CVE-2026-5075

The All in One SEO plugin for WordPress is vulnerable to Sensitive Information Exposure via 'internalOptions' localized script data in versions up to, and including, 4.9.7 due to sensitive internal option data being passed to wplocalizescript in post editor contexts without effective masking for...

CVE-2026-4630 Keycloak: keycloak: unauthorized resource access and data modification via insecure direct object reference

A flaw was found in Keycloak. An authenticated client could exploit an Insecure Direct Object Reference IDOR vulnerability in the Authorization Services Protection API endpoint. By knowing or obtaining a resource's unique identifier UUID belonging to another Resource Server within the same realm,...

9router: Unauthenticated Remote Code Execution via unprotected MCP custom plugin routes

9router exposes two unauthenticated API endpoints that, when chained together, allow any network-adjacent attacker to execute arbitrary OS commands as the user running the 9router process — with zero prerequisites and no credentials required. The vulnerability exists because the Next.js middlewar...

10 Top OSINT Tools Every Investigator Should Know in 2026

Modern OSINT platforms rely more on AI and automation, while older social tracking methods keep losing access due to privacy and API restrictions...

PT-2026-41646

Mattermost Plugins versions =11.5 11.1.5 10.13.11 11.3.4.0 fail to have API-level checks on which groups the user can create issues or attach comments to which allows a user that is member of multiple groups to create issues to a locked group via direct API requests. Mattermost Advisory ID:...

CVE-2026-45399

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, any authenticated user with low privileges can enumerate active background tasks across the system and stop tasks belonging to other users via the GET /api/tasks and POST...

CVE-2026-45339

Open WebUI (self-hosted offline AI platform) has a vulnerability where endpoint access restrictions on API keys could be bypassed by using the x-api-key header, even when the key was restricted from sensitive endpoints like /api/v1/messages. Prior to version 0.9.0, requests with Authorization: Be...

CVE-2026-45399

Open WebUI CVE-2026-45399 describes a broken authorization gap in multi-user deployments: before release 0.9.0, authenticated, low-privilege users could enumerate and stop global background tasks via GET /api/tasks and POST /api/tasks/stop/{task_id}, impacting integrity and availability across us...

CVE-2026-42155

Summary of CVE-2026-42155 (Magento OpenMage LTS): The issue affects OpenMage/magento-lts OpenMage LTS releases via the legacy API session ID generation in Mage_Api_Model_Session::start(), where the session ID is md5(time() . uniqid('', true) . (possibly null sessionName)). This yields very low en...

Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Versions of Open WebUI prior to 0.8.12 contained a security vulnerability. This vulnerability stemmed from the lack of enforcement of the ENABLECODEEXECUTION configuration for the...

Open WebUI's API key endpoint restrictions bypassed via `x-api-key` header — full message processing on restricted endpoints

Summary Open WebUI allows admins to restrict which API endpoints an API key can access. When an API key is restricted from /api/v1/messages, requests using the Authorization: Bearer sk-... header are correctly blocked with 403. However, the same key sent via the x-api-key header bypasses the...

podinfo 跨站脚本漏洞

Podinfo is a Kubernetes microservice template developed by Stefan Prodan. Versions of Podinfo 6.11.2 and earlier contained a cross-site scripting vulnerability. This vulnerability stemmed from the fact that the echoHandler did not set a clear Content-Type or X-Content-Type-Options header on the...

Live Helper Chat 安全漏洞

Live Helper Chat is an open-source plugin developed by Live Helper Chat developers, designed to provide chat functionality for web platforms. Version 4.84 of Live Helper Chat contains a security vulnerability. This vulnerability stems from the REST API chat update endpoint, which allows users to...

GitLab Enterprise Edition（EE）和GitLab Community Edition（CE） 安全漏洞

GitLab Enterprise Edition EE and GitLab Community Edition CE are products of the American company GitLab. GitLab Enterprise Edition is a content management system. GitLab Community Edition is a community version of GitLab. There were security vulnerabilities in versions of GitLab CE/EE between 18...

CVE-2026-44426

ShellHub (CVE-2026-44426) is a cross-tenant IDOR where GET /api/namespaces/:tenant returns the full namespace object (including members, emails, roles, settings, and device counts) to any caller authenticated with an API Key, regardless of the API Key’s tenant scope. Root cause: if the API Key la...

CVE-2026-26289

CVE-2026-26289 affects PowerSYSTEM Center: the REST API endpoint used for device account export has incorrect authorization, permitting an authenticated user with limited permissions to access data normally restricted to administrators. The issue exposes sensitive information and is backed by hig...

CVE-2026-44858 Authenticated Stack-Based Buffer Overflow in PAPI Services

Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these vulnerabilities by sending...

EUVD-2026-29494

Insecure Default Initialization of Resource vulnerability allows Authentication Bypass via API access. This issue affects Pandora FMS: from 777 through 800...

CVE-2026-8407

Missing authorization in the PAM module in Devolutions Server allows an authenticated user with a PAM license but no additional permissions to obtain OTP secret keys and recovery codes via crafted requests to PAM API endpoints. This issue affects the following versions : Devolutions Server...

CVE-2026-30810 Server-Side Request Forgery in API Checker leads to Privilege Escalation

Server-Side Request Forgery vulnerability allows Privilege Escalation via API Checker extension. This issue affects Pandora FMS: from 777 through 800...