CVE-2026-39820 vulnerabilities

Vulnerabilities for packages: nerdctl, argo-events, metrics-server, cilium-certgen, gatekeeper, containerd, kubevela, libnvidia-container, coredns, aactl, nats, tkn, knative-serving, kpt, act, kube-fluentd-operator, mattermost, teleport, dask-gateway, cluster-api, skopeo, cloud-provider-azure,...

CVE-2026-42501 vulnerabilities

Vulnerabilities for packages: nerdctl, argo-events, metrics-server, octo-sts, cilium-certgen, karma, gatekeeper, pdfcpu, containerd, kubevela, libnvidia-container, coredns, kubernetes-csi-external-snapshotter, apache-exporter, minify, hivemind, node-problem-detector, sftpgo-plugin-geoipfilter,...

PT-2026-39406

Plainpad is a self hosted note taking app. Prior to version 1.1.1, Plainpad allows a low-privilege authenticated user to self-escalate to administrator by submitting admin=true in PUT /api.php/v1/users/id. The endpoint directly persists the admin attribute from user input, and the escalated accou...

Important: java-21-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalV...

Important: java-17-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalV...

Kirby 安全漏洞

Kirby is a set of open-source content management systems based on files. Versions of Kirby prior to 4.9.0 and 5.4.0 have security vulnerabilities. These vulnerabilities stem from insufficient checks for consistency in permissions for functions like Panel and REST API’s pages.access/list and...

CVE-2026-41432

New API is a large language mode LLM gateway and artificial intelligence AI asset management system. Prior to version 0.12.10, a vulnerability exists in the Stripe webhook handler that allows an unauthenticated attacker to forge webhook events and credit arbitrary quota to their account without...

free5GC's SMF UPI management interface lacks auth middleware; unauthenticated topology read/write requests reach handlers

Summary free5GC's SMF mounts the UPI management route group without OAuth2/bearer-token authorization middleware. A network attacker who can reach SMF on the SBI can hit UPI endpoints with no Authorization header at all, and the requests reach the SMF business handlers. In the running Docker lab...

GHSA-3P28-73Q7-45XP free5GC's NEF 3gpp-traffic-influence API is unauthenticated; missing or forged bearer tokens can create, read, patch, and delete subscriptions

Summary free5GC's NEF mounts the 3gpp-traffic-influence API without inbound OAuth2/bearer-token authorization. A network attacker who can reach NEF on the SBI can create, read, patch, and delete traffic-influence subscriptions either with no Authorization header at all, or with a forged bearer...

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization in the 3gpp-traffic-influence API route group, which lacks inbound authorization checks. An attacker can create, read, modify, or delete traffic-influence subscriptions by sending unauthenticated or forged requests...

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization in the 3gpp-traffic-influence API route group, which lacks inbound authorization checks. An attacker can create, read, modify, or delete traffic-influence subscriptions by sending unauthenticated or forged requests...

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization via the 3gpp-pfd-management API. An attacker can create, read, and delete transaction state by sending requests with forged or arbitrary bearer tokens, even if the service is not declared in the configuration...

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization via the 3gpp-pfd-management API. An attacker can create, read, and delete transaction state by sending requests with forged or arbitrary bearer tokens, even if the service is not declared in the configuration...

GHSA-4VG5-RP28-GVJF Open WebUI has Improper Authorization Control

CONFIDENTIAL Vulnerability Disclosure Analysis Documentation --- Vulnerability Details | | Field | Value | |---|-------|-------| | 1 | Discoverer | Taylor Pennington of KoreLogic, Inc. | | 2 | Date Submitted | June 11, 2024 | | 3 | Title | Open WebUI Improper Authorization Control | | 5 | Affecte...

Open WebUI has Improper Authorization Control

CONFIDENTIAL Vulnerability Disclosure Analysis Documentation --- Vulnerability Details | | Field | Value | |---|-------|-------| | 1 | Discoverer | Taylor Pennington of KoreLogic, Inc. | | 2 | Date Submitted | June 11, 2024 | | 3 | Title | Open WebUI Improper Authorization Control | | 5 | Affecte...

CVE-2026-42352

pygeoapi is vulnerable to SSRF via the OGC API - Process execution path in versions 0.23.0 up to 0.23.3. The issue arises from the subscriber object enabling requests to internal HTTP services. It has been patched in version 0.23.3. Affected releases include 0.23.0–0.23.2, with fixes in 0.23.3. M...

CVE-2026-42352 pygeoapi 0.23.x: Unauthenticated SSRF via OGC API - Processes Subscriber

pygeoapi is a Python server implementation of the OGC API suite of standards. From version 0.23.0 to before version 0.23.3, OGC API process execution requests can use the subscriber object to requests to internal HTTP services. This issue has been patched in version 0.23.3...

Snipe-IT has Privilege Escalation via API Permissions Assignment

Impact An authenticated user with only users.edit permission can escalate their own privileges to admin by sending a PATCH request to /api/v1/users/id with permissionsadmin=1. The API controller only strips the superuser key from the permissions array, allowing admin and all other permission keys...

CVE-2026-42199

CVE-2026-42199 affects the Rust Grid crate. Versions 0.17.0 through before 1.0.1 contain an integer overflow in Grid::expand_rows() that can break the invariant between logical grid dimensions and backing storage. After the invariant is broken, a safe API call (get) may use get_unchecked() with a...

CVE-2026-42199 Grid: Integer Overflow in Grid::expand_rows Leads to Safe-API Undefined Behavior

Grid is a data structure grid for rust. From version 0.17.0 to before version 1.0.1, an integer overflow in Grid::expandrows can corrupt the relationship between the grid’s logical dimensions and its backing storage. After the internal invariant is broken, the safe API get may invoke getunchecked...