4395 matches found
CraftCMS - Remote Code Execution
Craft is a flexible, user-friendly CMS for creating custom digital experiences on the web and beyond. Starting from version 3.0.0-RC1 to before 3.9.15, 4.0.0-RC1 to before 4.14.15, and 5.0.0-RC1 to before 5.6.17, Craft is vulnerable to remote code execution. This is a high-impact, low-complexity...
AIOHTTP is Vulnerable to Deserialization of Untrusted Data
Summary Using CookieJar.load with untrusted input may allow arbitrary code execution. Impact Most applications using this function will be doing so with the user's own data, so this is unlikely to affect many applications. Workaround If an application does allow attacker controlled files to be...
ROOT-APP-PYPI-CVE-2023-25577 CVE-2023-25577 in rootio-Werkzeug - Patched by Root
Root has patched CVE-2023-25577 in the rootio-Werkzeug package for Root:PyPI. Multiple fixed versions available...
CVE-2026-10264
A vulnerability was determined in lharries whatsapp-mcp 0.0.1. Affected by this vulnerability is the function SendMessageRequest of the file whatsapp-bridge/main.go of the component Send API Endpoint. This manipulation of the argument mediaPath causes path traversal. The exploit has been publicly...
EUVD-2026-34095
GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to versions 10.0.25 and 11.0.7, low privilege users with access to planning can delete any object in GLPI. Upgrade to 11.0.7 or 10.0.25 to receive a patch. As a workaround, disable delete rights for User'...
CVE-2026-42318 GLPI Vulnerable to Arbitrary Item Deletion via Planning Endpoint
GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to versions 10.0.25 and 11.0.7, low privilege users with access to planning can delete any object in GLPI. Upgrade to 11.0.7 or 10.0.25 to receive a patch. As a workaround, disable delete rights for User'...
ROOT-APP-PYPI-CVE-2026-26007 CVE-2026-26007 in rootio-cryptography - Patched by Root
Root has patched CVE-2026-26007 in the rootio-cryptography package for Root:PyPI. Multiple fixed versions available...
CVE-2022-31114 backpack/crud Vulnerable to Cross-site Scripting
backpack/crud provides Create, Read, Update & Delete CRUD functions for Backpack, a collection of Laravel packages that help users build custom administration panels. Versions prior to 5.0.13, 4.1.69, and 4.0.63 are vulnerable to cross-site scripting. An attacker could conduct a targeted phishing...
ROOT-OS-UBUNTU-2404-CVE-2026-31671 CVE-2026-31671 in rootio-linux - Patched by Root
Root has patched CVE-2026-31671 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2026-23204 CVE-2026-23204 in rootio-linux - Patched by Root
Root has patched CVE-2026-23204 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-38183 CVE-2025-38183 in rootio-linux - Patched by Root
Root has patched CVE-2025-38183 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2026-45892 CVE-2026-45892 in rootio-linux - Patched by Root
Root has patched CVE-2026-45892 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-23143 CVE-2025-23143 in rootio-linux - Patched by Root
Root has patched CVE-2025-23143 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2026-43468 CVE-2026-43468 in rootio-linux - Patched by Root
Root has patched CVE-2026-43468 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2026-31480 CVE-2026-31480 in rootio-linux - Patched by Root
Root has patched CVE-2026-31480 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-38047 CVE-2025-38047 in rootio-linux - Patched by Root
Root has patched CVE-2025-38047 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-71228 CVE-2025-71228 in rootio-linux - Patched by Root
Root has patched CVE-2025-71228 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-40240 CVE-2025-40240 in rootio-linux - Patched by Root
Root has patched CVE-2025-40240 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-21869 CVE-2025-21869 in rootio-linux - Patched by Root
Root has patched CVE-2025-21869 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-40124 CVE-2025-40124 in rootio-linux - Patched by Root
Root has patched CVE-2025-40124 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...