4526 matches found
CVE-2026-9221 Setracker2 Children's Smartwatch Ecosystem Use of a Broken or Risky Cryptographic Algorithm
The Setracker2 Android Companion App com.tgelec.setracker versions 3.1.5 and earlier uses MD5 to generate a request signature for authenticating communications between the mobile client and the backend REST API. Attackers could potentially reverse the signature to recover the session ID. With the...
GO-2026-5567 Note Mark has a JWT Secret Weakness that allows Full Account Takeover via Token Forgery in github.com/enchant97/note-mark/backend
Note Mark has a JWT Secret Weakness that allows Full Account Takeover via Token Forgery in github.com/enchant97/note-mark/backend...
CVE-2025-71336 Flowise - Unsandboxed Remote Code Execution via Custom MCP
Flowise before 3.0.6 affected versions 2.2.7-patch.1 and earlier contains an unsandboxed remote code execution vulnerability in the Custom MCP feature, which is designed to execute OS commands such as launching local MCP servers. Because Flowise's authentication and authorization model is minimal...
CVE-2026-6330 ML-KEM ARM64 NEON ciphertext comparison only compares half of the input
The ML-KEM ARM64 NEON ciphertext comparison only compares half of the input, breaking the Fujisaki-Okamoto transform's implicit rejection and weakening IND-CCA2 security on that code path. The constant-time comparison effectively ignored part of the re-encrypted ciphertext, so a decapsulating par...
Improper Authorization
Apache DolphinScheduler is vulnerable to Improper Authorization. The vulnerability is due to incorrect authorization checks in the experimental /v2 interface, where insufficient access control allows attackers to perform unauthorized actions or access protected resources...
PT-2026-52603
Name of the Vulnerable Software and Affected Versions ML-KEM affected versions not specified Description An issue exists in the ARM64 NEON ciphertext comparison where only half of the input is compared. This failure breaks the implicit rejection of the Fujisaki-Okamoto transform—a method used to...
Security Bulletin: Vulnerabilities found in Watson Data Intelligence
Summary Multiple Vulnerabilities were addressed in Watson Data Intelligence version 5.3.1-patch3. Vulnerability Details CVEID:CVE-2025-14917 DESCRIPTION: IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty could provide weaker than expecte...
[SECURITY] [DLA 4646-1] postgresql-13 security update
Debian LTS Advisory DLA-4646-1 [email protected] https://www.debian.org/lts/security/ Emmanuel Arias June 24, 2026 https://wiki.debian.org/LTS Package : postgresql-13 Version : 13.23-0+deb11u4 CVE ID : CVE-2026-6473 CVE-2026-6474 CVE-2026-6475 CVE-2026-6477 CVE-2026-6478 CVE-2026-6479...
EUVD-2026-38741
Capgo before 12.128.2 allows non-admin API keys to read webhook signing secrets via Supabase REST due to insufficient row-level security policies on the webhooks table. Attackers can retrieve the webhook secret and forge valid X-Capgo-Signature headers to send authenticated webhook events to...
CVE-2026-12417 SignUp & SignIn <= 1.0.0 - Unauthenticated Privilege Escalation via Weak Password Reset Validation via 'reset_activation_code' Leading to Account Takeover
The SignUp & SignIn plugin for WordPress is vulnerable to Authentication Bypass via Weak Password Reset Validation leading to Account Takeover in versions up to, and including, 1.0.0. This is due to the pravelchangepassword AJAX handler — registered via wpajaxnoprivpravelchangepassword and...
EUVD-2026-38661
The WP Forms Connector plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter of the /wp-json/wp/v3/post/list REST endpoint in versions up to and including 1.8. This is due to insufficient escaping on the user-supplied 'order' parameter read directly from $GET'order' into...
PT-2026-51675
Name of the Vulnerable Software and Affected Versions SignUp & SignIn plugin for WordPress versions prior to 1.0.1 Description The SignUp & SignIn plugin for WordPress contains an authentication bypass that allows unauthenticated attackers to take over any account, including administrator account...
jackson-databind's renamed @JsonIgnore'd setters can deserialize via private fields
Summary POJOPropertiesCollector.renameProperties allows a property with @JsonProperty"renamed" on the getter and @JsonIgnore on the setter to be renamed rather than dropped. With MapperFeature.INFERPROPERTYMUTATORS enabled default, the private backing field is retained; during deserialization...
CVE-2026-54012
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI lets a user who can create, update, or import workspace models store arbitrary meta.knowledge entries on their model without checking whether they own or can read the...
EUVD-2025-210309
Pega Platform versions 8.3.0 through Infinity 25.1.2 are affected by an authorization weakness that may allow authenticated users to access certain additional data via crafted URLs...
CVE-2025-62180
The CVE concerns Pega Platform versions 8.3.0 through Infinity 25.1.2, affected by an authorization weakness that may let authenticated users access additional data via crafted URLs. The vulnerability is described with a high impact on confidentiality (VULNERABLE SYSTEM CONFIDENTIALITY: HIGH) and...
ROS-20260623-73-0015
Vulnerability in Python 3.12 related to the lack of measures taken to clean data at the control level. Exploitation of this vulnerability allows a remote attacker to execute arbitrary commands...
CVE-2026-56425
The Azure Active Directory AAD authentication implementation contained multiple weaknesses in its OAuth 2.0 authorization flow that could allow attackers to bypass important security guarantees provided by the protocol. The application used the PHP session identifier sessionid as the OAuth state...
EUVD-2026-38237
The vulnerability arises when the system fails to properly validate the 'email' field during the authentication process, allowing unverified or fake email addresses to be accepted. This lack of validation enables the creation of user accounts with fake email addresses, facilitating the mass...
PT-2026-51334
Name of the Vulnerable Software and Affected Versions qSnapper versions prior to 1.3.3 Description Lack of authentication when using the snapshot diff functions allows a local attacker to access information that is otherwise read protected. Recommendations Update to version 1.3.3 or later...