EUVD-2026-37060

The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Privilege Escalation to Administrator in versions up to, and including, 5.5.1. The plugin chains three independent flaws that together allow an authenticated Agent Agent+ to overwrite a...

CVE-2026-49083

Summary: CVE-2026-49083 affects the WordPress LatePoint plugin and is a privilege-escalation vulnerability in versions ≤ 5.5.1. What’s affected: WordPress LatePoint plugin (versions up to and including 5.5.1). Impact (as per provided metrics): CVSS 3.1 base score 7.5 (High), with network attack v...

CVE-2026-49083 WordPress LatePoint plugin <= 5.5.1 - Privilege Escalation vulnerability

Contributor Privilege Escalation in LatePoint = 5.5.1 versions...

EUVD-2026-36871

Unauthenticated Privilege Escalation in Listdom = 5.5.0 versions...

CVE-2026-49063 WordPress Listdom plugin <= 5.5.0 - Privilege Escalation vulnerability

Unauthenticated Privilege Escalation in Listdom = 5.5.0 versions...

CVE-2026-42665

Summary (CVE-2026-42665): Unauthenticated SQL Injection in the WordPress plugin “WP Data Access” (versions

CVE-2026-45328

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.4 and 6.0, the esptee component exposes secure-service wrappers in espsecureservices.c and espsecureservicesiram.c that bridge calls from the user application i.e. the REE to TEE-protected hardware peripherals...

WordPress LatePoint plugin <= 5.5.1 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by VanTastic in WordPress Plugin LatePoint versions = 5.5.1...

CVE-2021-47970 Macaron Notes 5.5 Denial of Service via Buffer Overflow

Macaron Notes 5.5 contains a denial of service vulnerability that allows attackers to crash the application by creating notes with excessively long character strings. Attackers can generate a payload containing 350000 repeated characters and paste it into a note field to trigger application crash...

Macaron Notes 安全漏洞

Macaron Notes is a note-taking application developed by Macaron Corporation that supports sticky note recording, schedule organization, and personalized theme management. Version 5.5 of Macaron Notes contains a security vulnerability. This vulnerability stems from allowing attackers to cause...

PT-2026-41456

Name of the Vulnerable Software and Affected Versions Macaron Notes version 5.5 Description A denial of service issue allows attackers to crash the application by creating notes with excessively long character strings. An attacker can trigger the crash and stop functionality by pasting a payload...

openSUSE 16 Security Update : raylib (openSUSE-SU-2026:20717-1)

"The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20717-1 advisory. Changes in raylib: - security update: CVE-2025-15533: Fix heap-based buffer overflow via GenImageFontAtlas function manipulation bsc1256900...

PT-2026-41126

Name of the Vulnerable Software and Affected Versions ClipBucket versions prior to 5.5.3 - 122 Description An SQL Injection SQLi issue exists in the authenticated admin endpoint "admin area/action logs.php". The endpoint processes the type parameter, which is passed to the fetch action logs...

OPENSUSE-SU-2026:20717-1 Security update for raylib

This update for raylib fixes the following issues: Changes in raylib: - security update: CVE-2025-15533: Fix heap-based buffer overflow via GenImageFontAtlas function manipulation bsc1256900 CVE-2025-15534: Fix integer overflow vulnerability in LoadFontData bsc1256901 - Update to 5.5: NEW raylib...

WordPress WP Data Access plugin <= 5.5.70 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Mukhlis Amien in WordPress Plugin WP Data Access versions = 5.5.70...

EUVD-2026-28881

The LatePoint plugin for WordPress is vulnerable to Account Takeover via Weak Password Recovery Mechanism in the unauthenticated guest booking flow in versions up to, and including, 5.5.0 This is due to the saveconnectedwordpressuser function propagating a LatePoint customer's email address to it...

WordPress LatePoint – Calendar Booking Plugin for Appointments and Events plugin <= 5.5.0 - Unauthenticated Stored Cross-Site Scripting vulnerability

Unauthenticated Stored Cross-Site Scripting vulnerability discovered by AmonRa in WordPress Plugin LatePoint versions = 5.5.0...

CVE-2026-7332 LatePoint <= 5.5.0 - Unauthenticated Stored Cross-Site Scripting via 'booking_form_page_url' Parameter

The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bookingformpageurl' parameter in all versions up to, and including, 5.5.0 due to insufficient input sanitization and output escaping. This makes it possib...

CVE-2026-7332

The CVE affects the LatePoint WordPress plugin (Calendar Booking Plugin for Appointments and Events), up to version 5.5.0. The root cause is insufficient input sanitization and output escaping for the booking_form_page_url parameter, enabling unauthenticated stored XSS. Impact stated: arbitrary s...

Astra Linux - уязвимость в linux

A flaw was found in the Linux kernel's implementation of string matching within a packet. A privileged user with root or CAPNETADMIN when inserting iptables rules could insert a rule which can panic the system. Kernel before kernel 5.5-rc1 is affected...