Astra Linux - уязвимость в jackson-databind

A deserialization flaw was discovered in Jackson-Databind through version 2.9.10.4. This flaw could allow unauthenticated users to execute code via Ignite-JTA or Quartz-core: org.apache.ignite.cache.jta.jndi.CacheJndiTmLookup, org.apache.ignite.cache.jta.jndi.CacheJndiTmFactory, and...

Astra Linux - уязвимость в libjackson-json-java

A deserialization flaw was discovered in the Jackson-Databind library, in versions prior to 2.6.7.1, 2.7.9.1, and 2.8.9. This flaw could allow an unauthenticated user to execute arbitrary code by sending maliciously crafted input to the readValue method of the ObjectMapper...

VulnCheck KEV: CVE-2026-29014

MetInfo CMS versions 7.9, 8.0, and 8.1 contain an unauthenticated PHP code injection vulnerability that allows remote attackers to execute arbitrary code by sending crafted requests with malicious PHP code. Attackers can exploit insufficient input neutralization in the execution path to achieve...

H2O-3 is Vulnerable to Code Injection

A critical remote code execution vulnerability exists in the unauthenticated REST API endpoint /99/ImportSQLTable in H2O-3 version 3.46.0.9 and prior. The vulnerability arises due to insufficient security controls in the parameter blacklist mechanism, which only targets MySQL JDBC driver-specific...

Paperclip 授权问题漏洞

Paperclip is an AI proxy orchestration tool developed by Paperclip Open Source. Versions of Paperclip prior to 2026.416.0 contained an authorization vulnerability. This vulnerability stemmed from the default authenticated configuration, allowing unauthenticated attackers to achieve full remote co...

CVE-2026-39918

Vvveb before 1.0.8.1 contains a code injection vulnerability in the installation endpoint. The subdir POST parameter is written unsanitized into env.php without escaping or validation, allowing an attacker to break out of the string context in the define statement and achieve unauthenticated remo...

CVE-2026-40066

Anviz CX2 Lite and CX7 are vulnerable to unverified update packages that can be uploaded. The device unpacks and executes a script resulting in unauthenticated remote code execution...

CVE-2026-6350 Openfind｜MailGates/MailAudit - Stack-based Buffer Overflow

MailGates/MailAudit developed by Openfind has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program's execution flow and execute arbitrary code...

Exploit for Missing Encryption of Sensitive Data in Apache Tomcat

CVE-2026-34486 — Apache Tomcat EncryptInterceptor RCE Apa...

EUVD-2026-22053

Pachno 1.0.6 contains a deserialization vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting malicious serialized objects into cache files. Attackers can write PHP object payloads to world-writable cache files with predictable names in the cache directory,...

CVE-2026-40044

Pachno 1.0.6 contains a deserialization vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting malicious serialized objects into cache files. Attackers can write PHP object payloads to world-writable cache files with predictable names in the cache directory,...

Agent Development Kit 安全漏洞

Agent Development Kit is an open-source development framework provided by Google for building and deploying AI agents. Versions 1.7.0 to 1.28.1 and 2.0.0a1 to 2.0.0a2 of the Agent Development Kit contain security vulnerabilities. These vulnerabilities stem from code injection and lack of...

Palo Alto Networks Autonomous Digital Experience Manager 安全漏洞

Palo Alto Networks Autonomous Digital Experience Manager is an artificial intelligence-based platform for monitoring and analyzing terminal and network experiences developed by Palo Alto Networks. There is a security vulnerability in Palo Alto Networks Autonomous Digital Experience Manager, which...

CVE-2026-33698 Chamilo LMS affected by unauthenticated RCE in main/install folder

Chamilo LMS is a learning management system. Prior to 1.11.38, a chained attack can enable otherwise-blocked PHP code from the main/install/ directory and allow an unauthenticated attacker to modify existing files or create new files where allowed by system permissions. This only affects portals...

Fortinet FortiClient EMS 7.4.5 / 7.4.6 API Authentication Bypass (FG-IR-26-099)

The version of Fortinet FortiClient EMS installed on the remote host is 7.4.5 or 7.4.6. It is, therefore, affected by an authentication bypass vulnerability: - An improper access control vulnerability CWE-284 in FortiClient EMS may allow an unauthenticated attacker to execute unauthorized code or...

CVE-2026-34424 Smart Slider 3 Pro 3.5.1.35 Supply Chain Attack Remote Access Toolkit

Smart Slider 3 Pro version 3.5.1.35 for WordPress and Joomla contains a multi-stage remote access toolkit injected through a compromised update system that allows unauthenticated attackers to execute arbitrary code and commands. Attackers can trigger pre-authentication remote shell execution via...

WordPress plugin Smart Slider 3 Pro 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

PT-2026-31821

Name of the Vulnerable Software and Affected Versions Smart Slider 3 Pro version 3.5.1.35 Description Smart Slider 3 Pro version 3.5.1.35 for WordPress and Joomla contains a multi-stage remote access toolkit injected through a compromised update system. This allows unauthenticated attackers to...

UBUNTU-CVE-2026-4631

Cockpit's remote login feature passes user-supplied hostnames and usernames from the web interface to the SSH client without validation or sanitization. An attacker with network access to the Cockpit web service can craft a single HTTP request to the login endpoint that injects malicious SSH...

CVE-2026-34977

Aperi'Solve is an open-source steganalysis web platform. Prior to 3.2.1, when uploading a JPEG, a user can specify an optional password to accompany the JPEG. This password is then directly passed into an expect command, which is then subsequently passed into a bash -c command, without any form o...