158884 matches found
CVE-2026-41076
RT is an open source, enterprise-grade issue and ticket tracking system. Versions 5.0.9 and prior in addition to 6.0.0 through 6.0.2 contain an authentication bypass vulnerability in RT installations that use LDAP/AD for user authentication. Under certain LDAP server configurations, an attacker m...
CVE-2026-41075
RT is an open source, enterprise-grade issue and ticket tracking system. Versions 5.0.0 through 5.0.9 and 6.0.0 through 6.0.2 contain an SQL injection vulnerability. An authenticated user can craft input that is incorporated into database queries without proper validation, potentially allowing th...
CVE-2026-41073
RT is an open source, enterprise-grade issue and ticket tracking system. Versions prior to 5.0.10 and 6.0.0 through 6.0.2 contain a spreadsheet CSV/formula injection vulnerability. User-controlled data in spreadsheet exports is not sanitized before being written to the output file, which can caus...
CVE-2026-39824
NewNTUnicodeString does not check for string length overflow. When provided with a string that overflows the maximum size of a NTUnicodeString a 16-bit number of bytes, it returns a truncated string rather than an error...
GHSA-JXXR-4GWJ-5JF2 vulnerabilities
Vulnerabilities for packages: npm, airflow, ts-patch, langfuse, pulumi, tileserver-gl, vitess, renovate, opensearch-dashboards, lerna, prism...
CVE-2026-45149 vulnerabilities
Vulnerabilities for packages: npm, airflow, ts-patch, langfuse, pulumi, tileserver-gl, vitess, renovate, opensearch-dashboards, lerna, prism...
GHSA-XH8F-G2QW-GCM7 vulnerabilities
Vulnerabilities for packages: minio...
CVE-2026-42600 vulnerabilities
Vulnerabilities for packages: minio...
GHSA-8RM2-7QQF-34QM vulnerabilities
Vulnerabilities for packages: prometheus, minio...
CVE-2026-42154 vulnerabilities
Vulnerabilities for packages: prometheus, minio...
CVE-2026-45736 vulnerabilities
Vulnerabilities for packages: langfuse, kubeflow-pipelines, argo-workflows, code-server, vitess, opensearch-dashboards...
GHSA-58QX-3VCG-4XPX vulnerabilities
Vulnerabilities for packages: langfuse, kubeflow-pipelines, argo-workflows, code-server, vitess, opensearch-dashboards...
CVE-2026-39824
NewNTUnicodeString does not check for string length overflow. When provided with a string that overflows the maximum size of a NTUnicodeString a 16-bit number of bytes, it returns a truncated string rather than an error...
GHSA-GRGV-6HW6-V9G4 vulnerabilities
Vulnerabilities for packages: synapse...
CVE-2026-42304 vulnerabilities
Vulnerabilities for packages: synapse...
CVE-2026-42154 vulnerabilities
Vulnerabilities for packages: elastic-agent, ld-relay-fips, ld-relay, prometheus-fips, minio, prometheus, elastic-agent-fips, minio-fips...
GHSA-8RM2-7QQF-34QM vulnerabilities
Vulnerabilities for packages: elastic-agent, ld-relay-fips, ld-relay, prometheus-fips, minio, prometheus, elastic-agent-fips, minio-fips...
CVE-2026-48700
An issue was discovered in all versions of PCManFM-Qt starting from 1.1.0. When a regular file's path is passed as a URI in an org.freedesktop.FileManager1.ShowFolders D-Bus method call, PCManFM-Qt delegates to a different program based on the file type without user confirmation. This could be us...
CVE-2026-25680
Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service...
CVE-2026-25680
Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service...