CVE-2026-12416

The CVE affects the WordPress Invoice Generator plugin up to version 1.0.0. The root cause is pravel_invoice_change_password(), registered as a nopriv AJAX handler without nonce or authorization checks, which compares the supplied reset_activation_code to the user’s forgot_email meta with a loose...

CVE-2026-56345

AVideo 29.0 contains an authorization bypass via the Meet plugin's uploadRecordedVideo.json.php endpoint. The vulnerability derives the target users_id from the uploaded filename without verification, allowing a crafted file (e.g., filename like 1-anything.mp4) to trigger passwordless User->lo...

EUVD-2026-38132

AVideo through 29.0 contains an authorization bypass vulnerability in the Meet plugin's uploadRecordedVideo.json.php endpoint that derives the target usersid from the uploaded filename without verification. An attacker with knowledge of the Meet shared secret can craft a malicious file upload wit...

CVE-2019-25757

CVE-2019-25757 affects Joomla vWishlist 1.0.1. The vulnerability is an SQL injection in the vproductid and userid parameters that authenticated attackers can exploit by sending crafted POST requests to the component, enabling extraction of sensitive database information (e.g., version and databas...

CVE-2017-20272 Joomla Ultimate Property Listing 1.0.2 SQL Injection via sf_selectuser_id

Joomla Ultimate Property Listing 1.0.2 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the sfselectuserid parameter. Attackers can send GET requests to index.php with the option=comupl and...

EUVD-2017-18999

Joomla Ultimate Property Listing 1.0.2 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the sfselectuserid parameter. Attackers can send GET requests to index.php with the option=comupl and...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: exec: Fix for the issue involving the comparison between permission checks and setuid/gid usage When opening a file for execution using dofilpopen, permission checks are performed based on the file’s metadata at that moment. If t...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: sysctl: Always initialize iuid/igid. iuid/igid is always initialized within the sysfs core, so setownership can safely skip setting them. The commit 5ec27ec735ba from “fs/proc/procsysctl.c: fix the default values of iuid/igid on...

CVE-2026-54105

The U.S. Government Accountability Office GAO Electronic Protest Docketing System EPDS and Civilian Board of Contract Appeals CBCA Electronic Docketing System EDS expose sensitive account information through the 'update-profile/' API endpoint. A remote, unauthenticated attacker can submit a reque...

CVE-2026-12102

Affected software: WordPress plugin UsersWP (Front-end login, registration, profile, members directory) up to version 1.2.63. Vulnerability: Insecure Direct Object Reference via the user_id parameter due to missing validation on a user-controlled key in uwp_usermeta, enabling an authenticated att...

CVE-2025-48617

In overrideConfig of CarrierConfigLoader.java, there is a possible way to bypass UID check due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

SUSE SLES15 Security Update : openssh (SUSE-SU-2026:2375-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2375-1 advisory. This update for openssh fixes the following issues - CVE-2026-3497: information disclosure or denial of service due to uninitialize...

CVE-2026-9185

The 6Storage Rentals plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in all versions up to and including 2.22.0 via the userId parameter of the sixstoragegetuserinfo and sixstorageupdateprofile AJAX actions. This is due to the sixstoragegetUserInfo and...

CVE-2026-53673 BuddyPress 14.4.0 Private Message IDOR via REST API user_id Parameter

BuddyPress 14.4.0 contains an insecure direct object reference vulnerability in the messages REST API that allows authenticated attackers to access arbitrary private message threads by supplying a userid parameter in the request. Attackers can pass another user's identifier to the...

CVE-2026-36719

An information disclosure vulnerability in the /api/v1/user/info endpoint of AgentChat v2.3.0 allows unauthenticated attackers to obtain sensitive information, including SHA256 password hashes, via enumerating user IDs...

FreeBSD Security Advisory - FreeBSD-SA-26:30.linux

FreeBSD Security Advisory - The Linuxulator determined whether a binary was set-user-ID or set-group-ID by checking the PSUGID process flag. During execve2, this flag is not yet set at the point where the auxiliary vector is constructed, so ATSECURE was incorrectly set to zero for set-user-ID and...

PT-2026-48335

BuddyPress 14.4.0 contains an insecure direct object reference vulnerability in the messages REST API that allows authenticated attackers to access arbitrary private message threads by supplying a user id parameter in the request. Attackers can pass another user's identifier to the get item...

AgentChat 安全漏洞

AgentChat is a multi-agent collaborative dialogue system based on large language models, developed by Shy25936636669. Version 2.3.0 of AgentChat contains a security vulnerability. This vulnerability stems from the/api/v1/user/info endpoint, which exposes information leakage vulnerabilities...

WordPress plugin 6Storage Rentals 安全漏洞

WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that extends the functionality of WordPress. There is a security vulnerability in WordPress Plugin...

FreeBSD-SA-26:30.linux

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-26:30.linux Security Advisory The FreeBSD Project Topic: Flaw in Linuxulator execution of setugid binaries Category: core Module: linux Announced: 2026-06-09...