EUVD-2026-32628

RELATE is a web-based courseware package. Prior to commit d66ba5659b459bf1ba56b7109b5f9ecf197cbefb, RELATE LMS configures its Celery workers to accept and deserialize untrusted 'pickle' data. An attacker who can reach the message broker can execute arbitrary commands on the host server. Combined...

CVE-2026-47161 RELATE Vulnerable to Remote Code Execution (RCE) via Insecure Celery Pickle Deserialization

RELATE is a web-based courseware package. Prior to commit d66ba5659b459bf1ba56b7109b5f9ecf197cbefb, RELATE LMS configures its Celery workers to accept and deserialize untrusted 'pickle' data. An attacker who can reach the message broker can execute arbitrary commands on the host server. Combined...

CVE-2026-47161

RELATE is a web-based courseware package. Prior to commit d66ba5659b459bf1ba56b7109b5f9ecf197cbefb, RELATE LMS configures its Celery workers to accept and deserialize untrusted 'pickle' data. An attacker who can reach the message broker can execute arbitrary commands on the host server. Combined...

CVE-2026-42879

CVE-2026-42879 affects FacturaScripts

CVE-2026-42879 FacturaScripts: Authenticated Remote Code Execution (RCE) via GIF Image Upload in Product Images

FacturaScripts is an open source accounting and invoicing software. In 2025.81 and earlier, an authenticated unrestricted file upload vulnerability exists in FacturaScripts' product image upload functionality. An attacker with valid credentials can upload a PHP file disguised as a GIF image using...

CVE-2026-42879 FacturaScripts: Authenticated Remote Code Execution (RCE) via GIF Image Upload in Product Images

FacturaScripts is an open source accounting and invoicing software. In 2025.81 and earlier, an authenticated unrestricted file upload vulnerability exists in FacturaScripts' product image upload functionality. An attacker with valid credentials can upload a PHP file disguised as a GIF image using...

GHSA-GF2Q-C269-PQGC LiquidJS is Vulnerable to Remote Code Execution

Summary It is possible to execute arbitrary code with crafted templates Details 1|valueOf - this when evaluating the filter liquid %assign r=1|valueOf% r|inspect json...

LiquidJS is Vulnerable to Remote Code Execution

Summary It is possible to execute arbitrary code with crafted templates Details 1|valueOf - this when evaluating the filter liquid %assign r=1|valueOf% r|inspect json...

JLSEC-2026-564 In GnuPG before 2.5.17, a crafted CMS (S/MIME) EnvelopedData message carrying an oversized...

In GnuPG before 2.5.17, a crafted CMS S/MIME EnvelopedData message carrying an oversized wrapped session key can cause a stack-based buffer overflow in gpg-agent during PKDECRYPT--kem=CMS handling. This can easily be leveraged for denial of service; however, there is also memory corruption that...

CVE-2026-44345

BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.39, src/bentoml/internal/container/frontend/dockerfile/templates/basev2.j2 interpolates docker.baseimage raw with no escaping, newline filtering, or validation. A malicious...

PYSEC-0000-CVE-2026-44345

BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.39, src/bentoml/internal/container/frontend/dockerfile/templates/basev2.j2 interpolates docker.baseimage raw with no escaping, newline filtering, or validation. A malicious...

Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by multiple vulnerabilities when using Web Server Plug-ins (CVE-2026-8633, CVE-2026-8620)

Summary IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by remote code execution and HTTP request smuggling when using the optional and separately installable Web Server Plug-ins for IBM WebSphere Application Server component. Vulnerability Details...

CVE-2026-45087 Dalfox: Unauthenticated Remote Code Execution via `found-action` in Dalfox Server Mode

Dalfox is a powerful open-source XSS scanner and utility focused on automation. Prior to 2.13.0, when dalfox is started in REST API server mode dalfox server, the server binds to 0.0.0.0:6664 by default and requires no API key unless the operator explicitly passes --api-key. Because model.Options...

CVE-2026-45087

Dalfox (server mode) prior to v2.13.0 is vulnerable to unauthenticated remote code execution. When running dalfox server with default 0.0.0.0:6664 and no API key, POST /scan deserializes attacker-controlled options (FoundAction and FoundActionShell) into scan config, then shell commands are execu...

GHSA-36FC-7WJG-MFVJ Pimcore has Unsafe PHP Deserialization in Multiple Locations Without allowed_classes Restriction

GM-374 Summary Multiple locations in Pimcore v11 call PHP's unserialize on data from database columns and filesystem files without the allowedclasses restriction, enabling object injection if an attacker can control the serialized data source. Affected Component - Package: pimcore/pimcore and...

firefox: Memory safety bugs fixed in Firefox ESR 140.11 and Firefox 151

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been...

CVE-2026-48922

Jenkins Credentials Binding Plugin 720.v3f6decef43ea and earlier does not properly sanitize file names for file and zip file credentials, allowing attackers able to provide credentials to a job to write files to arbitrary locations on the node filesystem, which can lead to remote code execution i...

CVE-2026-37713

An issue in Dolibarr ERP/CRM v.22.0.0 through v.22.0.4 and v.24.0.0-alpha allows a remote attacker to execute arbitrary code via the htdocs/core/class/commonobject.class.php...

CVE-2026-37712

An issue in Dolibarr ERP/CRM v.22.0.0 through v.22.0.4 and v.24.0.0-alpha allows a remote attacker to execute arbitrary code via the htdocs/cron/class/cronjob.class.php, calluserfuncarray in function job type...

CVE-2026-37711

An issue in Dolibarr ERP/CRM v.22.0.0 through v.22.0.4 and v.24.0.0-alpha allows a remote attacker to execute arbitrary code via the htdocs/core/actionsaddupdatedelete.inc.php...