Important: bind9.16 security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

Kibana 8.x < 8.19.16 / 9.0.x < 9.3.5 / 9.4.x < 9.4.1 DoS (ESA-2026-32)

The version of Kibana installed on the remote host is prior to 8.19.16, 9.3.5, or 9.4.1. It is, therefore, affected by a vulnerability as referenced in the ESA-2026-32 advisory. - Uncontrolled Resource Consumption CWE-400 in Kibana can lead to a denial of service via Excessive Allocation CAPEC-13...

PT-2026-46885

Summary A low-privilege admin user with user recovery:read ACL can take over any admin account. The attacker triggers password recovery for the victim unauthenticated endpoint, reads the recovery hash from the Admin API search endpoint, then uses the hash to reset the victim's password another...

PT-2026-46852

Summary A low-privilege admin user with user recovery:read ACL can take over any admin account. The attacker triggers password recovery for the victim unauthenticated endpoint, reads the recovery hash from the Admin API search endpoint, then uses the hash to reset the victim's password another...

PT-2026-46892

Summary The Shopware Store API endpoint /store-api/handle-payment contains an object-level authorization flaw that allows a low-privileged external user with a normal customer or guest context to trigger the payment flow for another user’s order by supplying a foreign orderId. The affected...

PT-2026-46865

Unauthenticated Reflected XSS via $ GET'search' in AVideo YouTubeAPI Gallery Pagination Summary A reflected Cross-Site Scripting vulnerability CWE-79 in the AVideo YouTubeAPI plugin allows any unauthenticated attacker to execute arbitrary JavaScript in a victim's browser session when the victim...

CVE-2026-10215

A security vulnerability has been detected in Dolibarr ERP CRM up to 23.0.1. Impacted is the function checkUserAccessToObject of the file htdocs/holiday/class/apiholidays.class.php of the component Leave Request REST API. The manipulation leads to improper authorization. The attack may be initiat...

GHSA-F9RX-7WF7-JR36 Froxlor's API Authentication bypasses 2FA Authentication

Summary Froxlor's API authentication FroxlorRPC::validateAuth does not enforce Two-Factor Authentication. When a user admin or customer enables 2FA on their account, the web UI correctly requires a TOTP code after password verification. However, the API accepts requests authenticated with only an...

Froxlor: BIND Zone File Injection via TXT Record Content

Summary The DomainZones.add API endpoint does not sanitize newline characters in TXT record content. An authenticated customer with DNS editing enabled can inject newlines into TXT record values, which break out of the record line in the generated BIND zone file. This enables injection of arbitra...

EUVD-2026-33988

React Router vulnerable to XSS in unstable RSC redirect handling via javascript: redirect targets...

DRUPAL-CONTRIB-2026-042

This module provides spam protection using the CleanTalk cloud service. The module doesn't sufficiently sanitize API response messages before rendering them in HTML output. The cleantalkdie and ctdie functions output the CleanTalk API response message directly into HTML without proper sanitizatio...

CVE-2026-6657

A vulnerability in jupyter-server versions 1.12.0 through 2.17.0 allows an attacker to bypass CORS origin validation when the alloworiginpat configuration is used. The issue arises from the use of re.match for validating the Origin header, which only anchors at the start of the string. This allow...

CVE-2026-6657 CORS Origin Validation Bypass in jupyter-server

A vulnerability in jupyter-server versions 1.12.0 through 2.17.0 allows an attacker to bypass CORS origin validation when the alloworiginpat configuration is used. The issue arises from the use of re.match for validating the Origin header, which only anchors at the start of the string. This allow...

CVE-2026-5241

A vulnerability in the LightGlue model loading path of huggingface/transformers version 5.2.0 allows an attacker-controlled model repository to execute arbitrary code during model initialization. The issue arises because the trustremotecode parameter, intended to prevent remote code execution, is...

EUVD-2024-55609

An improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in Backup.Repository webapi component in Synology Hyper Backup before 4.1.2-4036 allows remote authenticated users with administrator privileges to write specific files containing non-sensitive informati...

CVE-2024-47263

An improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in Backup.Repository webapi component in Synology Hyper Backup before 4.1.2-4036 allows remote authenticated users with administrator privileges to write specific files containing non-sensitive informati...

Insertion of Sensitive Information Into Sent Data

Overview mlflow is a platform to streamline machine learning development, including tracking experiments, packaging code into reproducible runs, and sharing and deploying models. Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data via the apikey...

Insertion of Sensitive Information Into Sent Data

Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data via the apikey field in gateway secrets, which accepts environment variable references that are resolved against server-side credentials. An attacker can obtain sensitive environment...

CVE-2026-4035 Environment Variable Resolution Vulnerability in mlflow/mlflow

A vulnerability in mlflow/mlflow versions prior to 3.11.0 allows for the resolution of environment variables in AI Gateway secrets, which can be exploited to exfiltrate sensitive server-side environment credentials to an attacker-controlled endpoint. This issue arises because the apikey field in...

Anyscale Ray 2.6.3 and 2.8.0 - Server-Side Request Forgery

The Ray Dashboard API is affected by a Server-Side Request Forgery SSRF vulnerability in the url parameter of the /logproxy API endpoint. The API does not perform sufficient input validation within the affected parameter and any HTTP or HTTPS URLs are accepted as valid. id: CVE-2023-48023 info:...