CVE-2026-40089

Sonicverse is a Self-hosted Docker Compose stack for live radio streaming. The Sonicverse Radio Audio Streaming Stack dashboard contains a Server-Side Request Forgery SSRF vulnerability in its API client apps/dashboard/lib/api.ts. Installations created using the provided install.sh script includi...

CVE-2026-33736

Chamilo LMS is a learning management system. Prior to 2.0.0-RC.3, any authenticated user including ROLESTUDENT can enumerate all platform users and access personal information email, phone, roles via GET /api/users, including administrator accounts. This vulnerability is fixed in 2.0.0-RC.3...

CVE-2026-40168

Postiz is an AI social media scheduling tool. Prior to 2.21.5, the /api/public/stream endpoint is vulnerable to SSRF. Although the application validates the initially supplied URL and blocks direct private/internal hosts, it does not re-validate the final destination after HTTP redirects. As a...

Improper Removal of Sensitive Information Before Storage or Transfer

Overview Affected versions of this package are vulnerable to Improper Removal of Sensitive Information Before Storage or Transfer in the cross-domain redirects that do not strip custom authentication headers such as X-API-Key, X-Auth-Token, Api-Key, Token. An attacker can obtain sensitive...

com.akamai.edgegrid:edgegrid-signer-async-http-client (>=6.0.1 <=6.0.3-rc.1), com.arpnetworking.metrics:mad-experimental (>=1.2.4 <=1.2.11) +66 more potentially affected by CVE-2026-40490 via org.asynchttpclient:async-http-client (>=3.0.0.Beta1 <=3.0.7)

org.asynchttpclient:async-http-client MAVEN version =3.0.0.Beta1, =6.0.1, =1.2.4, =1.22.5, =1.13.8, =1.1.0, =0.4.8, =0.4.8, =0.4.8, =1.17.0, =1.17.0, =1.17.0, =0.5.0, =2.7.3, =218.0.0, =14.5.0, =16.0.0 and more Source cves: CVE-2026-40490 Source advisory: OSV:GHSA-CMXV-58FP-FM3G...

GHSA-RH42-6RJ2-XWMC Kimai leaks API Token Hash via Invoice Twig Template

Summary The Twig sandbox used for invoice templates blocks certain sensitive User methods password, TOTP secret, etc. via a blocklist in StrictPolicy::checkMethodAllowed. However, getApiToken and getPlainApiToken are not on the blocklist. An admin who creates an invoice template can embed calls t...

Kimai leaks API Token Hash via Invoice Twig Template

Summary The Twig sandbox used for invoice templates blocks certain sensitive User methods password, TOTP secret, etc. via a blocklist in StrictPolicy::checkMethodAllowed. However, getApiToken and getPlainApiToken are not on the blocklist. An admin who creates an invoice template can embed calls t...

USN-8148-6: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Netfilter; - Network traffic control; CVE-2026-23060, CVE-2026-23074, CVE-2026-23111...

USN-8148-6 linux-azure, linux-azure-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Netfilter; - Network traffic control; CVE-2026-23060, CVE-2026-23074, CVE-2026-23111...

USN-8149-3 linux-azure, linux-azure-6.17 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Netfilter; - Network traffic control; CVE-2026-23060, CVE-2026-23074, CVE-2026-23111...

PT-2026-32686

Name of the Vulnerable Software and Affected Versions Snipe-IT version 8.4.0 Description Improper authorization in the '/api/v1/users/id' endpoint allows authenticated attackers with the users.edit permission to modify sensitive authentication and account-state fields of other non-admin users by...

Snipe-IT 安全漏洞

Snipe-IT is a set of open-source IT asset/license management systems developed by Grokability. Version Snipe-IT v8.4.0 contains a security vulnerability. This vulnerability stems from the improper authorization in the/api/v1/users/id endpoint, which may allow authenticated attackers with the...

Microsoft Windows Ancillary Function Driver for WinSock 资源管理错误漏洞

The Microsoft Windows Ancillary Function Driver for WinSock is a compatibility driver developed by Microsoft for Winsock. There is a resource management vulnerability present in the Microsoft Windows Ancillary Function Driver for WinSock. Attackers can exploit this vulnerability to gain elevated...

PT-2026-32584

MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain a Stored Cross-Site Scripting XSS vulnerability that allows authenticated users to inject arbitrary HTML and JavaScript into the Application prologue Opening Remarks field by wrapping malicious payloads in tags...

PT-2026-33235

Name of the Vulnerable Software and Affected Versions @vendure/core versions prior to 2.3.4 @vendure/core versions 3.0.0 through 3.5.6 @vendure/core versions 3.6.0 through 3.6.1 Description An unauthenticated SQL injection exists in the Shop API and an authenticated SQL injection exists in the...

PT-2026-32939

Chamilo LMS is an open-source learning management system. In versions prior to 2.0.0-RC.3, an insecure direct object modification vulnerability in the PUT /api/users/id endpoint allows any authenticated user with ROLE STUDENT to escalate their privileges to ROLE ADMIN by modifying the roles field...

Fortinet FortiManager sqli (FG-IR-26-111)

The version of FortiManager installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-111 advisory. - An improper neutralization of special elements used in an sql command 'sql injection' vulnerability in Fortinet...

[SECURITY] Fedora 44 Update: OpenImageIO2.5-2.5.19.1-10.fc44

OpenImageIO is a library for reading and writing images, and a bunch of relat ed classes, utilities, and applications. Main features include: - Extremely simple but powerful ImageInput and ImageOutput APIs for reading a nd writing 2D images that is format agnostic. - Format plugins for TIFF,...

CVE-2026-6215

A weakness has been identified in DbGate up to 7.1.4. The impacted element is the function apiServerUrl1 of the file packages/rest/src/openApiDriver.ts of the component REST/GraphQL. This manipulation causes server-side request forgery. The attack may be initiated remotely. The exploit has been...

CoinMate.io: HMAC signature verification omits endpoint and payload allowing request forgery on CoinMate API

A vulnerability was discovered in the HMAC signature verification process of the CoinMate API. The signature was calculated using only the nonce, client ID, and public key, omitting the HTTP endpoint and request payload. This allowed an attacker to hijack a valid signature intended for a read-onl...