IBM Cognos Analytics和IBM Cognos Transformer 跨站脚本漏洞

IBM Cognos Analytics and IBM Cognos Transformer are products of American International Business Machines IBM. IBM Cognos Analytics is a business intelligence software suite. This software includes reports, dashboards, and scorecards, and can assist businesses in adjusting their decisions by...

SourceCodester CET Automated Grading System with AI Predictive Analytics 安全漏洞

SourceCodester CET Automated Grading System with AI Predictive Analytics is an open-source English language assessment system based on artificial intelligence predictive analytics, developed by SourceCodester. Version 1.0 of the SourceCodester CET Automated Grading System with AI Predictive...

SourceCodester CET Automated Grading System with AI Predictive Analytics 安全漏洞

SourceCodester CET Automated Grading System with AI Predictive Analytics is an open-source English language assessment system based on artificial intelligence predictive analytics, developed by SourceCodester. Version 1.0 of the SourceCodester CET Automated Grading System with AI Predictive...

PT-2026-43189

Missing password field masking vulnerability in Hitachi Ops Center Analyzer Hitachi Ops Center Analyzer detail view, Hitachi Ops Center Analyzer probe modules, Hitachi Ops Center Analyzer viewpoint, Hitachi Infrastructure Analytics Advisor Data Center Analytics, Analytics probe modules. This issu...

Hitachi多款产品 安全漏洞

Hitachi Ops Center Analyzer, among others, are products of Hitachi, Ltd., a Japanese company. Hitachi Ops Center Analyzer is a data center management software. Hitachi Infrastructure Analytics Advisor is an IT operations intelligence platform, including Hitachi data center analysis capabilities...

CVE-2026-27357

Missing Authorization vulnerability in Cornel Raiu WP Search Analytics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Search Analytics: from n/a before 1.5.0...

CVE-2026-27357 WordPress WP Search Analytics plugin < 1.5.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Cornel Raiu WP Search Analytics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Search Analytics: from n/a before 1.5.0...

EUVD-2026-31761

Missing Authorization vulnerability in Cornel Raiu WP Search Analytics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Search Analytics: from n/a before 1.5.0...

CVE-2026-27357

Missing Authorization vulnerability in Cornel Raiu WP Search Analytics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Search Analytics: from n/a before 1.5.0...

CVE-2026-27357 WordPress WP Search Analytics plugin < 1.5.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Cornel Raiu WP Search Analytics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Search Analytics: from n/a before 1.5.0...

CVE-2026-27357

CVE-2026-27357 – WordPress WP Search Analytics plugin (

WordPress WP Search Analytics plugin < 1.5.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin WP Search Analytics versions 1.5.0...

WordPress plugin WP Search Analytics 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

PT-2026-43140

Name of the Vulnerable Software and Affected Versions WP Search Analytics versions prior to 1.5.0 Description A missing authorization issue in the plugin allows for the exploitation of incorrectly configured access control security levels, resulting in broken access control. Recommendations Updat...

MAL-2026-4576 Malicious code in hardhat-gas-analytics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 71b0b8dd866d9c1f4516f4e537a2d61ea3cbe87f06b0195a24c0dea76fef44c0 This package typosquats the widely-used hardhat-gas-reporter Hardhat plugin matching its cache filename .hardhatgasreporteroutput.json and replicatin...

MAL-2026-4636 Malicious code in peertube-plugin-google-analytics-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3c66b6ebad55556f956fbc181293327eb4051d2ec6de6436a24d027fac58e580 This PeerTube plugin advertises itself as a Google Analytics integration but its client-side script client/common-client-plugin.js:8 registers a...

CVE-2026-40102 Plane: ORM Field Reference Injection via `segment` Parameter in Saved Analytics

Plane is an open-source project management tool. In versions 1.3.0 and below, SavedAnalyticEndpoint passes the user-controlled segment query parameter directly to a Django F expression without validation unlike the regular AnalyticsEndpoint, which checks against an allowlist, causing ORM Field...

CVE-2026-40102

The CVE concerns Plane, an open-source project management tool. In versions ≤1.3.0, SavedAnalyticEndpoint accepts a user-controlled segment value and forwards it to a Django F() expression without validation, causing ORM Field Reference Injection. An authenticated workspace MEMBER can call GET /a...

CVE-2026-40102 Plane: ORM Field Reference Injection via `segment` Parameter in Saved Analytics

Plane is an open-source project management tool. In versions 1.3.0 and below, SavedAnalyticEndpoint passes the user-controlled segment query parameter directly to a Django F expression without validation unlike the regular AnalyticsEndpoint, which checks against an allowlist, causing ORM Field...

Exploit for CVE-2026-8181

CVE-2026-8181 Burst Statistics | Authentication Bypass to Admi...