CVE-2026-50884

Incorrect access control in statping-ng v0.93.0 allows attackers to escalate privileges to Administrator and access sensitive components...

PT-2026-49230

Incorrect Privilege Assignment vulnerability in ThemeGrill Masteriyo - LMS allows Privilege Escalation. This issue affects Masteriyo - LMS: from n/a through 2.2.0...

CVE-2026-50881

The vulnerability CVE-2026-50881 affects impworks Bonsai v6.0 and is due to incorrect access control. Authenticated attackers with Editor privileges can escalate to Administrator and perform unauthorized account, password, and configuration changes. The NVD/ENISA and related sources describe the ...

CVE-2026-50884

CVE-2026-50884 affects statping-ng v0.93.0. Description: incorrect access control may allow attackers to escalate privileges to Administrator and access sensitive components. Documents list no public patch/version to mitigate or confirm exploitation details; no explicit root-cause technical speci...

PT-2026-49376

Shop manager Privilege Escalation in WooCommerce Cart Abandonment Recovery 2.1.0 versions...

PT-2026-49325

Name of the Vulnerable Software and Affected Versions statping-ng version 0.93.0 Description Incorrect access control allows attackers to escalate privileges to Administrator and access sensitive components. Recommendations At the moment, there is no information about a newer version that contain...

PT-2026-49201

The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, does not sufficiently validate the branch code when a new branch is created. The branch code is later used in multiple application functions, including filesystem path generation for uploaded files, profile pictures, and...

PT-2026-49285

Name of the Vulnerable Software and Affected Versions Microvirt MEmu Android Emulator version 9.2.7.0 Description A flaw in the MemuService.exe component allows a local attacker to perform a Windows Service Hijacking attack, leading to local privilege escalation to SYSTEM level. Recommendations A...

PT-2026-49190

Name of the Vulnerable Software and Affected Versions Ricoh Company, Ltd. printer drivers affected versions not specified KONICA MINOLTA JAPAN, INC. printer drivers affected versions not specified Description Multiple printer drivers contain a flaw that allows a user who has already logged into a...

PT-2026-49403

Unauthenticated Privilege Escalation in WP BASE Booking = 5.9.0 versions...

PT-2026-49501

Unauthenticated Privilege Escalation in Listdom = 5.5.0 versions...

CVE-2026-36213

The vulnerability CVE-2026-36213 affects Microvirt MEmu Android Emulator (Windows) up to version 9.2.7.0, in the MemuService.exe component. The issue enables local privilege escalation because the MemuSVC service runs with SYSTEM-level privileges while its binary is writable by a local user, allo...

UBUNTU-CVE-2026-8632

A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software. This potential vulnerability may allow escalation of privileges and/or arbitrary code execution via operating system command injection...

GeoVision LPC2011/LPC2211 Web Interface / ssi.cgi privilege escalation vulnerability

Summary A privilege escalation vulnerability exists in the Web Interface / ssi.cgi functionality of LPC2011/LPC2211 versions: 1.10. A specially crafted HTTP request can lead to credentials leak. An attacker can visit a webpage to trigger this vulnerability. Confirmed Vulnerable Versions The...

GeoVision LPC2011/LPC2211 Web Interface privilege escalation vulnerability

Summary A privilege escalation vulnerability exists in the Web Interface functionality of LPC2011/LPC2211 versions: 1.10. A specially crafted HTTP request can lead to execute priviledged operation. An attacker can visit a webpage to trigger this vulnerability. Confirmed Vulnerable Versions The...

PT-2026-49178

Name of the Vulnerable Software and Affected Versions DVDFab Virtual Drive version 2.0.0.5 Description Improper privilege management exists within the Signed Kernel Driver component, specifically affecting a function in the dvdfabio.sys library. This issue allows a local attacker to manipulate th...

PT-2026-49222

WordPress appointment-booking-calendar 1.1.24 contains multiple privilege escalation vulnerabilities that allow unauthenticated attackers to modify calendar settings and inject persistent cross-site scripting payloads through the admin.php page parameters. Attackers can inject malicious JavaScrip...

VulnCheck KEV: CVE-2026-39813

A path traversal: '../filedir' vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8 may allow attacker to escalation of privilege via specially crafted HTTP requests...

PT-2026-49492

Name of the Vulnerable Software and Affected Versions Amelia versions prior to 2.4 Description A privilege escalation issue exists where users with Subscriber roles can gain higher privileges. Recommendations Update to a version later than 2.3...

lab-purple-team

Lab Purple Team - Active Directory !screenshots/wazuhsecu...