PT-2026-34195

Name of the Vulnerable Software and Affected Versions Hermes WebUI affected versions not specified Description An arbitrary file deletion issue exists in the '/api/session/delete' endpoint. Authenticated attackers can delete files outside the session directory by providing an absolute path or pat...

PT-2026-36921

Name of the Vulnerable Software and Affected Versions Nginx UI versions 2.0.0 through 2.3.7 Description An unauthenticated network attacker can claim the initial administrator account on a fresh instance during the first-run setup window. The public endpoint "/api/install" is accessible without...

PT-2026-34058

Frappe HR is an open-source human resources management solution HRMS. Prior to versions 15.58.1 and 16.4.1, an authenticated user with default role can access unauthorized information by exploiting certain api endpoint. Versions 15.58.1 and 16.4.1 contain a patch. No known workarounds are availab...

SUSE CVE-2026-31430

In the Linux kernel, the following vulnerability has been resolved: X.509: Fix out-of-bounds access when parsing extensions Leo reports an out-of-bounds access when parsing a certificate with empty Basic Constraints or Key Usage extension because the first byte of the extension is read before...

CVE-2026-35587 Glances IP Plugin has SSRF via public_api that leads to credential leakage

Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.4, a Server-Side Request Forgery SSRF vulnerability exists in the Glances IP plugin due to improper validation of the publicapi configuration parameter. The value of publicapi is used directly in outbound HTTP...

CVE-2026-35587 Glances IP Plugin has SSRF via public_api that leads to credential leakage

Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.4, a Server-Side Request Forgery SSRF vulnerability exists in the Glances IP plugin due to improper validation of the publicapi configuration parameter. The value of publicapi is used directly in outbound HTTP...

CVE-2026-35587

Glances CVE-2026-35587 describes a Server-Side Request Forgery (SSRF) in the IP plugin due to improper validation of the public_api configuration. Before version 4.5.4, the code passes a user-controlled URL directly to the HTTP client (urlopen_auth) without validating scheme, hostname, or destina...

CVE-2026-35587

Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.4, a Server-Side Request Forgery SSRF vulnerability exists in the Glances IP plugin due to improper validation of the publicapi configuration parameter. The value of publicapi is used directly in outbound HTTP...

CVE-2026-35587

Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.4, a Server-Side Request Forgery SSRF vulnerability exists in the Glances IP plugin due to improper validation of the publicapi configuration parameter. The value of publicapi is used directly in outbound HTTP...

CVE-2026-34839 Glances Vulnerable to Cross-Origin Information Disclosure via Unauthenticated REST API (/api/4) due to Permissive CORS

Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.4, the Glances web server exposes a REST API /api/4/ that is accessible without authentication and allows cross-origin requests from any origin due to a permissive CORS policy Access-Control-Allow-Origin: . This...

CVE-2026-34082 Dify has IDOR in deleting someone else's chat conversation

Dify is an open-source LLM app development platform. Prior to 1.13.1, the method DELETE /console/api/installed-apps//conversations/ has poor authorization checking and allows any Dify-authenticated user to delete someone else's chat history. Version 1.13.1 patches the issue...

CVE-2026-33031 Nginx-UI: Disabled users retain full API access through previously issued bearer tokens

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.4, a user who was disabled by an administrator can use previously issued API tokens for up to the token lifetime. In practice, disabling a compromised account does not actually terminate that user’s access, so an...

CVE-2026-33031

The CVE concerns Nginx UI prior to version 2.3.4 . A user disabled by an administrator can continue using previously issued API tokens for up to the token lifetime, allowing continued access to reading/modifying protected resources after disable. Tokens can create new accounts, so the disabled us...

CVE-2026-33031

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.4, a user who was disabled by an administrator can use previously issued API tokens for up to the token lifetime. In practice, disabling a compromised account does not actually terminate that user’s access, so an...

@alialf/cc-switch (>=1.0.0 <=1.0.1), codex-copilot-dx (>=0.1.0 <=0.1.6) potentially affected by CVE-2026-6662 via copilot-api (=0.7.0)

copilot-api NPM version =0.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on copilot-api and may be impacted: - @alialf/cc-switch =1.0.0, =0.1.0, =0.1.6 Source cves: CVE-2026-6662 Source advisory: SNYK:JS-COPILOTAPI-16636640...

EUVD-2026-23939

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. Versions prior to 0.24.11 have a remotely triggerable heap buffer overflow in the uriparamparse function of NanoMQ's REST API. The vulnerability occurs due to an off-by-one error when allocating memory for query parameter keys an...

CVE-2026-32135

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. Versions prior to 0.24.11 have a remotely triggerable heap buffer overflow in the uriparamparse function of NanoMQ's REST API. The vulnerability occurs due to an off-by-one error when allocating memory for query parameter keys an...

CVE-2026-40486

Kimai is an open-source time tracking application. In versions 2.52.0 and below, the User Preferences API endpoint PATCH /api/users/id/preferences applies submitted preference values without checking the isEnabled flag on preference objects. Although the hourlyrate and internalrate fields are...

CVE-2026-40258

The Gramps Web API is a Python REST API for the genealogical research software Gramps. Versions 1.6.0 through 3.11.0 have a path traversal vulnerability Zip Slip in the media archive import feature. An authenticated user with owner-level privileges can craft a malicious ZIP file with...

CVE-2026-40196

HomeBox is a home inventory and organization system. Versions prior to 0.25.0 contain a vulnerability where the defaultGroup ID remained permanently assigned to a user after being invited to a group, even after their access to that group was revoked. While the web interface correctly enforced the...