CVE-2026-49489

OpenCATS up to version 0.9.7.4 is affected by an SQL injection in the DataGrid sortDirection parameter, enabling an authenticated user to exfiltrate data via ajax/getDataGridPager.php. The underlying issue is a vulnerable sortDirection parameter that allows time-based blind injections, potentiall...

CVE-2026-44463

Zed is a code editor. Prior to 0.229.0, Zed's terminal tool permission system can be bypassed by prepending environment variable assignments to allowlisted commands, hijacking program behavior e.g., PAGER to execute arbitrary code. This vulnerability is fixed in 0.229.0...

CVE-2026-44463

Zed is a code editor. Prior to 0.229.0, Zed's terminal tool permission system can be bypassed by prepending environment variable assignments to allowlisted commands, hijacking program behavior e.g., PAGER to execute arbitrary code. This vulnerability is fixed in 0.229.0...

CLSA-2026-1777378650 Fix CVE(s): CVE-2023-26604

SECURITY UPDATE: systemctl may pass arbitrary shell commands from a pager like more1 that does not honor LESSSECURE, allowing privilege escalation under sudo. - debian/patches/CVE-2023-26604.patch: set LESSSECURE=1 when invoking a pager, rename to SYSTEMDPAGERSECURE, gate insecure pagers behind...

[SECURITY] Fedora 42 Update: rust-git-delta-0.18.2-13.fc42

A syntax-highlighting pager for git...

[SECURITY] Fedora 43 Update: rust-git-delta-0.18.2-13.fc43

A syntax-highlighting pager for git...

CVE-2025-61658

Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/GlobalContributions/GlobalContributionsPager.Php. This issue affects CheckUser: from before 1.43.4, 1.44.1...

CVE-2025-61645

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/pager/CodexTablePager.Php. This issue affects MediaWiki: from before 1.44.1...

CVE-2025-61658

CVE-2025-61658 pertains to Wikimedia Foundation CheckUser. The vulnerability is tied to the GlobalContributionsPager.Php component and affects CheckUser versions prior to 1.43.4 and 1.44.1. From the connected records, the issue is documented across NVD, Red Hat, CVE listings, and other feeds, wit...

Information Exposure

Overview mediawiki/core is a Free software wiki application developed by the Wikimedia Foundation and others. Note: This package is not maintained on Packagist anymore, but newer releases exist. Affected versions of this package are vulnerable to Information Exposure via the BlockListPager and...

CVE-2025-6927

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/specials/pagers/BlockListPager.Php, includes/api/ApiQueryBlocks.Php. This issue affects MediaWiki: from = 1.42.0 before 1.39.13, 1.42.7 1.43.2, 1.44.0...

UBUNTU-CVE-2025-6589

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/specials/pagers/BlockListPager.Php. This issue affects MediaWiki: = 1.42.0...

CVE-2025-6589 With MultiBlocks enabled and a user who is suppressed via a MultiBlock, a user without 'hideuser' can see the hidden username in the BlockList

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/specials/pagers/BlockListPager.Php. This issue affects MediaWiki: = 1.42.0...

CVE-2025-6927

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/specials/pagers/BlockListPager.Php, includes/api/ApiQueryBlocks.Php. This issue affects MediaWiki: from = 1.42.0 before 1.39.13, 1.42.7 1.43.2, 1.44.0...

CVE-2025-6927

CVE-2025-6927 affects Wikimedia Foundation MediaWiki components BlockListPager.Php and ApiQueryBlocks.Php, enabling information exposure via autoblocks/global suppressions. Affected versions include MediaWiki core releases 1.42.x prior to 1.39.13, 1.42.7–1.43.2, and 1.44.0; remediation is to upgr...

📄 macOS 10.12.2 XNU Kernel Race Condition

This proof of concept code demonstrates a race condition observed in the setdpcontrolport function within XNU kernel versions prior to macOS 10.12.2 and iOS 10.2...

[SECURITY] Fedora 42 Update: ov-0.50.2-1.fc42

Feature-rich terminal-based text viewer. It is a so-called terminal pager...

[SECURITY] Fedora 43 Update: ov-0.50.2-1.fc43

Feature-rich terminal-based text viewer. It is a so-called terminal pager...

[SECURITY] Fedora 42 Update: vgrep-2.8.0-4.fc42

vgrep is a pager for grep, git-grep, ripgrep and similar grep implementations, and allows for opening the indexed file locations in a user-specified editor such as vim or emacs. vgrep is inspired by the ancient cgvg scripts but extended to perform further operations such as listing statistics of...

[SECURITY] Fedora 41 Update: vgrep-2.8.0-4.fc41

vgrep is a pager for grep, git-grep, ripgrep and similar grep implementations, and allows for opening the indexed file locations in a user-specified editor such as vim or emacs. vgrep is inspired by the ancient cgvg scripts but extended to perform further operations such as listing statistics of...