PT-2026-26464

Name of the Vulnerable Software and Affected Versions phpseclib versions 1.0.26 and below phpseclib versions 2.0.0 through 2.0.51 phpseclib versions 3.0.0 through 3.0.49 Description phpseclib is a PHP secure communications library. Projects utilizing the affected versions are susceptible to a...

CVE-2025-62144

Missing Authorization vulnerability in Mohammed Kaludi Core Web Vitals & PageSpeed Booster core-web-vitals-pagespeed-booster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Core Web Vitals & PageSpeed Booster: from n/a through = 1.0.28...

CVE-2025-62144 WordPress Core Web Vitals & PageSpeed Booster plugin <= 1.0.28 - Broken Access Control vulnerability

Missing Authorization vulnerability in Mohammed Kaludi Core Web Vitals & PageSpeed Booster core-web-vitals-pagespeed-booster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Core Web Vitals & PageSpeed Booster: from n/a through = 1.0.28...

WordPress Core Web Vitals & PageSpeed Booster plugin <= 1.0.28 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Core Web Vitals & PageSpeed Booster versions = 1.0.28...

Kanova Android App 安全漏洞

Kanova Android App is a social group application by Kanova. A security vulnerability exists in Kanova Android App version 1.0.27, which stems from improper access control and could lead to unauthorized access to user details and obtain group information...

CVE-2025-61119

Kanova Android App version 1.0.27 package name com.karelane, developed by Karely L.L.C., contains improper access control vulnerabilities. Attackers may gain unauthorized access to user details and obtain group information, including entry codes, by manipulating API request parameters. Successful...

EUVD-2023-37381

Malicious code in bioql PyPI...

EUVD-2024-34018

Malicious code in bioql PyPI...

CVE-2024-11275

The WP Timetics- AI-powered Appointment Booking Calendar and Online Scheduling Plugin plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the /wp-json/timetics/v1/customers/ REST API endpoint in all versions up to, and including, 1.0.27. This makes...

WordPress plugin WP Timetics 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress Plugin Image Optimizer by 10web 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress plugin WP-Matomo Integration 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

Debian DLA-2418-1 : libsndfile security update

Several issues have been found in libsndfile, a library for reading/writing audio files. All issues are basically divide by zero errors, heap read overflows or other buffer overlow errors. For Debian 9 stretch, these problems have been fixed in version 1.0.27-3+deb9u1. We recommend that you upgra...

WordPress Rank Math SEO Plugin <= 1.0.27 Authentication Bypass Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:rankmath:seo"; ifdescription...