3317 matches found
CVE-2026-41126
BigBlueButton is an open-source virtual classroom. Versions prior to 3.0.24 have an Open Redirect through bigbluebutton/api/join via get-parameter "logoutURL." Version 3.0.24 has adjusted the handling of requests with incorrect checksum so that the default logoutURL is used. No known workarounds...
PT-2026-34554
Impact HistoryTreeProof::verify panics on a malformed proof where history.len != positions.len due to assert eq!history.len, positions.len. The proof object is derived from untrusted p2p responses ResponseTransactionsProof.proof and is therefore attacker-controlled at the network boundary until...
PT-2026-34543
nimiq-libp2p is a Nimiq network implementation based on libp2p. Prior to version 1.3.0, MessageCodec::read request and read response call read to end on inbound substreams, so a remote peer can send only a partial frame and keep the substream open. because Behaviour::new also sets with max...
CVE-2026-41127
BigBlueButton is an open-source virtual classroom. Versions prior to 3.0.24 have a missing authorization that allows viewers to inject/overwrite captions Version 3.0.24 tightened the permissions on who is able to submit captions. No known workarounds are available...
EUVD-2026-24565
BigBlueButton is an open-source virtual classroom. Versions prior to 3.0.24 have a missing authorization that allows viewers to inject/overwrite captions Version 3.0.24 tightened the permissions on who is able to submit captions. No known workarounds are available...
CVE-2026-41126 BigBlueButton has Open Redirect through bigbluebutton/api/join via get-parameter "logoutURL"
BigBlueButton is an open-source virtual classroom. Versions prior to 3.0.24 have an Open Redirect through bigbluebutton/api/join via get-parameter "logoutURL." Version 3.0.24 has adjusted the handling of requests with incorrect checksum so that the default logoutURL is used. No known workarounds...
CVE-2026-41320
Frappe HR is an open-source human resources management solution HRMS. Prior to versions 15.54.0 and 14.38.1, a specially crafted request made to a certain endpoint could result in SQL injection, allowing an attacker to extract information they wouldn't otherwise be able to. Versions 15.54.0 and...
CVE-2026-41320
Frappe HR (open-source HRMS) has a SQL injection vulnerability affecting versions prior to 15.54.0 and 14.38.1, exploitable via a specially crafted request to a specific endpoint. The root cause is improper input handling leading to information disclosure. A fix is included in versions 15.54.0 an...
CVE-2026-40889
CVE-2026-40889 concerns Frappe HR (HRMS) and describes an Improper Access Control on Files . Before versions 15.58.2 and 16.4.2 , authenticated users could access files they should not be able to view by abusing a vulnerable API endpoint. The affected line items indicate that the vulnerability re...
PT-2026-34217
Name of the Vulnerable Software and Affected Versions BigBlueButton versions prior to 3.0.24 Description An open redirect exists in the 'bigbluebutton/api/join' endpoint through the logoutURL parameter. This occurs when requests with incorrect checksums are handled improperly, allowing a redirect...
PT-2026-34218
Name of the Vulnerable Software and Affected Versions BigBlueButton versions prior to 3.0.24 Description A missing authorization allows viewers to inject or overwrite captions. Recommendations Update to version 3.0.24...
PT-2026-33539
Name of the Vulnerable Software and Affected Versions libgphoto2 versions prior to 2.5.34 Description An out of bound read occurs in the ptp unpack EOS FocusInfoEx function when processing input from untrusted USB devices, which can lead to a crash of the library. Recommendations Update to a...
Security Bulletin: IBM SOAR QRadar Plugin App is vulnerable to using components with known vulnerabilities
Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM SOAR QRadar Plugin App has addressed the applicable CVEs with an update. Vulnerability Details CVEID:CVE-2026-24049 DESCRIPTION: wheel is a command line tool...
Cisco ThousandEyes Enterprise Agent Arbitrary File Overwrite Vulnerability
A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent could allow an authenticated, local attacker with low privileges to overwrite arbitrary files on the local system of an affected device. This vulnerability is due to improper access controls on files that are on the local file syst...
CVE-2026-24907 October CMS has Stored XSS via Event Log Mail Preview
October is a Content Management System CMS and web platform. Versions prior to 3.7.14 and 4.1.10 contain a stored cross-site scripting XSS vulnerability in the Event Log mail preview feature. When viewing logged mail messages, HTML content was rendered in an iframe without proper sandboxing,...
AsyncHttpClient leaks authorization credentials to untrusted domains on cross-origin redirects
Impact When redirect following is enabled followRedirecttrue, AsyncHttpClient forwards Authorization and Proxy-Authorization headers along with Realm credentials to arbitrary redirect targets regardless of domain, scheme, or port changes. This leaks credentials on cross-domain redirects and...
LiteLLM: Authentication bypass via OIDC userinfo cache key collision
Impact When JWT authentication is enabled enablejwtauth: true, the OIDC userinfo cache uses token:20 as the cache key. JWT headers produced by the same signing algorithm generate identical first 20 characters. This configuration option is not enabled by default. Most instances are not affected. A...
Go JOSE Panics in JWE decryption
Impact Decrypting a JSON Web Encryption JWE object will panic if the alg field indicates a key wrapping algorithm one ending in KW, with the exception of A128GCMKW, A192GCMKW, and A256GCMKW and the encryptedkey field is empty. The panic happens when cipher.KeyUnwrap in keywrap.go attempts to...
Cisco Integrated Management Controller Command Injection and Remote Code Execution Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Integrated Management Controller IMC could allow an authenticated, remote attacker to execute arbitrary code or commands on the underlying operating system of an affected system and elevate privileges to root. For more...
Block the Prompt, Not the Work: The End of "Doctor No"
There is a character that keeps appearing in enterprise security departments, and most CISOs know exactly who that is. It doesn’t build. It doesn’t enable. Its entire function is to say "No." No to ChatGPT. No to DeepSeek. No to the file-sharing tool the product team swears by. For years, this...