PT-2026-41464

Name of the Vulnerable Software and Affected Versions ProcessMaker version 3.5.4 Description Improper path traversal validation allows unauthenticated attackers to read arbitrary files. By sending requests containing directory traversal sequences, an attacker can access sensitive system files, su...

ProcessMaker 安全漏洞

ProcessMaker is a web-based system developed by ProcessMaker Inc. in the PHP language, used for business process management BPM and workflow management. Version 3.5.4 of ProcessMaker contains a security vulnerability. This vulnerability stems from a local file inclusion flaw, which allows...

Security update for openvswitch

This update for openvswitch fixes the following issue: Security updates: CVE-2026-34956: Invalid memory access in conntrack FTP alg bsc1261273. Other updates: Update openvswitch to 3.5.4 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

CVE-2025-67974

Missing Authorization vulnerability in WP Legal Pages WPLegalPages wplegalpages allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPLegalPages: from n/a through = 3.5.4...

CVE-2025-67974

Missing Authorization vulnerability in WP Legal Pages WPLegalPages wplegalpages allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPLegalPages: from n/a through = 3.5.4...

CVE-2025-67974

CVE-2025-67974 is a Missing Authorization (Broken Access Control) vulnerability in WordPress plugin WP Legal Pages WPLegalPages, affecting versions up to 3.5.4. The issue arises from incorrectly configured access control security levels, enabling unauthorized access under certain conditions. Repo...

PT-2026-21048

Name of the Vulnerable Software and Affected Versions WP Legal Pages versions through 3.5.4 Description A missing authorization issue exists in WP Legal Pages. The issue involves exploiting incorrectly configured access control security levels. Recommendations Update WP Legal Pages to a version...

BIT-DISCOURSE-2025-69289 Discourse has insecure default configuration that allows non-admin moderators to takeover any non-staff account via email change

Discourse is an open source discussion platform. A privilege escalation vulnerability in versions prior to 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0 allows a non-admin moderator to bypass email-change restrictions, allowing a takeover of non-staff accounts. This issue is patched in versions 3.5.4...

CVE-2025-69289

Discourse is an open source discussion platform. A privilege escalation vulnerability in versions prior to 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0 allows a non-admin moderator to bypass email-change restrictions, allowing a takeover of non-staff accounts. This issue is patched in versions 3.5.4...

CVE-2025-66488

Discourse is an open source discussion platform. A vulnerability present in versions prior to 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0 affects anyone who uses S3 for uploads. While scripts may be executed, they will only be run in the context of the S3/CDN domain, with no site credentials...

CVE-2026-24742 Discourse staff action logs expose sensitive information to moderators

Discourse is an open source discussion platform. In versions prior to 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0, non-admin moderators can view sensitive information in staff action logs that should be restricted to administrators only. The exposed information includes webhook payload URLs and...

PT-2026-5181

Name of the Vulnerable Software and Affected Versions Discourse versions prior to 3.5.4 Discourse versions prior to 2025.11.2 Discourse versions prior to 2025.12.1 Discourse versions prior to 2026.1.0 Description Discourse, an open source discussion platform, is affected by a...

PT-2026-5194

Name of the Vulnerable Software and Affected Versions Discourse versions prior to 3.5.4 Discourse versions prior to 2025.11.2 Discourse versions prior to 2025.12.1 Discourse versions prior to 2026.1.0 Description Discourse is an open source discussion platform. Moderators can access the top uploa...

Discourse security vulnerabilities

Discourse is an open-source community discussion platform developed by Discourse. This platform includes features such as communities, email communication, and chat rooms. Vulnerabilities exist in versions of Discourse prior to 3.5.4, as well as versions before 2025.11.2, 2025.12.1, and 2026.1.0...

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the createDocWithMd function, where unsanitized input in the markdown parameter is passed to downstream processing functions. An attacker can access arbitrary files on the server or interact with...

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the createDocWithMd function, where unsanitized input in the markdown parameter is passed to downstream processing functions. An attacker can access arbitrary files on the server or interact with...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read via the globalCopyFiles function. An attacker can access sensitive files outside the intended directory by supplying arbitrary file paths to the API endpoint. Remediation Upgrade github.com/siyuan-note/siyuan/kernel/a...

CVE-2026-23852

SiYuan is a personal knowledge management system. Versions prior to 3.5.4 have a stored Cross-Site Scripting XSS vulnerability that allows an attacker to inject arbitrary HTML attributes into the icon attribute of a block via the /api/attr/setBlockAttrs API. The payload is later rendered in the...

CVE-2026-23852

SiYuan is a personal knowledge management system. Versions prior to 3.5.4 have a stored Cross-Site Scripting XSS vulnerability that allows an attacker to inject arbitrary HTML attributes into the icon attribute of a block via the /api/attr/setBlockAttrs API. The payload is later rendered in the...

CVE-2026-23851 SiYuan Vulnerable to Arbitrary File Read via File Copy Functionality

SiYuan is a personal knowledge management system. Versions prior to 3.5.4 contain a logic vulnerability in the /api/file/globalCopyFiles endpoint. The function allows authenticated users to copy files from any location on the server's filesystem into the application's workspace without proper pat...