PT-2026-41154

Summary ApostropheCMS contains an authenticated server-side request forgery SSRF in the rich-text widget import flow. An authenticated user who can submit/edit rich-text widget content can cause the server to fetch attacker-controlled URLs during widget validation. For image-compatible responses,...

PT-2026-40882

The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'text' attribute of the bt bb button shortcode in all versions up to, and including, 5.6.8. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

PT-2026-41160

Name of the Vulnerable Software and Affected Versions Marten versions prior to 8.36.1 Description Full-text search APIs interpolate the user-supplied regConfig parameter directly into generated SQL without parameterization or validation. This creates a SQL injection sink in any code path where...

PT-2026-41168

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.3 Description An issue exists where the audio transcription upload endpoint uses the file extension from a user-supplied filename to save files. The '/cache/path' route serves these files via FileResponse, whic...

EUVD-2026-29922

A vulnerability exists where a connection requiring TLS incorrectly reuses an existing unencrypted connection from the same connection pool. If an initial transfer is made in clear-text via IMAP, SMTP, or POP3, a subsequent request to that same host bypasses the TLS requirement and instead transm...

CVE-2026-32170

Double free in Windows Rich Text Edit allows an authorized attacker to elevate privileges locally...

CVE-2026-21530

Double free in Windows Rich Text Edit allows an authorized attacker to elevate privileges locally...

CVE-2026-4873

A vulnerability exists where a connection requiring TLS incorrectly reuses an existing unencrypted connection from the same connection pool. If an initial transfer is made in clear-text via IMAP, SMTP, or POP3, a subsequent request to that same host bypasses the TLS requirement and instead transm...

ALPINE-CVE-2026-4873

A vulnerability exists where a connection requiring TLS incorrectly reuses an existing unencrypted connection from the same connection pool. If an initial transfer is made in clear-text via IMAP, SMTP, or POP3, a subsequent request to that same host bypasses the TLS requirement and instead transm...

CVE-2026-6177

The CVE-2026-6177 entry concerns the WordPress plugin Custom Twitter Feeds (versions

CVE-2026-4873 connection reuse ignores TLS requirement

A vulnerability exists where a connection requiring TLS incorrectly reuses an existing unencrypted connection from the same connection pool. If an initial transfer is made in clear-text via IMAP, SMTP, or POP3, a subsequent request to that same host bypasses the TLS requirement and instead transm...

CVE-2026-4873

A vulnerability exists where a connection requiring TLS incorrectly reuses an existing unencrypted connection from the same connection pool. If an initial transfer is made in clear-text via IMAP, SMTP, or POP3, a subsequent request to that same host bypasses the TLS requirement and instead transm...

CVE-2026-4873 connection reuse ignores TLS requirement

A vulnerability exists where a connection requiring TLS incorrectly reuses an existing unencrypted connection from the same connection pool. If an initial transfer is made in clear-text via IMAP, SMTP, or POP3, a subsequent request to that same host bypasses the TLS requirement and instead transm...

CVE-2025-14767

The WPC Badge Management for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'text' attribute of the wpcbmbestseller shortcode in all versions up to, and including, 3.1.6 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2025-14767

CVE-2025-14767 affects the WordPress plugin WPC Badge Management for WooCommerce (versions ≤ 3.1.6). The vulnerability is a Stored Cross-Site Scripting via the 'text' attribute of the wpcbm_best_seller shortcode, caused by insufficient input sanitization and output escaping. Authenticated attacke...

CVE-2025-14767 WPC Badge Management for WooCommerce <= 3.1.6 - Authenticated (Shop Manager+) Stored Cross-Site Scripting via 'text' Attribute

The WPC Badge Management for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'text' attribute of the wpcbmbestseller shortcode in all versions up to, and including, 3.1.6 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2025-14767

The WPC Badge Management for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'text' attribute of the wpcbmbestseller shortcode in all versions up to, and including, 3.1.6 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2025-14767 WPC Badge Management for WooCommerce <= 3.1.6 - Authenticated (Shop Manager+) Stored Cross-Site Scripting via 'text' Attribute

The WPC Badge Management for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'text' attribute of the wpcbmbestseller shortcode in all versions up to, and including, 3.1.6 due to insufficient input sanitization and output escaping. This makes it possible for...

SUSE CVE-2026-7814

Stored cross-site scripting XSS vulnerability in pgAdmin 4 Browser Tree and Explain Visualizer modules. User-controlled PostgreSQL object names database, schema, table, column, etc. were assigned to DOM elements via innerHTML, allowing crafted object names containing HTML markup to execute...

PT-2026-40602

The Custom Twitter Feeds plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 2.5.4. This is due to insufficient output escaping in the CTF Display Elements::get post text function when rendering cached tweet text. The plugin's ctf get more posts AJAX...