PT-2026-32251

UAF vulnerability in the communication module. Impact: Successful exploitation of this vulnerability may affect availability...

PT-2026-32254

Race condition vulnerability in the power consumption statistics module. Impact: Successful exploitation of this vulnerability may affect availability...

PT-2026-32236

Access control vulnerability in the memo module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality...

📄 OpenSTAManager 2.9.8 SQL Injection

OpenSTAManager versions 2.9.8 and below suffer from a remote SQL injection vulnerability in the Stampe module. CVE-2025-69215: OpenSTAManager has an SQL Injection in the Stampe Module Overview | Field | Details | |---|---| | CVE ID | CVE-2025-69215 | | Severity | HIGH | | Advisory | View Advisory...

Important: python3.9

Issue Overview: When folding a long comment in an email header containing exclusively unfoldable characters, the parenthesis would not be preserved. This could be used for injecting headers into email messages where addresses are user-controlled and not sanitized. CVE-2025-11468 User-controlled...

PT-2026-32387

Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via module search. This issue affects Pandora FMS: from 777 through 800...

PT-2026-32520

Name of the Vulnerable Software and Affected Versions Vtiger CRM version 8.4.0 Description A reflected cross-site scripting XSS issue exists in the MailManager module, where XSS is a type of attack that injects malicious scripts into a trusted website. Improper handling of user-controlled input i...

PT-2026-32530

A vulnerability was determined in aandrew-me ytDownloader up to 3.20.2. This affects the function child process.exec of the file src/compressor.js of the component Compressor Feature. This manipulation causes command injection. The attack can only be executed locally. The exploit has been publicl...

PT-2026-32232

Race condition vulnerability in the event notification module. Impact: Successful exploitation of this vulnerability may affect availability...

PT-2026-32278

Out-of-bounds write vulnerability in the WEB module.Impact: Successful exploitation of this vulnerability will affect availability and confidentiality...

PT-2026-32230

Vulnerability of improper permission control in the theme setting module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a null pointer dereferencing in the clsflow module when shared blocks are involved, potentially...

PT-2026-32234

Name of the Vulnerable Software and Affected Versions LBS module affected versions not specified Description A permission bypass issue exists in the LBS module, which may affect availability. Recommendations At the moment, there is no information about a newer version that contains a fix for this...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A boundary-unlimited vulnerability exists in the Huawei HarmonyOS application read module, which can be exploited by an attacker to cause availability to be...

PT-2026-32247

UAF vulnerability in the screen management module. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2026-26460

A HTML Injection vulnerability exists in the Dashboard module of Vtiger CRM 8.4.0. The application fails to properly neutralize user-supplied input in the tabid parameter of the DashBoardTab view getTabContents action, allowing an attacker to inject arbitrary HTML content into the dashboard...

Amazon Linux 2023 : nginx, nginx-all-modules, nginx-core (ALAS2023-2026-1540)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1540 advisory. When the ngxmailauthhttpmodule module is enabled on NGINX Plus or NGINX Open Source, undisclosed requests can cause worker processes to terminate. This issue may occur when 1 CRAM-MD5 or APOP...

RLSA-2026:6632 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel net/mlx5: Use-after-free in ECVF vports unload leads to denial of service CVE-2025-38109 kernel: Linux kernel: Local denial of service and memory leak in DAMON sysfs via setu...

Exploit for SQL Injection in Devcode Openstamanager

CVE-2026-24419: OpenSTAManager has a SQL Injection in the Prim...

Exploit for SQL Injection in Devcode Openstamanager

CVE-2026-24418: OpenSTAManager has a SQL Injection vulnerabili...