PT-2026-3023

Name of the Vulnerable Software and Affected Versions Omnispace Agora Project versions prior to 25.10 Description A cross site scripting XSS issue exists in Omnispace Agora Project. This allows attackers to execute arbitrary code through the notify parameter of the file controller, which is used ...

Paessler PRTG Network Monitor 安全漏洞

Paessler PRTG Network Monitor is a network monitoring software from the German company Paessler. A security vulnerability exists in Paessler PRTG Network Monitor versions prior to 25.4.114, which can be exploited by an authenticated attacker to conduct a denial-of-service attack via the Notify...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: frndis: Refactor the bind path to use free After a bind/unbind cycle, the rndis-notifyreq remains stale. If a subsequent bind fails, the unified error handling mechanism attempts to free this stale request. This lead...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ACPI: Video – Fix for a use-after-free in acpivideoswitchbrightness The switchbrightnesswork delayed work accesses device-brightness and device-backlight, which were freed by acpivideodevunregisterbacklight during device removal...

OESA-2026-1047 xnio security update

XNIO is a simplified low-level I/O layer which can be used anywhere you are using NIO today. It frees you from the hassle of dealing with Selectors and the lack of NIO support for multicast sockets and non-socket I/O, while still maintaining all the capabilities present in NIO, and it opens the...

CVE-2023-50931

An issue was discovered in savignano S/Notify before 2.0.1 for Bitbucket. While an administrative user is logged on, the configuration settings of S/Notify can be modified via a CSRF attack. The injection could be initiated by the administrator clicking a malicious link in an email or by visiting...

PT-2026-6149

In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: Fix resource leaks on errors in lineinfo changed notify On error handling paths, lineinfo changed notify doesn't free the allocated resources which results leaks. Fix it...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992929)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992929 advisory. In the Linux kernel, the following vulnerability has been resolved: net: caif: Fix use-after-free in cfusbldevicenotify syzbot reported use-after-free in...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992967)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992967 advisory. In the Linux kernel, the following vulnerability has been resolved: can: bcm: Clear bo-bcmprocread after removeprocentry. syzbot reported a warning in bcmrelease. 0...

WordPress Draft Notify plugin cross-site scripting vulnerability

WordPress Draft Notify plugin is a WordPress plugin for managing draft notifications on your WordPress site. The WordPress Draft Notify plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, which...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992672)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992672 advisory. In the Linux kernel, the following vulnerability has been resolved: net: caif: Fix use-after-free in cfusbldevicenotify syzbot reported use-after-free in...

CVE-2025-67627

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in TouchOfTech Draft Notify draft-notify allows Stored XSS.This issue affects Draft Notify: from n/a through = 1.5...

EUVD-2025-205280

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in TouchOfTech Draft Notify draft-notify allows Stored XSS.This issue affects Draft Notify: from n/a through = 1.5...

CVE-2025-67627

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in TouchOfTech Draft Notify draft-notify allows Stored XSS.This issue affects Draft Notify: from n/a through = 1.5...

CVE-2025-67627 WordPress Draft Notify plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in TouchOfTech Draft Notify draft-notify allows Stored XSS.This issue affects Draft Notify: from n/a through = 1.5...

CVE-2025-67627 WordPress Draft Notify plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in TouchOfTech Draft Notify draft-notify allows Stored XSS.This issue affects Draft Notify: from n/a through = 1.5...

CVE-2025-67627

CVE-2025-67627 is a Stored XSS vulnerability in the Draft Notify (draft-notify) WordPress plugin from TouchOfTech. The Initial Description identifies it as Improper Neutralization of Input During Web Page Generation and notes the affected range as Draft Notify: from n/a through

UBUNTU-CVE-2022-50705

In the Linux kernel, the following vulnerability has been resolved: iouring/rw: defer fsnotify calls to task context We can't call these off the kiocb completion as that might be off soft/hard irq context. Defer the calls to when we process the taskwork for this request. That avoids valid...

WordPress plugin Draft Notify 安全漏洞

WordPress Draft Notify plugin is a WordPress plugin for managing draft notifications on your WordPress site. The WordPress Draft Notify plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, which...

PT-2025-53243

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in TouchOfTech Draft Notify draft-notify allows Stored XSS.This issue affects Draft Notify: from n/a through = 1.5...