19882 matches found
Imperva Customers Protected Against “wp2shell” Pre-Authentication RCE in WordPress Core
TL;DR : A critical pre-authentication Remote Code Execution RCE vulnerability, dubbed "wp2shell" CVE-2026-63030, has been identified in WordPress Core. This vulnerability allows an unauthenticated attacker to execute arbitrary code on a vulnerable WordPress installation without any preconditions,...
EUVD-2026-45344
Authentication bypass using an alternate path or channel in Microsoft Edge Chromium-based allows an unauthorized attacker to perform tampering over a network...
CVE-2026-57980
CVE-2026-57980 refers to a vulnerability in Microsoft Edge (Chromium-based) where an authentication bypass via an alternate path or channel could allow an unauthenticated, network-based tampering by an attacker. The description and connected sources consistently describe this as a network-exposed...
RHSA-2026:41019 Red Hat Security Advisory: Red Hat Edge Manager Version 1.1.3 Security Update
Bulletin has no description...
ROS-20260717-73-0019
The vulnerability in the rendering mode of Microsoft Edge and Google Chrome browsers relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...
PT-2026-60886
Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based affected versions not specified Description An authentication bypass exists that allows an unauthorized attacker to perform tampering over a network by using an alternate path or channel. Recommendations At the...
Important: Red Hat Security Advisory: Red Hat Edge Manager Version 1.1.3 Security Update
Red Hat Edge Manager Version 1.1.3 Security Update Red Hat Edge Manager RHEM provides simple, scalable, and security-focused management of edge devices and applications. It supports image-mode RHEL and container workloads that run on Podman/Docker or Kubernetes. RHEM is now available as a...
Microsoft Edge (Chromium-based) Tampering Vulnerability
Authentication bypass using an alternate path or channel in Microsoft Edge Chromium-based allows an unauthorized attacker to perform tampering over a network...
Important: Red Hat Security Advisory: Red Hat Edge Manager Version 1.1.3 Security Update
Red Hat Edge Manager Version 1.1.3 Security Update Red Hat Edge Manager RHEM provides simple, scalable, and security-focused management of edge devices and applications. It supports image-mode RHEL and container workloads that run on Podman/Docker or Kubernetes. RHEM is now available as a...
RHEL 10 / 9 : Red Hat Edge Manager Version 1.1.3 Security Update (Important) (RHSA-2026:41019)
The remote Redhat Enterprise Linux 10 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:41019 advisory. Red Hat Edge Manager RHEM provides simple, scalable, and security-focused management of edge devices and applications. It supports...
CVE-2026-49997
SurrealDB is a scalable, distributed, collaborative, document-graph database for the realtime web. Prior to 3.1.0, Document::purgeedges in surrealdb/core/src/doc/delete.rs automatically removed graph edge records with permissions disabled through opt.clone.withpermsfalse when a connected node was...
Important: Red Hat Security Advisory: Red Hat Edge Manager Version 1.1.3 Security Update
Red Hat Edge Manager Version 1.1.3 Security Update Red Hat Edge Manager RHEM provides simple, scalable, and security-focused management of edge devices and applications. It supports image-mode RHEL and container workloads that run on Podman/Docker or Kubernetes. RHEM is now available as a...
CVE-2026-49997
CVE-2026-49997 affects SurrealDB prior to version 3.1.0, where Document::purge_edges could bypass edge table permissions for delete and select when a connected node was deleted. The issue occurs as edge records connected to a deleted node were removed with permissions disabled, bypassing edge-tab...
JLSEC-2026-679 wolfSSL prior to 5.6.6 did not check that messages in one (D)TLS record do not span key...
wolfSSL prior to 5.6.6 did not check that messages in one DTLS record do not span key boundaries. As a result, it was possible to combine DTLS messages using different keys into one DTLS record. The most extreme edge case is that, in DTLS 1.3, it was possible that an unencrypted DTLS 1.3 record...
Microsoft and Adobe Patch Tuesday, July 2026 Security Update Review
Microsoft's July 2026 Patch Tuesday delivers security updates for a broad range of products and services, including several vulnerabilities that pose significant risks to enterprise environments. As attackers continue to target unpatched systems, the timely deployment of these updates remains one...
CVE-2026-57800
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Edge-Themes Overworld overworld allows PHP Local File Inclusion.This issue affects Overworld: from n/a through = 1.5...
CVE-2026-57788
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Edge-Themes Aalto aalto allows PHP Local File Inclusion.This issue affects Aalto: from n/a through = 1.8...
CVE-2026-57800 WordPress Overworld theme <= 1.5 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Edge-Themes Overworld overworld allows PHP Local File Inclusion.This issue affects Overworld: from n/a through = 1.5...
VMware NSX SD-WAN Edge - Command Injection
VMware NSX SD-WAN Edge formerly VeloCloud Edge before 3.1.2 contains an unauthenticated command injection in the local web UI diagnostic tools Ping/Traceroute. This template detects it reliably by injecting 'id', 'whoami', and a random marker. id: CVE-2018-6961 info: name: VMware NSX SD-WAN Edge ...
CVE-2026-58596
Untrusted pointer dereference in Microsoft Edge Chromium-based allows an unauthorized attacker to elevate privileges over a network...