Imperva Customers Protected Against CVE-2026-41940 in cPanel & WHM

What is CVE-2026-41940? CVE-2026-41940 is a critical authentication bypass vulnerability affecting cPanel & WHM, including DNSOnly, in versions after 11.40. The flaw, discovered by WatchTowr Labs, exists in the login flow and allows unauthenticated remote attackers to gain unauthorized access to...

CVE-2026-41635

creationtimestamp| type| source ---|---|--- 2026-04-27 09:09:56+00:00| seen| https://ccb.belgium.be/advisories/warning-critical-arbitrary-code-execution-vulnerability-apache-mina-patch-immediately 2026-05-01 01:27:07+00:00| seen| https://bsky.app/profile/getpokemon7.bsky.social/post/3mkqxxdbwbc2e...

CVE-2026-24018

creationtimestamp| type| source ---|---|--- 2026-03-11 10:50:56+00:00| seen| https://www.acn.gov.it/portale/w/vulnerabilita-in-prodotti-fortinet-8 2026-03-11 14:43:25+00:00| seen| https://ccb.belgium.be/advisories/warning-fortinet-patched-22-vulnerabilities-multiple-products-patch-immediately...

WordPress Gutentype Theme <= 2.1.11 is vulnerable to Local File Inclusion

Software Gutentype Type Theme Vulnerable versions = 2.1.11 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-26592 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 42f4a10f514e Credits Bonds Required privilege Unauthenticated Publish...

PT-2024-38656 · Special Minds Design · E-Commerce

Name of the Vulnerable Software and Affected Versions: Special Minds Design and Software e-Commerce versions prior to 22.11.2024 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL...

PT-2024-15284

Name of the Vulnerable Software and Affected Versions VMware vCenter Server versions prior to the latest patch release Description A critical security issue in VMware vCenter Server allows attackers to execute remote code on affected systems. This flaw is being actively exploited by cybercriminal...

PT-2024-16833

Name of the Vulnerable Software and Affected Versions EasyPHP version 14.1 Description The issue is an absolute path traversal vulnerability, which could allow remote users to bypass SecurityManager restrictions and retrieve any file stored on the server. This is achieved by setting consecutive...

PT-2024-16779 · Unknown · Code-Projects Job Recruitment

Name of the Vulnerable Software and Affected Versions: code-projects Job Recruitment version 1.0 Description: A critical issue has been found in the code-projects Job Recruitment software. The problem affects an unknown functionality of the file admin.php. The manipulation of the userid argument...

PT-2024-16783 · Dedecms · Dedecms

Name of the Vulnerable Software and Affected Versions: DedeCMS version 5.7.116 Description: A vulnerability has been found in DedeCMS, affecting the file /dede/uploads/dede/friendlink add.php. The manipulation of the logoimg argument leads to unrestricted upload. It is possible to initiate the...

PT-2024-16497 · Unknown · Projectworlds Life Insurance Management System

Name of the Vulnerable Software and Affected Versions: Project Worlds Life Insurance Management System version 1.0 Description: A critical issue has been found in the system, affecting an unknown part of the file /editPayment.php. The manipulation of the recipt no argument leads to SQL injection...

PT-2024-33573 · Unknown · Mytweetlinks

Name of the Vulnerable Software and Affected Versions: MyTweetLinks versions n/a through 1.1.1 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements in SQL commands, allowing Blind SQL Injection. This can lead to data compromise...

PT-2024-33240 · Unknown · Automatic Systems Maintenance Slimlane

Name of the Vulnerable Software and Affected Versions: Automatic Systems Maintenance SlimLane version 29565 d74ecce0c1081d50546db573a499941b10799fb7 Description: The issue allows a remote attacker to escalate privileges via the FtpConfig.php page. This can grant unauthorized access, potentially...

PT-2024-29676 · Unknown · Tem Opera Plus Fm Family Transmitter

Name of the Vulnerable Software and Affected Versions: TEM Opera Plus FM Family Transmitter version 35.45 Description: The TEM Opera Plus FM Family Transmitter application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the...

PT-2024-9226 · 2N · 2N Access Commander

Name of the Vulnerable Software and Affected Versions: 2N Access Commander versions 3.1.1.2 and prior Description: The issue is related to an Insufficient Verification of Data Authenticity, which could allow an attacker to escalate their privileges and gain root access to the system. This...

PT-2024-32086 · Helpdesk · Helpdesk

Name of the Vulnerable Software and Affected Versions: HelpDeskZ version 2.0.2 Description: A cross-site scripting XSS vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name text field of Custom Fields message box. This issue potential...

PT-2024-23818 · Open Networking Foundation · Libfluid

Name of the Vulnerable Software and Affected Versions: libfluid version 0.1.0 Description: The issue is an Out-of-bounds Read vulnerability in the Open Networking Foundation ONF libfluid, specifically in the libfluid msg modules. It is associated with the program routines fluid...

PT-2024-31976 · Unknown · Best House Rental Management System

Name of the Vulnerable Software and Affected Versions: Best House Rental Management System version 1.0 Description: The issue concerns an arbitrary file upload vulnerability in the signup function of the file rental/admin class.php. This could potentially lead to system compromise. There is no...

PT-2024-31152 · Unknown · Best Free Law Office Management

Name of the Vulnerable Software and Affected Versions: Best Free Law Office Management Software version 1.0 Description: The issue allows an attacker to execute arbitrary code and obtain sensitive information via a crafted payload to the "kortex lite/control/register case.php" interface. This...

PT-2024-39132 · Unknown · Itsourcecode Tailoring Management System

Name of the Vulnerable Software and Affected Versions: itsourcecode Tailoring Management System version 1.0 Description: A critical issue was found in the itsourcecode Tailoring Management System, affecting an unknown functionality of the file ssms.php. The manipulation of the customer argument...

PT-2024-7268

Name of the Vulnerable Software and Affected Versions: CPython versions prior to 3.13.0 Description: The issue is related to the 'http.cookies' standard library module in CPython. When parsing cookies that contain backslashes for quoted characters in the cookie value, the parser uses an algorithm...