVD-2026-31461

Improper enforcement of the sealed-entry workflow in the entry sensitive-data retrieval feature in Devolutions Server allows an authenticated user with access to a sealed entry to retrieve its sensitive data without triggering the unseal audit notification via a crafted API request. This issue...

CVE-2026-9246

Improper access control in the entry documentation and attachment features in Devolutions Server allows an authenticated user with vault read access to retrieve the documentation and attachments of sealed entries via a crafted API request. This issue affects : Devolutions Server 2026.1.6.0 throug...

CVE-2026-9249

Unverified password change in Devolutions Server allows an attacker to change a user's password without providing the previous one via a crafted password change request. This issue affects : Devolutions Server 2026.1.6.0 through 2026.1.16.0 Devolutions Server 2025.3.20.0 and earlier...

CVE-2026-9249

Unverified password change in Devolutions Server allows an attacker to change a user's password without providing the previous one via a crafted password change request. This issue affects : Devolutions Server 2026.1.6.0 through 2026.1.16.0 Devolutions Server 2025.3.20.0 and earlier...