EUVD-2026-34281

A lack of runtime integrity in GNCC GP5 v7.1.76 allows physically-proximate attackers to bypass file system read-only protections and modify system files and binaries for the duration of a boot session via a bind-mount attack...

CVE-2026-36180

The CVE describes a lack of runtime integrity in GNCC GP5 v7.1.76 that lets physically proximate attackers bypass read-only protections and modify system files and binaries for the duration of a boot session via a bind-mount attack. Affected product: GNCC GP5 (version 7.1.76). Root cause: runtime...

CVE-2026-36180

A lack of runtime integrity in GNCC GP5 v7.1.76 allows physically-proximate attackers to bypass file system read-only protections and modify system files and binaries for the duration of a boot session via a bind-mount attack...

PT-2026-46247

A lack of runtime integrity in GNCC GP5 v7.1.76 allows physically-proximate attackers to bypass file system read-only protections and modify system files and binaries for the duration of a boot session via a bind-mount attack...

samba: Missing access check on reparse point operations

A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read only = yes. Due to missing SMB-layer access checks, authenticated users with underlying filesystem write permissions may create or delete reparse point metadata through SMB operations even on read-onl...

CVE-2026-45544

Nextcloud is an open source content collaboration platform. From version 0.8.0 to before version 1.0.4, the view filter criteria is exposed to users with read-only permissions in Nextcloud Tables. This issue has been patched in versions 1.0.4 and 2.0.0...

EUVD-2026-33714

Nextcloud is an open source content collaboration platform. From version 0.8.0 to before version 1.0.4, the view filter criteria is exposed to users with read-only permissions in Nextcloud Tables. This issue has been patched in versions 1.0.4 and 2.0.0...

CVE-2026-45544 Nextcloud: Information Disclosure of view filter metdata via Broken Sensitive Data Masking in ViewService

Nextcloud is an open source content collaboration platform. From version 0.8.0 to before version 1.0.4, the view filter criteria is exposed to users with read-only permissions in Nextcloud Tables. This issue has been patched in versions 1.0.4 and 2.0.0...

CVE-2026-45544 Nextcloud: Information Disclosure of view filter metdata via Broken Sensitive Data Masking in ViewService

Nextcloud is an open source content collaboration platform. From version 0.8.0 to before version 1.0.4, the view filter criteria is exposed to users with read-only permissions in Nextcloud Tables. This issue has been patched in versions 1.0.4 and 2.0.0...

CVE-2026-45544

CVE-2026-45544 affects Nextcloud Tables, part of the Nextcloud platform. From version 0.8.0 to before 1.0.4, the view filter criteria was exposed to users with read‑only permissions, enabling potential disclosure of metadata through the table view. The issue is mitigated by upgrading to Nextcloud...

CVE-2026-45544

Nextcloud is an open source content collaboration platform. From version 0.8.0 to before version 1.0.4, the view filter criteria is exposed to users with read-only permissions in Nextcloud Tables. This issue has been patched in versions 1.0.4 and 2.0.0...

CVE-2026-42251

Use of hard-coded credentials in KS-SOMED allowed an unauthorized attacker access to FTP server that hosted the application's update packages. The attacker with these credentials could upload a malicious update file, which then may have been distributed and installed on client machines as a...

CVE-2026-42251

The CVE concerns KS-SOMED where hard-coded credentials in KSPLUPDFTP.exe (up to 30.00.00.056) and ANEKSKLIENT.EXE (up to 29.00.02.026) allowed an unauthorized actor to access an FTP server hosting update packages. This could enable uploading a malicious update that might be distributed and instal...

CVE-2026-42251 Hard-coded credentials in KS-SOMED

Use of hard-coded credentials in KS-SOMED allowed an unauthorized attacker access to FTP server that hosted the application's update packages. The attacker with these credentials could upload a malicious update file, which then may have been distributed and installed on client machines as a...

EUVD-2026-33642

Use of hard-coded credentials in KS-SOMED allowed an unauthorized attacker access to FTP server that hosted the application's update packages. The attacker with these credentials could upload a malicious update file, which then may have been distributed and installed on client machines as a...

KubeSec V1 Kubernetes Scanner

KubeSec is a Kubernetes security auditing tool designed to identify dangerous RBAC permissions, insecure pod configurations, exposed secrets, privileged workloads, risky host mounts, weak network exposure, and cluster hardening weaknesses across Kubernetes environments. performs automated read-on...

NextCloud Tables security vulnerabilities

NextCloud Tables is an open-source table application developed by NextCloud. There were security vulnerabilities in the version of NextCloud Tables from 0.8.0 to 1.0.4. These vulnerabilities stemmed from view filter conditions being exposed to users with read-only permissions...

PT-2026-45432

Use of hard-coded credentials in KS-SOMED allowed an unauthorized attacker access to FTP server that hosted the application's update packages. The attacker with these credentials could upload a malicious update file, which then may have been distributed and installed on client machines as a...

PT-2026-45532

Nextcloud is an open source content collaboration platform. From version 0.8.0 to before version 1.0.4, the view filter criteria is exposed to users with read-only permissions in Nextcloud Tables. This issue has been patched in versions 1.0.4 and 2.0.0...

CVE-2026-47740 Shopper: Authorization bypass in multiple Livewire admin components

Shopper is a Headless e-commerce Admin Panel. Prior to 2.8.0, Multiple Filament actions on the admin Order detail and Order shipments table were callable by an authenticated low-privilege user without the permission required to mutate orders. The order detail actions cancel, mark paid, mark...