3321 matches found
Cacti 1.2.24 - SQL Injection
Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a SQL injection discovered in graphview.php. Since guest users can access graphview.php without authentication by default, if guest users are being utilized in an enabled state, there...
PYSEC-2026-2004 vantage6's CORS settings overly permissive
Impact The vantage6 server has no restrictions on CORS settings. It should be possible for people to set the allowed origins of the server. The impact is limited because v6 does not use session cookies Patches No Workarounds No...
CVE-2026-53644
FOSSBilling is a free, open-source billing and client management system. Versions 0.5.3 through 0.7.2 allow authenticated clients to both read and reset API key service secrets for orders that are no longer in an active state e.g., suspended, canceled. The root cause is missing order-state...
CVE-2026-53641
FOSSBilling is a free, open-source billing and client management system. Versions 0.6.0 through 0.7.2 have a stored cross-site scripting XSS vulnerability in the client-facing email history views of FOSSBilling. Email HTML content contenthtml is rendered into a JavaScript template literal using t...
CVE-2026-43927
FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, a race condition in the cart checkout flow allows an authenticated client to apply a promo code beyond its configured maximum uses. By sending concurrent checkout requests before any single request...
CVE-2026-43927
FOSSBilling has a race-condition vulnerability in the cart checkout flow that, before version 0.8.0, lets an authenticated user apply promo codes beyond their maxuses by sending concurrent checkout requests before usage increments complete. This can enable unlimited discounts or free orders from ...
PT-2026-56033
Name of the Vulnerable Software and Affected Versions FOSSBilling versions prior to 0.8.0 Description Low-privileged staff accounts can read sensitive data through admin API endpoints that lack proper permission checks. Although write endpoints enforce fine-grained permissions, the corresponding...
PT-2026-56007
Name of the Vulnerable Software and Affected Versions FOSSBilling versions 0.6.0 through 0.7.2 Description A SQL injection issue exists in the Massmailer module filter functionality. An authenticated administrator can provide crafted filter values during the update of a mass email message, which...
PT-2026-55959
Name of the Vulnerable Software and Affected Versions OP-TEE versions 3.10.0 through 4.10.x Description OP-TEE is a Trusted Execution Environment TEE designed as a companion to a non-secure Linux kernel running on Arm Cortex-A cores using TrustZone technology. An unbounded recursion can cause the...
ClamAV Vulnerabilities Affecting Cisco Products: July 2026
Multiple vulnerabilities in ClamAV could allow a remote attacker to cause a denial of service DoS condition, interrupting scanning operations. For more information about these vulnerabilities, see the Details "details" section of this advisory. For additional information on these vulnerabilities ...
GHSA-H3JJ-5F3V-3685 n8n: Public API Execution Retry Authorization Bypass
Impact The Public API endpoint for retrying executions authorized access using workflow:read rather than workflow:execute. An authenticated user with read-only access to a shared workflow could use the Public API to retry executions of that workflow, bypassing the intended permission boundary...
PT-2026-49579
Name of the Vulnerable Software and Affected Versions Electron versions 42.3.1 through 42.3.2 Description Incorrect byte length calculations in the Node.js Buffer API cause heap underflow or overflow, which can lead to memory corruption or application crashes. This issue may result in incorrect...
PT-2026-48683
Impact Element Call versions 0.5.17 through 0.19.3 report analytics data to a PostHog server, when configured to by a posthog key in config.json or by the posthogApiHost and posthogApiKey URL parameters. Several fields of this data $initial person info, $session entry url, and $current url were...
GHSA-QVV5-JQ5G-4CGG Baileys has message upsert / hist sync spoofing and app state corruption when using maliciously crafted protocolMessage payload
Impact Any baileys session under the latest version false in socket config. There are no workarounds for the app state sync jamming...
Puma PROXY Protocol v1 Accepts Repeated Protocol Headers on Persistent Connections
Impact Puma is vulnerable to source IP spoofing when setremoteaddress proxyprotocol: :v1 is enabled and persistent connections are used. PROXY protocol v1 is a connection-level protocol. Support was added to Puma in v5.5.0. A proxy sends one PROXY header at the beginning of a TCP connection, befo...
CVE-2026-41126
BigBlueButton is an open-source virtual classroom. Versions prior to 3.0.24 have an Open Redirect through bigbluebutton/api/join via get-parameter "logoutURL." Version 3.0.24 has adjusted the handling of requests with incorrect checksum so that the default logoutURL is used. No known workarounds...
CVE-2026-41320
Frappe HR is an open-source human resources management solution HRMS. Prior to versions 15.54.0 and 14.38.1, a specially crafted request made to a certain endpoint could result in SQL injection, allowing an attacker to extract information they wouldn't otherwise be able to. Versions 15.54.0 and...
CVE-2026-24907
October is a Content Management System CMS and web platform. Versions prior to 3.7.14 and 4.1.10 contain a stored cross-site scripting XSS vulnerability in the Event Log mail preview feature. When viewing logged mail messages, HTML content was rendered in an iframe without proper sandboxing,...
Cisco Finesse Remote File Inclusion Vulnerability
A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to load arbitrary files from remote locations into an active user session on an affected device, possibly leading to browser-based attacks. This vulnerability is due to insufficient validation of user-supplied input...
stigmem-node's Postgres schema identifier handling required defensive quoting
Impact Postgres backend schema identifiers were interpolated into SQL strings. In the reviewed code path the schema value is operator-controlled, but the pattern was unsafe if future call sites allowed tenant or request-controlled schema names. Impacted users are operators using the Postgres...