CVE-2026-43325 wifi: iwlwifi: mvm: don't send a 6E related command when not supported

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't send a 6E related command when not supported MCCALLOWEDAPTYPECMD is related to 6E support. Do not send it if the device doesn't support 6E. Apparently, the firmware is mistakenly advertising support for...

cPanel 输入验证错误漏洞

cPanel is a web-based automated hosting platform developed by the cPanel company in the United States. This platform is primarily used for automating the management of websites and servers. cPanel has a vulnerability related to input validation errors. This vulnerability stems from insufficient...

PT-2026-39211

Name of the Vulnerable Software and Affected Versions SysReptor versions prior to 2026.29 Description Users with "User Admin" permissions can modify the email addresses of users with "Superuser" permissions. When the "Forgot Password" functionality is enabled, these users can reset Superuser...

PT-2026-39247

Name of the Vulnerable Software and Affected Versions free5GC versions prior to 4.2.2 Description The PCF handler for the endpoint "/npcf-policyauthorization/v1/app-sessions" contains a flaw that causes a runtime panic when processing a specific authenticated request. This occurs when the...

CVE-2026-4348

The BetterDocs Pro plugin for WordPress is vulnerable to SQL Injection via the getcurrentletterdocs and docssortbyletter AJAX actions in all versions up to, and including, 3.7.0. This is due to the limit POST parameter being interpolated directly into a SQL query string before being passed to...

CVE-2026-4348

The BetterDocs Pro plugin for WordPress is vulnerable to SQL Injection via the getcurrentletterdocs and docssortbyletter AJAX actions in all versions up to, and including, 3.7.0. This is due to the limit POST parameter being interpolated directly into a SQL query string before being passed to...

EUVD-2026-28319

The BetterDocs Pro plugin for WordPress is vulnerable to SQL Injection via the getcurrentletterdocs and docssortbyletter AJAX actions in all versions up to, and including, 3.7.0. This is due to the limit POST parameter being interpolated directly into a SQL query string before being passed to...

CVE-2026-4348

CVE-2026-4348 affects the BetterDocs Pro WordPress plugin (≤ 3.7.0). The vulnerability is an unauthenticated SQL injection in the get_current_letter_docs and docs_sort_by_letter AJAX actions, where the limit POST parameter is interpolated directly into a SQL query before $wpdb->prepare(), enab...

CVE-2026-4348 BetterDocs Pro <= 3.7.0 - Unauthenticated SQL Injection via Encyclopedia 'limit' Parameter

The BetterDocs Pro plugin for WordPress is vulnerable to SQL Injection via the getcurrentletterdocs and docssortbyletter AJAX actions in all versions up to, and including, 3.7.0. This is due to the limit POST parameter being interpolated directly into a SQL query string before being passed to...

CVE-2026-4348 BetterDocs Pro <= 3.7.0 - Unauthenticated SQL Injection via Encyclopedia 'limit' Parameter

The BetterDocs Pro plugin for WordPress is vulnerable to SQL Injection via the getcurrentletterdocs and docssortbyletter AJAX actions in all versions up to, and including, 3.7.0. This is due to the limit POST parameter being interpolated directly into a SQL query string before being passed to...

Gotenberg vulnerable to unauthenticated SSRF via default deny-list bypass in downloadFrom and webhook

Summary The default deny-lists used by Gotenberg's downloadFrom feature and webhook feature are bypassable. Because the filter is regex-based and case-sensitive, an unauthenticated attacker can supply URLs such as http://::ffff:127.0.0.1:... and reach loopback or private HTTP services that the...

PT-2026-38386

Name of the Vulnerable Software and Affected Versions Gotenberg versions prior to 8.31.0 Description An unauthenticated attacker can bypass the default deny-lists used by the downloadFrom and webhook features. The issue occurs because the filtering logic uses case-sensitive regular expressions th...

PT-2026-38341

The BetterDocs Pro plugin for WordPress is vulnerable to SQL Injection via the get current letter docs and docs sort by letter AJAX actions in all versions up to, and including, 3.7.0. This is due to the limit POST parameter being interpolated directly into a SQL query string before being passed ...

Directory Traversal

Overview thorsten/phpmyfaq is a FAQ system for PHP and MySQL, PostgreSQL and other databases Affected versions of this package are vulnerable to Directory Traversal in the deleteClientFolder process. An attacker can delete arbitrary directories on the server by submitting a crafted URL containing...

CVE-2026-7978

Inappropriate implementation in Companion in Google Chrome on Mac prior to 148.0.7778.96 allowed a remote attacker to perform OS-level privilege escalation via malicious network traffic. Chromium security severity: Medium...

CVE-2026-8009

Inappropriate implementation in Cast in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

CVE-2026-7945

Insufficient validation of untrusted input in COOP in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-41936 Vvveb < 1.0.8.2 XML External Entity Injection via Import

Vvveb before version 1.0.8.2 contains an XML external entity XXE injection vulnerability in the admin Tools/Import feature that allows authenticated siteadmin users to read arbitrary files and modify database records. Attackers can exploit the XML parser configuration in system/import/xml.php to...

CVE-2026-7978

Inappropriate implementation in Companion in Google Chrome on Mac prior to 148.0.7778.96 allowed a remote attacker to perform OS-level privilege escalation via malicious network traffic. Chromium security severity: Medium...

CVE-2026-7960

Race in Speech in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...