CVE-2026-42865

Inbox Zero is an AI personal assistant for email. Prior to 2.29.3, the cleaner email stream endpoint used a shared Redis subscription listener, which could deliver thread events for one authenticated account to another authenticated account using the cleaner feature at the same time. This...

GHSA-CHWH-F6GM-R836 Gotenberg: Server-Side Request Forgery via Chromium URL Endpoint with Redirect-Based Deny-List Bypass

A review of 4 published Gotenberg security advisories exposed an SSRF issue. GHSA-pjrr-jgp4-v2fm covers SSRF via the downloadFrom endpoint. GHSA-pcrp-7g9h-7qhp covers SSRF via the webhook endpoint. Neither advisory addresses SSRF through the primary Chromium URL-to-PDF conversion endpoint...

vulnerabilities handled in LiteLLM by BerriAI

BerriAI has addressed vulnerabilities in LiteLLM, specifically in versions 1.74.2 to 1.83.6. LiteLLM is a widely used proxy for managing APIs to a large number of LLM systems in a centralized manner. The first vulnerability involves an SQL injection in the proxy API key verification mechanism,...

Unity Linux 20.1060e / 20.1070e Security Update: apache-sshd (UTSA-2026-017596)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017596 advisory. A vulnerability in sshd-core of Apache Mina SSHD allows an attacker to overflow the server causing an OutOfMemory error. This issue affects the SFTP and port...

CVE-2026-3007

Successful exploitation of the stored cross-site scripting XSS vulnerability could allow an attacker to execute arbitrary JavaScript on any user account that has access to Koollab LMS’ courselet feature...

CVE-2021-47950

CVE-2021-47950 affects Advanced Guestbook 2.4.4. It describes a persistent cross-site scripting (XSS) vulnerability in the smilies administration interface caused by unsanitized input in the s_emotion parameter. An authenticated attacker can submit a POST request to admin.php with JavaScript code...

CVE-2021-47950 Advanced Guestbook 2.4.4 Persistent XSS via Smilies

Advanced Guestbook 2.4.4 contains a persistent cross-site scripting vulnerability in the smilies administration interface that allows authenticated attackers to inject malicious scripts by manipulating the semotion parameter. Attackers can submit POST requests to admin.php with JavaScript code in...

CVE-2026-42569

phpVMS is a PHP application to run and simulate an airline. Prior to version 7.0.6, a critical vulnerability in phpVMS allowed unauthenticated access to a legacy import feature. This issue has been patched in version 7.0.6...

CVE-2026-42569 phpvms: /importer authorization bypass causing full database wipe

phpVMS is a PHP application to run and simulate an airline. Prior to version 7.0.6, a critical vulnerability in phpVMS allowed unauthenticated access to a legacy import feature. This issue has been patched in version 7.0.6...

CVE-2026-8207

Gibbon versions before v30.0.01 are affected by an authenticated SQL Injection vulnerability by abusing the Tracking/graphing https://github.com/GibbonEdu/core/blob/c431e25fdc874adece5d2dc7e408e9aa2d1abadb/modules/Tracking/graphing.phpL145 feature. Successful exploitation requires Teacher or high...

CVE-2026-8207

Gibbon versions before v30.0.01 are affected by an authenticated SQL Injection vulnerability by abusing the Tracking/graphing https://github.com/GibbonEdu/core/blob/c431e25fdc874adece5d2dc7e408e9aa2d1abadb/modules/Tracking/graphing.phpL145 feature. Successful exploitation requires Teacher or high...

phpVMS 8 访问控制错误漏洞

phpVMS 8 is an open-source aviation simulation and flight management application based on Laravel. Prior to version 7.0.6 of phpVMS, there was a access control vulnerability that stemmed from allowing unauthorized access to the legacy import feature...

GHSA-WWQH-7JM5-GJ7W free5GC's PCF npcf-policyauthorization POST /app-sessions panics on suppFeat=1 with missing AfRoutReq via nil pointer dereference

Summary free5GC's PCF POST /npcf-policyauthorization/v1/app-sessions handler panics on a single authenticated request whose ascReqData.suppFeat == "1" enabling traffic-routing feature negotiation and whose medComponents entries supply an afAppId but NO AfRoutReq. The create path then calls...

EUVD-2026-28870

SysReptor is a fully customizable pentest reporting platform. Prior to version 2026.29, users with "User Admin" permissions can change the email addresses of users with "Superuser" permissions. If the SysReptor installation has the "Forgot Password" functionality enabled non-default, they can res...

EUVD-2026-28810

Insufficient input validation of the feature file name in feature::LOADFEATUREFILE adminbin call can cause arbitrary file read when a relative file path is passed...

CVE-2026-29201

Insufficient input validation of the feature file name in feature::LOADFEATUREFILE adminbin call can cause arbitrary file read when a relative file path is passed...

CVE-2026-29201

Insufficient input validation of the feature file name in feature::LOADFEATUREFILE adminbin call can cause arbitrary file read when a relative file path is passed...

CVE-2026-29201

Insufficient input validation in the feature::LOADFEATUREFILE AdminBin call in cPanel/WHM can lead to arbitrary file read when a relative file path is supplied. Affected product/version scope includes cPanel/WHM prior to versions listed as fixed in PT-2026-38673 (and WP Squared) such as 11.136.0....

CVE-2026-29201

Insufficient input validation of the feature file name in feature::LOADFEATUREFILE adminbin call can cause arbitrary file read when a relative file path is passed...

CVE-2026-29201

Insufficient input validation of the feature file name in feature::LOADFEATUREFILE adminbin call can cause arbitrary file read when a relative file path is passed...