5 matches found
CVE-2026-49009
Northern.tech Mender Server v4.1.0, v4.0.1 and below, and fixed in v4.1.1 and v4.0.2 allows Directory Traversal...
CVE-2026-44308
Spring Cloud AWS simplifies using AWS managed services in a Spring and Spring Boot applications. From 3.0.0 to 4.0.1, pplications using Spring Cloud AWS SNS HTTP/HTTPS endpoint support @NotificationMessageMapping, @NotificationSubscriptionMapping, @NotificationUnsubscribeConfirmationMapping did n...
CVE-2026-44308 Spring Cloud AWS: Missing SNS message signature verification allows spoofing of HTTP/HTTPS endpoint notifications
Spring Cloud AWS simplifies using AWS managed services in a Spring and Spring Boot applications. From 3.0.0 to 4.0.1, pplications using Spring Cloud AWS SNS HTTP/HTTPS endpoint support @NotificationMessageMapping, @NotificationSubscriptionMapping, @NotificationUnsubscribeConfirmationMapping did n...
PT-2026-24700
Name of the Vulnerable Software and Affected Versions Argo Workflows versions prior to 4.0.2 and 3.7.11 Description Argo Workflows, an open source container-native workflow engine for Kubernetes, has an issue where Workflow templates endpoints allow any client to retrieve WorkflowTemplates and...
WordPress WP Easy Contact Plugin <= 4.0.1 - PHP Object Injection Vulnerability
PHP Object Injection Vulnerability discovered by astra.r3verii in WordPress Plugin WP Easy Contact versions = 4.0.1...