PT-2026-39201

Name of the Vulnerable Software and Affected Versions SolidCAM-GPPL-IDE versions 1.0.0 through 1.0.1 Description The GpplDocumentLinkHandler resolves the filename directive in GPPL postprocessor files into clickable links. The handler accepts arbitrary absolute, relative, UNC, and subfolder paths...

EUVD-2026-22991

Git for Windows is the Windows port of Git. Versions prior to 2.53.0.windows.3 do not have protections that prevent attackers from obtaining a user's NTLM hash. The NTLM hash can be obtained by tricking users into cloning a malicious repository, or checking out a malicious branch, that accesses a...

PT-2026-24430

Git for Windows is the Windows port of Git. Prior to 2.53.02, it is possible to obtain a user's NTLM hash by tricking them into cloning from a malicious server. Since NTLM hashing is weak, it is possible for the attacker to brute-force the user's account name and password. This vulnerability is...

GHSA-HFV2-PF68-M33X Umbraco Vulnerable to Improper File Access and Credential Exposure in Dictionary Import Functionality

Impact Due to unsafe handling and deletion of temporary files during the dictionary upload process, an attacker with access to the backoffice can trigger predictable requests to temporary file paths. The application’s error responses HTTP 500 when a file exists, 404 when it does not allow the...

PT-2025-41477

Name of the Vulnerable Software and Affected Versions Newforma Info Exchange NIX affected versions not specified Description Newforma Info Exchange NIX contains a flaw in the '/NPCSRemoteWeb/LegacyIntegrationServices.asmx' endpoint that allows a remote, unauthenticated attacker to force NIX to...

The vulnerability of the cross-platform access control system IBM i Access Client Solutions, related to improper session management, allows a hacker to intercept the user’s session and disclose sensitive information about the NT LAN Manager hash (NTLM).

The vulnerability of the cross-platform access control system IBM i Access Client Solutions is related to improper session management. Exploiting this vulnerability can allow an attacker to intercept a user’s session and disclose sensitive information about the NT LAN Manager hash NTLM...

PT-2024-6576 · Veeam · Veeam Backup Enterprise Manager +1

Name of the Vulnerable Software and Affected Versions: Veeam Backup Enterprise Manager affected versions not specified Description: The issue allows high-privileged users to steal the NTLM hash of the Enterprise manager service account. This is related to insufficient access control in Veeam Back...

Veeam Recovery Orchestrator Security Breach

Veeam Recovery Orchestrator is a Veeam company that provides comprehensive reporting, automated testing, and at-a-glance compliance dashboards. A security vulnerability exists in Veeam Recovery Orchestrator. An attacker could exploit the vulnerability to access the NTLM hash of a service account...

PT-2023-15777 · Jetbrains · Jetbrains Intellij Idea

Name of the Vulnerable Software and Affected Versions: JetBrains IntelliJ IDEA versions prior to 2023.1 Description: The issue concerns the potential leak of NTLM hash through an API method in the built-in web server of JetBrains IntelliJ IDEA. Recommendations: For versions prior to 2023.1, updat...

Microsoft Windows: Network security: Do not store LAN Manager hash value on next password change

This policy setting determines whether LAN Manager is prevented from storing hash values for the new password the next time the password is changed. Hash values are a representation of the password after the encryption algorithm is applied that corresponds to the format that is specified by the...