EUVD-2026-33550

An incorrect handling of permissions in OTRS External Interface and the ConfigItem List module allows an authenticated customer to query the system for CI information. Please note that CMDB has to be anabled and CustomerGroupSupport has to be used to be affected. This issue affects OTRS: 7.0.X...

CVE-2026-48209

An improper neutralization of user-controllable input in OTRS or OTRS Community Edition ticket handling allows authenticated attackers to perform reflected cross-site scripting XSS attacks via crafted request parameters associated with ticket actions. By injecting malicious JavaScript into...

[SECURITY] Fedora 43 Update: chromium-148.0.7778.215-1.fc43

Chromium is an open-source web browser, powered by WebKit Blink...

[SECURITY] Fedora 44 Update: chromium-148.0.7778.215-1.fc44

Chromium is an open-source web browser, powered by WebKit Blink...

PT-2026-45660

eLabFTW is an open source electronic lab notebook. Prior to version 5.4.2, in certain cases, an authenticated user performing a numeric reference/search can return results that include resources the requesting user is not authorized to view. The exposed information is limited only the title...

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There are security vulnerabilities in Google Android, which stem from boundary checking errors in multiple functions, potentially leading to local privilege escalation...

Langroid 代码注入漏洞

Langroid is an open-source tool developed using multi-agent programming for LLM tasks. Versions of Langroid prior to 0.63.0 contained a code injection vulnerability. This vulnerability stemmed from SQLChatAgent executing SQL statements generated by the LLM. It could be exploited via prompt...

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by the American company Google. There are security vulnerabilities in Google Android, which stem from permission bypasses, potentially leading to an increase in local privileges...

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There are security vulnerabilities in Google Android, which stem from SQL injections in several functions, potentially leading to local privilege escalation...

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There are security vulnerabilities in Google Android, which stem from logical errors in multiple functions within ubsanthrowingruntime.cpp. These vulnerabilities may lead to permanent denial-of-service...

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by the American company Google. There are security vulnerabilities in Google Android, which stem from logical errors that may lead to the disclosure of local information...

FlexRIC 安全漏洞

FlexRIC is an open-source RAN intelligent controller developed by Mosaic5G. The FlexRIC v2.0.0 version contains a security vulnerability. This vulnerability arises from trusting the xappid field in the trust E42 message without binding it to the sender’s SCTP association. As a result, remote...

CloakBrowser 路径遍历漏洞

CloakBrowser is an open-source browser tool developed by CloakHQ that bypasses robot detection. Versions of CloakBrowser prior to 0.3.28 contained a path traversal vulnerability. This vulnerability stemmed from the cloakserve CDP multiplexer directly using the user-provided fingerprint query...

SourceCodester Pet Grooming Management Software 安全漏洞

SourceCodester Pet Grooming Management Software is an open-source pet grooming management system developed by SourceCodester. Version 1.0 of SourceCodester Pet Grooming Management Software contains a security vulnerability. This vulnerability arises from improper operations with files in the admi...

CloudPirates Open Source Helm Charts 代码注入漏洞

CloudPirates Open Source Helm Charts is a collection of Helm Charts for cloud-native applications, developed by CloudPirates.io. Previous versions of CloudPirates Open Source Helm Charts had a code injection vulnerability. This vulnerability stemmed from GitHub Actions workflows exposing sensitiv...

Student-Management-System 安全漏洞

Student-Management-System is an open-source student information management system developed by Cyber-III. There is a security vulnerability in Student-Management-System, which stems from incorrect operations with the parameter uid in the admin/ file within the Admin Endpoint component. This...

nanobot 代码问题漏洞

Nanobot is a lightweight personal AI assistant open-source by Data Intelligence Lab@HKU. Versions of Nanobot prior to 0.2.1 contained code vulnerabilities. These vulnerabilities stemmed from issues with server-side request forgeing in the webFetch tool. This could allow remote attackers to access...

PT-2026-45468

Name of the Vulnerable Software and Affected Versions CloudPirates Open Source Helm Charts versions prior to commit fcf9302 Description A GitHub Actions workflow named 'generate-schema.yaml' exposes sensitive credentials, specifically a Personal Access Token and an SSH signing key, to code...

SourceCodester Pharmacy Sales and Inventory System 安全漏洞

SourceCodester Pharmacy Sales and Inventory System is an open-source medication sales and inventory management system developed by SourceCodester. Versions of the SourceCodester Pharmacy Sales and Inventory System prior to version 1.0 contained security vulnerabilities. These vulnerabilities were...

goclaw 授权问题漏洞

Goclaw is an open-source multi-tenant AI agent platform developed by Next Level Builder. Goclaw versions 3.11.3 and earlier have a vulnerability related to authorization. This vulnerability stems from improper authorization in the auth function within the internal/http/evolutionhandlers.go file,...