EUVD-2026-36365

Incomplete input validation and improperly configured folder permissions within Idira Privileged Session Manager PSM versions prior to 15.0.3, 14.6.3, 14.2.5, and 14.0.5, an authenticated, low-privileged user could potentially execute arbitrary code. CyberArk Security Bulletin: CA26-17 and CA26-1...

Weblate 安全漏洞

Weblate is an open-source, copyleft, web-based free software system for continuous localization. Versions of Weblate prior to 5.17 contained security vulnerabilities. These vulnerabilities stemmed from the task API not verifying user access permissions, which could allow unauthorized users to...

WordPress Plugin Document Embedder has a security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There ar...

The vulnerability of the application-collabora office package of the XWiki Platform, a platform for creating collaborative web applications. This vulnerability allows an attacker to open arbitrary Office attachments during viewing or editing mode.

The vulnerability of the application-collabora office package of the XWiki Platform, a platform for creating collaborative web applications, is related to errors in the use of standard permissions. Exploiting this vulnerability allows a malicious actor to open arbitrary Office attachments during...