CVE-2026-5736

A vulnerability was identified in PowerJob 5.1.0/5.1.1/5.1.2. Impacted is an unknown function of the file powerjob-server/powerjob-server-starter/src/main/java/tech/powerjob/server/web/controller/InstanceController.java of the component detailPlus Endpoint. The manipulation of the argument...

EUVD-2026-19896

A security flaw has been discovered in PowerJob 5.1.0/5.1.1/5.1.2. The affected element is the function GroovyEvaluator.evaluate of the file /openApi/addWorkflowNode of the component OpenAPI Endpoint. The manipulation of the argument nodeParams results in code injection. The attack can be execute...

EUVD-2026-19893

A vulnerability was identified in PowerJob 5.1.0/5.1.1/5.1.2. Impacted is an unknown function of the file powerjob-server/powerjob-server-starter/src/main/java/tech/powerjob/server/web/controller/InstanceController.java of the component detailPlus Endpoint. The manipulation of the argument...

PowerJob SQL注入漏洞

PowerJob is an open-source distributed computing and job scheduling framework developed by PowerJob. It allows developers to easily schedule tasks within their applications. Versions 5.1.0, 5.1.1, and 5.1.2 of PowerJob contain SQL injection vulnerabilities. These vulnerabilities stem from incorre...

Security Bulletin: Vulnerabilities in affects IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Potential vulnerability in has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2026-23745 DESCRIPTION: node-tar is a Ta...

Security Bulletin: Vulnerabilities in Axios affects IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Potential vulnerability in Axios has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2025-58754 DESCRIPTION: Axios is a...

CVE-2024-41942

JupyterHub is software that allows one to create a multi-user server for Jupyter notebooks. Prior to versions 4.1.6 and 5.1.0, if a user is granted the admin:users scope, they may escalate their own privileges by making themselves a full admin user. The impact is relatively small in that...

WordPress Employee Spotlight plugin <= 5.1.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by muhammad yudha in WordPress Plugin Employee Spotlight versions = 5.1.0...

Security Bulletin: Multiple vulnerabilities affect IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Potential vulnerabilities have been identified that affect IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerabilities have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2025-23166 DESCRIPTION: The C++ method...

Security Bulletin: Due to use of Connect2id Nimbus JOSE+JWT, IBM Watson Studio in Cloud Pak for Data is affected by denial of service

Summary Connect2id Nimbus JOSE+JWT is used by Watson Studio in Cloud Pak for Data. Vulnerability Details CVEID:CVE-2023-52428 DESCRIPTION: In Connect2id Nimbus JOSE+JWT before 9.37.2, an attacker can cause a denial of service resource consumption via a large JWE p2c header value aka iteration cou...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS versions 5.0.1 and 5.1.0, which stems from a stack overflow risk when parsing vector images, and can be...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS versions 5.0.1 and 5.1.0, which stems from a stack overflow risk when parsing vector images, and can be...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS versions 5.0.1 and 5.1.0, which stems from a null pointer dereference in the PDF Preview module, and can ...

RT-Thread 缓冲区错误漏洞

RT-Thread is an open source IoT real-time operating system RTOS from RT-Thread Open Source. A buffer error vulnerability exists in RT-Thread 5.1.0 and earlier versions, which stems from a memory corruption and could lead to a local attack...

CVE-2023-41695

Missing Authorization vulnerability in Analytify Analytify allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Analytify: from n/a through 5.1.0...

UBUNTU-CVE-2024-41942

JupyterHub is software that allows one to create a multi-user server for Jupyter notebooks. Prior to versions 4.1.6 and 5.1.0, if a user is granted the admin:users scope, they may escalate their own privileges by making themselves a full admin user. The impact is relatively small in that...

CVE-2024-41942

JupyterHub is software that allows one to create a multi-user server for Jupyter notebooks. Prior to versions 4.1.6 and 5.1.0, if a user is granted the admin:users scope, they may escalate their own privileges by making themselves a full admin user. The impact is relatively small in that...

CVE-2024-22309

Deserialization of Untrusted Data vulnerability in QuantumCloud ChatBot with AI.This issue affects ChatBot with AI: from n/a through 5.1.0...

OroCommerce Access Control Error Vulnerability

OroCommerce is an open source business-to-business commerce application from Oro. OroCommerce suffers from an Access Control Error vulnerability that stems from insufficient security checks, which allows an attacker to bypass Access Control Lists ACLs. Affected products and versions: OroCommerce...

com.airbus-cyber-security.graylog:graylog-plugin-alert-wizard (=5.2.0), com.airbus-cyber-security.graylog:graylog-plugin-correlation-count (=5.1.2) +3 more potentially affected by CVE-2023-41044 via org.graylog2:graylog2-server (>=5.1.0 <=5.1.2)

org.graylog2:graylog2-server MAVEN version =5.1.0, =5.1.0, =5.1.0, =5.1.13 Source cves: CVE-2023-41044 Source advisory: OSV:GHSA-2Q4P-F6GF-MQR5...