4656 matches found
CVE-2026-13233 OpenAI Provider - Moderately critical - Server-side Request Forgery - SA-CONTRIB-2026-053
Server-Side Request Forgery SSRF vulnerability in Drupal OpenAI Provider allows Server Side Request Forgery. This issue affects OpenAI Provider versions: from 0.0.0 to 1.1.1, from 1.2.0 to 1.2.2...
CVE-2026-13232 Advanced Content Feedback (aka admin_feedback) - Moderately critical - Access bypass / Insecure Direct Object Reference (IDOR) - SA-CONTRIB-2026-052
Incorrect Authorization vulnerability in Drupal Advanced Content Feedback aka adminfeedback allows Forceful Browsing. This issue affects Advanced Content Feedback aka adminfeedback versions: from 0.0.0 to 2.8.0...
CVE-2026-55810
Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Plotly.js Graphing allows Object Injection. This issue affects Plotly.js Graphing versions: from 0.0.0 to 3.0.2...
CVE-2026-10768
CVE-2026-10768 describes a Missing Authorization vulnerability in Drupal LocalGov Workflows that allows forceful browsing. Affected are LocalGov Workflows versions 0.0.0 to 1.6.0. The root cause is insufficient access controls that expose a view of Service Contacts, leading to potential informati...
CVE-2026-52761
ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. From 3.0.0 through 3.0.15, the t:utf8toUnicode transformation in src/actions/transformations/utf8tounicode.cc produces wrong output on i386 architecture because snprintf uses sizeof on a...
CVE-2026-55882
Summary: Tilt (Tilt HUD server) before v0.37.4 exposes Go pprof endpoints under /debug with no access control, allowing unauthenticated network-accessible listeners to read memory and tokens via /debug/pprof/heap and /debug/pprof/goroutine, and potentially degrade performance via /debug/pprof/pro...
EUVD-2026-43042
Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Drupal AlternativeCommerce Basket allows Object Injection. This issue affects Drupal AlternativeCommerce Basket versions: from 0.0.0 to 2.1.17...
CVE-2026-13039
The Eventin plugin for WordPress (versions 4.0.26–4.1.15) has an authorization bypass in payment_complete() via REST API due to insufficient verification of user authorization. Unauthenticated attackers can mark unpaid ticket orders as completed by submitting a fabricated SureCart checkout ID or ...
CVE-2026-2398
MobilMen 20T (Adam Retail Automation Ltd) is affected by CVE-2026-2398 due to an Authorization bypass via a User-Controlled key, enabling Privilege Escalation. Affected versions are MobilMen 20T v3 through 10072026. CVSS 3.1 base score 8.8 (Network, Low attack complexity, Privileges Required: Low...
EUVD-2026-34016
Tesla has CRLF injection in request Content-Type header via addcontenttypeparam...
Important: Red Hat Security Advisory: RHTAS 1.4.2 - Tech Preview Release Of the Model Validation Operator
The Tech Preview release of the RHTAS Model Validation Operator. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.4 The RHTAS Model Validation Operator can be used with OpenShift Container Platform 4.16, 4.17,...
EUVD-2026-42423
IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service...
EUVD-2026-42402
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.7 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user to execute arbitrary scripts in another user's browser session due to improper...
EUVD-2025-210441
OpenVPN Access Server 2.7.2 through 3.1.0 accepts bare line-feed sequences inside HTTP header values, allowing remote attackers to perform HTTP request smuggling when deployed behind a reverse proxy...
CVE-2026-53642
FOSSBilling is a free, open-source billing and client management system. In versions 0.5.6 through 0.7.2, when the "Require Email Confirmation" setting is enabled, a logged-in client with an unverified email address emailapproved = 0 can access all client-area pages e.g. /client/balance,...
CVE-2026-53646
FOSSBilling is a free, open-source billing and client management system. In versions 0.5.6 through 0.7.2, when a ClientPasswordReset record already exists for a client from a previous unexpired reset request, subsequent calls to the resetpassword guest API endpoint reuse the existing token instea...
CVE-2026-53642
FOSSBilling versions 0.5.6–0.7.2 expose a page‑level access control flaw: when Require Email Confirmation is on, a logged‑in client with email_approved = 0 can access any /client/* page and read real account data (wallet balances, transaction history). The API enforces restrictions correctly to p...
CVE-2026-34049
Coolify (open-source self-hosted) versions 4.0.0-beta.451–4.0.0-beta.470 have a command-injection risk in MongoDB backup handling where collection names do not fully validate shell metacharacters. An attacker with the ability to configure backup inputs and high privileges can inject commands into...
CVE-2026-58402 Hugo default code block renderer XSS via unescaped code-fence language
Hugo is a static site generator. From 0.60.0 until 0.163.3, Hugo's default code-block renderer wrote the Markdown code-fence language or info-string into the code class="language-…" data-lang="…" wrapper without HTML escaping. A fence info-string containing a quote and a script payload breaks out...
EUVD-2026-41880
OpenVPN version 2.6.0 through 2.6.20 and 2.7alpha1 through 2.7.4 allows remote attackers to cause a denial of service via a malformed authentication token that triggers a reachable assertion when external-auth is enabled...