PT-2026-46337

Unauthenticated Local File Inclusion in Dazzle = 1.0.0 versions...

PT-2026-46372

Unauthenticated Local File Inclusion in Spike = 1.2 versions...

PT-2026-46359

Unauthenticated Local File Inclusion in Medeus = 1.14 versions...

PT-2026-46369

Unauthenticated Local File Inclusion in Choreo = 1.6 versions...

PT-2026-46377

Unauthenticated Local File Inclusion in Etude = 1.6 versions...

PT-2026-46348

Subscriber Privilege Escalation in Genemy = 1.6.6 versions...

PT-2026-46387

Name of the Vulnerable Software and Affected Versions WP Meta Sort Posts versions prior to 1.0 Description The WP Meta Sort Posts plugin for WordPress is subject to Cross-Site Request Forgery CSRF, a type of attack where an unauthorized user tricks a victim into performing actions they did not...

PT-2026-46364

Unauthenticated Local File Inclusion in Gita = 1.11 versions...

PT-2026-46345

Subscriber SQL Injection in Events Schedule - WordPress Events Calendar Plugin = 2.7.2 versions...

PT-2026-46322

Unauthenticated Local File Inclusion in Modernee = 1.6.0 versions...

PT-2026-46378

Unauthenticated Local File Inclusion in Line Agency = 1.3.1 versions...

PT-2026-46353

Unauthenticated Local File Inclusion in Preservation = 1.10 versions...

PT-2026-46347

Subscriber Broken Access Control in Genemy = 1.6.6 versions...

PT-2026-46367

Unauthenticated Local File Inclusion in WineShop = 3.17 versions...

PT-2026-46366

Unauthenticated Local File Inclusion in Grecko = 5.17 versions...

PT-2026-46346

Unauthenticated Local File Inclusion in Wanium = 1.9.8 versions...

Storm-1175 focuses gaze on vulnerable web-facing assets in high-tempo Medusa ransomware operations

In this article 1. Storm-1175’s rapid attack chain: From initial access to impact 2. Mitigation and protection guidance 3. Microsoft Defender detections 4. Indicators of compromise The financially motivated cybercriminal actor tracked by Microsoft Threat Intelligence as Storm-1175 operates...

Urgent Reminder to Update Edge Appliances During Peak Holiday Time-off

Customer Alert: Proactive Defense Against Threat Actor Campaigns Targeting Unpatched Network Security Solutions As the holiday season approaches, we are urging all Ivanti customers to ensure that all their network security solutions are updated to their latest versions, regardless of vendor. We...

EUVD-2025-30842

Malicious code in bioql PyPI...

CLSA-2021-1635459139 Fix CVE(s): CVE-2018-6323, CVE-2017-8421, CVE-2017-15024, CVE-2017-15025, CVE-2017-15022, CVE-2017-15020, CVE-2017-15021, CVE-2017-15225, CVE-2018-18483, CVE-2017-15996, CVE-2018-18484, CVE-2017-12799, CVE-2017-16831, CVE-2017-16832, CVE-2018-1000876, CVE-2018-7208, CVE-2019-14250, CVE-2017-12967, CVE-2019-9075, CVE-2017-17080, CVE-2019-9074, CVE-2018-17794, CVE-2017-17125, CVE-2017-17124, CVE-2017-17121, CVE-2017-6969, CVE-2017-17123, CVE-2018-17358, CVE-2017-6965, CVE-2017-6966, CVE-2018-12641, CVE-2018-8945, CVE-2017-7299, CVE-2018-12699, CVE-2018-10372, CVE-2018-10373, CVE-2019-17451, CVE-2019-17450, CVE-2018-18701, CVE-2018-18700, CVE-2017-7210, CVE-2018-20623, CVE-2017-15938, CVE-2017-15939, CVE-2017-9039, CVE-2017-9038, CVE-2017-14940, CVE-2018-17985, CVE-2018-12700, CVE-2017-9742, CVE-2017-9745, CVE-2017-9744, CVE-2017-9747, CVE-2017-7209, CVE-2017-9749, CVE-2017-9748, CVE-2018-9138, CVE-2017-16828, CVE-2017-16827, CVE-2017-16826, CVE-2017-7614, CVE-2018-6759, CVE-2016-4491, CVE-2017-9044, CVE-2017-9746, CVE-2017-9042, CVE-2017-9040, CVE-2017-9041, CVE-2017-9752, CVE-2017-9753, CVE-2017-9750, CVE-2017-9751, CVE-2017-9756, CVE-2016-4493, CVE-2017-9754, CVE-2017-9755, CVE-2016-4492, CVE-2018-19932, CVE-2017-12458, CVE-2017-12459, CVE-2018-18606, CVE-2018-18607, CVE-2018-18605, CVE-2017-12452, CVE-2017-12453, CVE-2017-12450, CVE-2017-12451, CVE-2017-12456, CVE-2016-4490, CVE-2017-12454, CVE-2017-12455, CVE-2019-14444, CVE-2016-2226, CVE-2017-7224, CVE-2017-7225, CVE-2017-7226, CVE-2017-7227, CVE-2018-18309, CVE-2017-7223, CVE-2017-12449, CVE-2017-12448, CVE-2016-4488, CVE-2016-4489, CVE-2018-17359, CVE-2016-4487, CVE-2018-20671, CVE-2018-20002, CVE-2017-14128, CVE-2017-14129, CVE-2018-7568, CVE-2018-7569, CVE-2017-7302, CVE-2017-7301, CVE-2017-7300, CVE-2018-12934, CVE-2017-8394, CVE-2018-7643, CVE-2018-7642, CVE-2018-17360, CVE-2019-12972, CVE-2018-13033, CVE-2018-19931, CVE-2018-10534, CVE-2018-10535, CVE-2019-9077, CVE-2019-9071, CVE-2019-9070, CVE-2019-9073, CVE-2017-14333, CVE-2018-12698, CVE-2017-14130, CVE-2018-12697, CVE-2018-6543, CVE-2017-9954, CVE-2017-12457, CVE-2017-14939, CVE-2017-14938, CVE-2017-14932, CVE-2017-14930, CVE-2017-8398, CVE-2017-8393, CVE-2017-8395, CVE-2017-14529, CVE-2017-8397, CVE-2017-8396, CVE-2017-13710, CVE-2016-6131

SECURITY UPDATE: - CVE-.patch: backported many upstream patches to fix security issues. - CVE-2016-2226, CVE-2016-4487, CVE-2016-4488, CVE-2016-4489, CVE-2016-4490, CVE-2016-4492, CVE-2016-4493, CVE-2016-6131, CVE-2016-4491, CVE-2017-6965, CVE-2017-6966, CVE-2017-6969, CVE-2017-7209, CVE-2017-721...