PT-2026-21494

A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This affects the function getpeer of the file /src/net builtin.c of the component TCP Sequence Number Handler. The manipulation leads to improper verification of source of a communication channel. The attack may be initiat...

CVE-2026-2967

A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This affects the function getpeer of the file /src/netbuiltin.c of the component TCP Sequence Number Handler. The manipulation leads to improper verification of source of a communication channel. The attack may be initiate...

CVE-2026-22269

Dell PowerProtect Data Manager, versions prior to 19.22, contains an Improper Verification of Source of a Communication Channel vulnerability in the REST API. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to protection mechanism bypass...

CVE-2026-22266

Dell PowerProtect Data Manager, versions prior to 19.22, contains an Improper Verification of Source of a Communication Channel vulnerability in the REST API. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to protection mechanism bypass...

CVE-2026-22266

Dell PowerProtect Data Manager, versions prior to 19.22, contains an Improper Verification of Source of a Communication Channel vulnerability in the REST API. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to protection mechanism bypass...

CVE-2026-22266

Dell PowerProtect Data Manager, versions prior to 19.22, contains an Improper Verification of Source of a Communication Channel vulnerability in the REST API. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to protection mechanism bypass...

CVE-2026-22269

Dell PowerProtect Data Manager, versions prior to 19.22, contains an Improper Verification of Source of a Communication Channel vulnerability in the REST API. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to protection mechanism bypass...

CVE-2026-22269

CVE-2026-22269 affects Dell PowerProtect Data Manager

PT-2026-20781

Dell PowerProtect Data Manager, versions prior to 19.22, contains an Improper Verification of Source of a Communication Channel vulnerability in the REST API. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to protection mechanism bypass...

CVE-2025-62439

An Improper Verification of Source of a Communication Channel vulnerability CWE-940 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.4, FortiOS 7.4.0 through 7.4.9, FortiOS 7.2 all versions, FortiOS 7.0 all versions may allow an authenticated user with knowledge of FSSO policy configurations t...

CVE-2025-62439

An Improper Verification of Source of a Communication Channel vulnerability CWE-940 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.4, FortiOS 7.4.0 through 7.4.9, FortiOS 7.2 all versions, FortiOS 7.0 all versions may allow an authenticated user with knowledge of FSSO policy configurations t...

CVE-2025-62439

An Improper Verification of Source of a Communication Channel vulnerability CWE-940 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.4, FortiOS 7.4.0 through 7.4.9, FortiOS 7.2 all versions, FortiOS 7.0 all versions may allow an authenticated user with knowledge of FSSO policy configurations t...

CVE-2025-62439

CVE-2025-62439 : Fortinet FortiOS contains an vulnerability titled “Improper Verification of Source of a Communication Channel” (CWE-940). Affected products/versions are FortiOS 7.6.0–7.6.4, 7.4.0–7.4.9, and all 7.2 and 7.0 releases. Affected condition: an authenticated user with knowledge of FSS...

Most Engagement Data Is Compromised and That’s a Major Security Problem

Most engagement data is compromised by bots and spoofing. Datavault AI treats engagement as a security problem, verifying real human actions at the source...

PT-2026-7274

An Improper Verification of Source of a Communication Channel vulnerability CWE-940 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.4, FortiOS 7.4.0 through 7.4.9, FortiOS 7.2 all versions, FortiOS 7.0 all versions may allow an authenticated user with knowledge of FSSO policy configurations t...

Orangescrum Elevation of Privilege Vulnerability

Orangescrum is a project and task management software tool that also provides productivity tools for work organization and team collaboration. Orangescrum suffers from an elevation of privilege vulnerability, which stems from the application's failure to effectively verify the source of requests ...

CVE-2025-27389 Application Installation Source Verification Flaw May Lead to Risk Detection Bypass

A flaw exists in the verification of application installation sources within ColorOS. Under specific conditions, this issue may cause the risk detection mechanism to fail, which could allow malicious applications to be installed without proper warning...

CVE-2025-58488

Improper verification of source of a communication channel in SmartTouchCall prior to version 1.0.1.1 allows remote attackers to access sensitive information. User interaction is required for triggering this vulnerability...

CVE-2025-58488

Improper verification of source of a communication channel in SmartTouchCall prior to version 1.0.1.1 allows remote attackers to access sensitive information. User interaction is required for triggering this vulnerability...

CVE-2025-58488

The connected Red Hat, NVD, CVE Registry, and vendor records confirm CVE-2025-58488 affects Samsung SmartTouchCall prior to version 1.0.1.1. The root cause is improper verification of the origin of a communication channel, which could allow a remote attacker to access sensitive information. Explo...