PT-2026-33395

Name of the Vulnerable Software and Affected Versions WP Statistics versions prior to 14.16.5 Description Stored Cross-Site Scripting occurs due to insufficient input sanitization and output escaping. The referral parser copies the raw value of the 'utm source' parameter into the source name fiel...

Microsoft Windows Admin Center (April 2026)

The Microsoft Windows Admin Center in Azure installed on the remote host is missing a security update. It is, therefore, affected by a vulnerability: - Spoofing vulnerability in Windows Admin Center CVE-2026-32196 Note that Nessus has not tested for this issue but has instead relied only on the...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007458)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007458 advisory. In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: require CAPNETADMIN to attach NGSM0710 ldisc Any unprivileged user can attach NGSM0710...

sms 安全漏洞

SMS is a student performance management system developed by QUERYMINE. SMS has a security vulnerability, which stems from unknown code in the admin/editcourse.php file of the GET Request Parameter Handler component. This code allows for SQL injection attacks on parameter IDs, potentially leading ...

PT-2026-33410

A path traversal vulnerability exists in CubeCart prior to 6.6.0, which may allow a user with an administrative privilege to access higher-level directories that should not be accessible...

AVTECH Room Alert Cleartext Transmission of Sensitive Information (CVE-2024-33471)

An individual with administrative access can change the mail server host within the device. An attacker who has obtained administrative access can update the mail server to an attacker controller IP. When the device attempts to authenticate to the mail server, it will pass the previously configur...

BIT-DJANGO-2026-4277 Privilege abuse in GenericInlineModelAdmin

An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30. Add permissions on inline model instances were not validated on submission of forged POST data in GenericInlineModelAdmin. Earlier, unsupported Django series such as 5.0.x, 4.1.x, and 3.2.x were not evaluated a...

BIT-AUTHENTIK-2024-37905 Improper Access Control and Incorrect Authorization in github.com/goauthentik/authentik

authentik is an open-source Identity Provider that emphasizes flexibility and versatility. Authentik API-Access-Token mechanism can be exploited to gain admin user privileges. A successful exploit of the issue will result in a user gaining full admin access to the Authentik application, including...

BIT-AUTHENTIK-2023-46249 authentik potential installation takeover when default admin user is deleted

authentik is an open-source Identity Provider. Prior to versions 2023.8.4 and 2023.10.2, when the default admin user has been deleted, it is potentially possible for an attacker to set the password of the default admin user without any authentication. authentik uses a blueprint to create the...

BIT-AUTHENTIK-2023-26481 Insufficient user check in FlowTokens by Email stage

authentik is an open-source Identity Provider. Due to an insufficient access check, a recovery flow link that is created by an admin or sent via email by an admin can be used to set the password for any arbitrary user. This attack is only possible if a recovery flow exists, which has both an...

co.luminositylabs.oss.ica.migration:legacy-data-viewer-webapp (=0.2.0), com.aripd:aricom (=1.0) +13 more potentially affected by CVE-2026-41883 via org.omnifaces:omnifaces (>=2.1 <=2.7.1)

org.omnifaces:omnifaces MAVEN version =2.1, =2.2.3, =2.2.3, =2.2.3, =2.2.3, =2.2.3, =1.0.0-RC1, =1.0.0, =0.1, =0.14 Source cves: CVE-2026-41883 Source advisory: OSV:GHSA-VP6R-9M58-5XV8...

Flowise: Weak Default JWT Secrets

Detection Method: Kolega.dev Deep Code Scan | Attribute | Value | |---|---| | Severity | Critical | | Location | packages/server/src/enterprise/middleware/passport/index.ts:29-34 | | Practical Exploitability | High | | Developer Approver | [email protected] | Description JWT secrets have weak...

CVE-2026-34164 Valtimo: Sensitive data exposure through inbox message logging in InboxHandlingService

Valtimo is an open-source business process automation platform. In versions 13.0.0 through 13.21.0, the InboxHandlingService logs the full content of every incoming inbox message at INFO level. Inbox messages can contain highly sensitive information including personal data PII, citizen identifier...

CVE-2026-34164 Valtimo: Sensitive data exposure through inbox message logging in InboxHandlingService

Valtimo is an open-source business process automation platform. In versions 13.0.0 through 13.21.0, the InboxHandlingService logs the full content of every incoming inbox message at INFO level. Inbox messages can contain highly sensitive information including personal data PII, citizen identifier...

CVE-2026-34164

CVE-2026-34164 concerns Valtimo, where the InboxHandlingService logged the full content of incoming inbox messages at INFO level across versions 13.0.0–13.21.0. This exposed sensitive data (PII, BSN, case details) to anyone with log access or admin UI users. The issue was fixed in 13.22.0: the lo...

CVE-2026-34164

Valtimo is an open-source business process automation platform. In versions 13.0.0 through 13.21.0, the InboxHandlingService logs the full content of every incoming inbox message at INFO level. Inbox messages can contain highly sensitive information including personal data PII, citizen identifier...

GHSA-3JPJ-V3XR-5H6G zrok: Broken ownership check in DELETE /api/v2/unaccess allows non-admin to delete global frontend records

Summary The unaccess handler controller/unaccess.go contains a logical error in its ownership guard: when a frontend record has environmentid = NULL the marker for admin-created global frontends, the condition short-circuits to false and allows the deletion to proceed without any ownership...

EUVD-2026-23117

Dgraph: Unauthenticated /debug/pprof/cmdline discloses admin auth token, enabling unauthorized access to protected Alpha admin endpoints...

Dgraph: Unauthenticated /debug/pprof/cmdline discloses admin auth token, enabling unauthorized access to protected Alpha admin endpoints

Summary An unauthenticated debug endpoint in Dgraph Alpha exposes the full process command line, including the configured admin token from --security "token=...". This does not break token validation logic directly; instead, it discloses the credential and enables unauthorized admin-level access ...

GHSA-95MQ-XWJ4-R47P Dgraph: Unauthenticated /debug/pprof/cmdline discloses admin auth token, enabling unauthorized access to protected Alpha admin endpoints

Summary An unauthenticated debug endpoint in Dgraph Alpha exposes the full process command line, including the configured admin token from --security "token=...". This does not break token validation logic directly; instead, it discloses the credential and enables unauthorized admin-level access ...