Mitel MiCollab - Arbitary File Read

The Mitel Collab Arbitrary File Read vulnerability allows an unauthenticated attacker to read arbitrary files from the underlying file system on a Mitel Collab server. Exploiting this flaw involves sending specially crafted requests to the server, bypassing access controls and allowing the attack...

CVE-2026-48827

Path traversal vulnerability in Apache MINA SSHD bundle sshd-git. Lack of path validation in git-upload-pack, git-receive-pack, and other git operations allows users authenticated over SSH access to git repositories outside the configured git server root directory. Applications are affected if th...

PhpMyAdmin <4.8.2 - Local File Inclusion

PhpMyAdmin before version 4.8.2 is susceptible to local file inclusion that allows an attacker to include view and potentially execute files on the server. The vulnerability comes from a portion of code where pages are redirected and loaded within phpMyAdmin, and an improper test for whitelisted...

PT-2026-45380

Name of the Vulnerable Software and Affected Versions Apache MINA SSHD versions prior to 2.18.0 Apache MINA SSHD versions 3.0.0-M1 through 3.0.0-M3 Description A path traversal issue exists in the org.apache.sshd:sshd-git bundle. Due to a lack of path validation in git-upload-pack,...

CVE-2026-42590

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.30.0, The ExifTool metadata write blocklist in Gotenberg can be bypassed using ExifTool's group-prefix syntax, enabling arbitrary file rename, move, hardlink, and symlink creation on the server. ExifTool supports group-prefix...

CVE-2026-44221

ArcadeDB is a Multi-Model DBMS. Prior to 2.6.4, authenticated users and API tokens scoped to a specific database could read, write, and mutate schema on any other database on the same server. Two distinct defects contributed: 1 ServerSecurityUser.getDatabaseUser returned a DB user with an...

CVE-2026-44221

ArcadeDB prior to version 2.6.4 (also referenced as 26.4.2 in some advisories) contains a cross-database authorization bypass. Two defects enable authenticated principals to bypass both record-level and database-level controls: (1) ServerSecurityUser.getDatabaseUser() returns a DB user with an un...

CVE-2026-44221 ArcadeDB: Cross-database authorization bypass and unsecured newly-created databases

ArcadeDB is a Multi-Model DBMS. Prior to 2.6.4, authenticated users and API tokens scoped to a specific database could read, write, and mutate schema on any other database on the same server. Two distinct defects contributed: 1 ServerSecurityUser.getDatabaseUser returned a DB user with an...

UEFI Reference Firmware Advisory

Summary: A potential security vulnerability in UEFI for some Intel Reference Platforms may allow information disclosure. Intel is releasing firmware updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2025-35991 Description: Improper initialization in the UEFI...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization n the ServerSecurityUser.getDatabaseUser and ArcadeDBServer.createDatabase processes. An attacker can gain unauthorized access to read, write, and modify schema and data across databases by exploiting improper...

CVE-2026-33975

CVE-2026-33975 affects Twenty-server SSRF protection in Twenty (NestJS) and can be bypassed in versions ≤ 1.18.0 by using IPv4-mapped IPv6 literals. The Node.js URL parser normalizes these to hex form (for example ::ffff:169.254.169.254 to ::ffff:a9fe:a9fe), while the isPrivateIp utility only rec...

PT-2026-37317

Name of the Vulnerable Software and Affected Versions ArcadeDB versions prior to 26.4.2 Description Authenticated users and API tokens scoped to a specific database can read, write, and mutate schema on any other database on the same server. This occurs due to two defects: first, the...

Astra Linux - уязвимость в 389-ds-base

A vulnerability was discovered in the 389 Directory Server, which allows an unauthenticated attacker with network access to the LDAP port to cause a denial of service. The denial of service is triggered by a single message sent over a TCP connection, without the need for any bind or other...

xorg-x11-server security update

1.20.11-28 - CVE fix for: CVE-2026-33999, CVE-2026-34000, CVE-2026-34001 CVE-2026-34002, CVE-2026-34003 Resolves: https://redhat.atlassian.net/browse/RHEL-163216 Resolves: https://redhat.atlassian.net/browse/RHEL-163298 Resolves: https://redhat.atlassian.net/browse/RHEL-163229...

MCP Pitfall Lab: Exposing Developer Pitfalls in MCP Tool Server Security under Multi-Vector Attacks

Model Context Protocol MCP is increasingly adopted for tool-integrated LLM agents, but its multi-layer design and third-party server ecosystem expand risks across tool metadata, untrusted outputs, cross-tool flows, multimodal inputs, and supply-chain vectors. Existing MCP benchmarks largely measu...

Exploit for Improper Input Validation in Apache Tomcat

No d...

Exploit-for-OSVDB-75095-LotusCMS-3.0

LotusCMS 3.0 eval RCE — Defensive Research Overview This...

RHEL 8 : 389-ds:1.4 (RHSA-2026:5511)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:5511 advisory. 389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server an...

EUVD-2026-13310

OpenClaw versions prior to 2026.2.26 server-http contains an authentication bypass vulnerability in gateway authentication for plugin channel endpoints due to path canonicalization mismatch between the gateway guard and plugin handler routing. Attackers can bypass authentication by sending reques...

SUSE-SU-2026:0914-1 Security update for 389-ds

This update for 389-ds fixes the following issues: - CVE-2025-14905: Fixed heap buffer overflow due to improper size calculation in schemaattrenumcallback callback bsc1258727...