113795 matches found
CVE-2026-46639
Twig 3.24.0–3.26.0 contains a sandbox bypass in object-destructuring assignment: CoreExtension::getAttribute() is called with sandboxed flag set to false, bypassing security policy checks and allowing a sandboxed template to read public properties or call public getters on objects. The issue is f...
CVE-2026-46635
Twig before 3.26.0 allows a sandbox bypass via the column filter (array_column on objects): when rendering with column in allowedFilters, object arrays passed to PHP’s array_column() read public and magic properties directly, bypassing SandboxExtension::checkPropertyAllowed(). This bypass occurs ...
EUVD-2026-44541
A security flaw has been discovered in mastergo-design mastergo-magic-mcp up to 0.2.0. This issue affects the function execute of the file src/tools/get-c2d.ts of the component mcpC2d. Performing a manipulation of the argument filePath results in path traversal. The attack requires a local...
EUVD-2026-36132
Fedify has an incomplete SSRF mitigation after GHSA-p9cg-vqcc-grcx: validatePublicUrl allows special-use IPv4 ranges...
CVE-2026-52838
Affected software: Easy!Appointments (self-hosted appointment scheduler). Vulnerability: Stored XSS via the public booking page. An authenticated administrator can store HTML/JavaScript in the disable_booking_message setting (rich-text editor). The value is later passed directly to the public boo...
CVE-2026-15696
CVE-2026-15696 : Affects Tenda BE12 Pro firmware version 16.03.66.23. The vulnerability lies in the fromVirtualSer function of the file /goform/VirtualSer, where manipulation of the argument page leads to a stack-based buffer overflow. It can be exploited remotely, and the exploit has been disclo...
CVE-2026-15719
The CVE-2026-15719 entry refers to Firefox Site isolation in the DOM: Navigation component. Publicly disclosed exploit code exists, but none are documented as in-the-wild attacks in the provided sources. Affected software is Firefox; the vulnerability was fixed in Firefox 152.0.6. The Mozilla adv...
CVE-2026-15718
CVE-2026-15718 concerns an invalid pointer in Firefox’s JavaScript: WebAssembly component. Affected software: Mozilla Firefox. Root cause (as stated by the CVE entry title): an invalid pointer within the WebAssembly interaction layer of the JavaScript engine. Impact details are not elaborated bey...
ROOT-OS-DEBIAN-13-CVE-2025-40038 CVE-2025-40038 in rootio-linux - Patched by Root
Root has patched CVE-2025-40038 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
Emby Server - Authentication Bypass
Emby Server is a user-installable home media server which stores and organizes a user's media files of virtually any format and makes them available for viewing at home and abroad on a broad range of client devices. This vulnerability may allow administrative access to an Emby Server system,...
KeyCloak - Information Exposure
A flaw was found in keycloak in versions prior to 13.0.0. The client registration endpoint allows fetching information about PUBLIC clients like client secret without authentication which could be an issue if the same PUBLIC client changed to CONFIDENTIAL later. The highest threat from this...
YMC Filter WordPress - Unauthenticated Post Disclosure
YMC Filter WordPress plugin 3.11.3 contains a broken access control vulnerability caused by improper authorization and lack of validation in a REST API endpoint, letting unauthenticated attackers retrieve private and non-public post content, exploit requires no authentication. id: CVE-2026-10823...
Blinko <= 1.8.3 - User Information Leak
Blinko = 1.8.4 contains an information disclosure caused by a publicly accessible endpoint exposing user information including usernames, roles, and account creation dates, letting remote attackers access sensitive user data, exploit requires no special privileges. id: CVE-2026-23486 info: name:...
GitLab 16.0.0 - Path Traversal
An issue has been discovered in GitLab CE/EE affecting only version 16.0.0. An unauthenticated malicious user can use a path traversal vulnerability to read arbitrary files on the server when an attachment exists in a public project nested within at least five groups id: CVE-2023-2825 info: name:...
Vite Dev Server - Path Traversal
Vite is a frontend tooling framework for JavaScript. Prior to versions 7.1.5, 7.0.7, 6.3.6, and 5.4.20, files starting with the same name with the public directory were served bypassing the server.fs settings. Only apps that explicitly expose the Vite dev server to the network using --host or...
WordPress Bookit < 2.5.1 - Unauthenticated Stripe Settings Update
Bookit WordPress plugin 2.5.1 contains a broken access control vulnerability caused by a publicly accessible REST endpoint allowing unauthenticated update of Stripe payment options, letting remote attackers modify payment settings without authentication. id: CVE-2025-12841 info: name: WordPress...
PKP Open Journal Systems 2.4.8-3.3 - Cross-Site Scripting
PKP Open Journal Systems 2.4.8 to 3.3 contains a cross-site scripting vulnerability which allows remote attackers to inject arbitrary code via the X-Forwarded-Host Header. id: CVE-2022-24181 info: name: PKP Open Journal Systems 2.4.8-3.3 - Cross-Site Scripting author: lucasljm2001,ekrause severit...
CVE-2026-15675
A vulnerability was identified in code-projects Online Job Portal 1.0. The affected element is an unknown function of the file /Admin/EditUser.php. Such manipulation of the argument UserId leads to sql injection. The attack may be launched remotely. The exploit is publicly available and might be...
CVE-2026-15669
A vulnerability was found in louisho5 picobot up to 0.2.0. This issue affects the function ExecTool.Execute of the file internal/agent/tools/exec.go of the component exec Tool. The manipulation results in os command injection. The attack requires a local approach. The exploit has been made public...
CVE-2026-12583
The Newsletters WordPress plugin before 4.15 does not prevent deserialization of untrusted input that is stored through a public form, allowing unauthenticated attackers to inject a PHP object and, via a property-oriented gadget chain bundled with the Newsletters WordPress plugin before 4.15, wri...