CVE-2026-32273

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, updating a category description via API is not sanitizing the description string, which can lead to XSS attacks. This issu...

CVE-2026-32273 Discourse: XSS on category description update via API

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, updating a category description via API is not sanitizing the description string, which can lead to XSS attacks. This issu...

CVE-2026-33073

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, the discourse-subscriptions plugin leaks stripe API keys across sites in a multisite cluster resulting in the potential fo...

CVE-2026-5205

A vulnerability was identified in chatwoot up to 4.11.2. Affected by this vulnerability is the function Webhooks::Trigger in the library lib/webhooks/trigger.rb of the component Webhook API. Such manipulation of the argument url leads to server-side request forgery. The attack can be launched...

CVE-2026-34361 HAPI FHIR: Unauthenticated SSRF via /loadIG Chains with startsWith() Credential Leak for Authentication Token Theft

HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java. Prior to version 6.9.4, the FHIR Validator HTTP service exposes an unauthenticated "/loadIG" endpoint that makes outbound HTTP requests to attacker-controlled URLs. Combined with a startsWith...

CVE-2026-5205

The CVE-2026-5205 vulnerability affects chatwoot up to version 4.11.2, specifically the Webhooks::Trigger function in lib/webhooks/trigger.rb of the Webhook API. The root cause is manipulation of the argument url, enabling server-side request forgery (SSRF). The issue is exploitable remotely, wit...

CVE-2026-5205 chatwoot Webhook API trigger.rb Trigger server-side request forgery

A vulnerability was identified in chatwoot up to 4.11.2. Affected by this vulnerability is the function Webhooks::Trigger in the library lib/webhooks/trigger.rb of the component Webhook API. Such manipulation of the argument url leads to server-side request forgery. The attack can be launched...

CVE-2026-5205 chatwoot Webhook API trigger.rb Trigger server-side request forgery

A vulnerability was identified in chatwoot up to 4.11.2. Affected by this vulnerability is the function Webhooks::Trigger in the library lib/webhooks/trigger.rb of the component Webhook API. Such manipulation of the argument url leads to server-side request forgery. The attack can be launched...

CVE-2026-22561

CVE-2026-22561 concerns Anthropic Claude for Windows installer (Claude Setup.exe). The vulnerability arises from Uncontrolled search path elements, where the installer loads DLLs (e.g., profapi.dll) from its own directory after UAC elevation, enabling local privilege escalation via DLL search-ord...

CVE-2026-34373

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.66 and 9.7.0-alpha.10, the GraphQL API endpoint does not respect the allowOrigin server option and unconditionally allows cross-origin requests from any website. This...

CVE-2026-34373

Parse Server’s GraphQL API endpoint prior to versions 8.6.66 and 9.7.0-alpha.10 does not respect the allowOrigin setting, unconditionally allowing cross-origin requests from any website and bypassing configured origin restrictions. The REST API enforces allowOrigin correctly. A fix is available i...

CVE-2026-34373 Parse Server: GraphQL API endpoint ignores CORS origin restriction

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.66 and 9.7.0-alpha.10, the GraphQL API endpoint does not respect the allowOrigin server option and unconditionally allows cross-origin requests from any website. This...

CVE-2026-34162 FastGPT: Unauthenticated SSRF via httpTools Endpoint Leads to Internal API Key Theft

FastGPT is an AI Agent building platform. Prior to version 4.14.9.5, the FastGPT HTTP tools testing endpoint /api/core/app/httpTools/runTool is exposed without any authentication. This endpoint acts as a full HTTP proxy — it accepts a user-supplied baseUrl, toolPath, HTTP method, custom headers,...

CVE-2026-4399

Prompt injection vulnerability in 1millionbot Millie chatbot that occurs when a user manages to evade chat restrictions using Boolean prompt injection techniques formulating a question in such a way that, upon receiving an affirmative response 'true', the model executes the injected instruction,...

CVE-2026-4400

Insecure Direct Object Reference IDOR vulnerability in 1millionbot Millie chat that allows private conversations of other users being viewed by simply changing the conversation ID. The vulnerability is present in the endpoint 'api.1millionbot.com/api/public/conversations/' and, if exploited, coul...

Important: Red Hat Security Advisory: Red Hat OpenShift API for Data Protection

A new version of OpenShift API for Data Protection OADP is now available. OpenShift API for Data Protection OADP enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and...

Incorrect Authorization

Overview baserproject/basercms is a Content management system based on CakePHP. Affected versions of this package are vulnerable to Incorrect Authorization via the mail submission API. An attacker can submit unauthorized mail form entries by sending requests to the public API endpoint, even when...

Directory Traversal

Overview baserproject/basercms is a Content management system based on CakePHP. Affected versions of this package are vulnerable to Directory Traversal via the theme file management API when an authenticated administrator supplies crafted input to the path parameter. An attacker can write arbitra...

CVE-2026-4020

The Gravity SMTP plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.1.4. This is due to a REST API endpoint registered at /wp-json/gravitysmtp/v1/tests/mock-data with a permissioncallback that unconditionally returns true, allowing any...

CVE-2026-4020 Gravity SMTP <= 2.1.4 - Unauthenticated Sensitive Information Exposure via REST API

The Gravity SMTP plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.1.4. This is due to a REST API endpoint registered at /wp-json/gravitysmtp/v1/tests/mock-data with a permissioncallback that unconditionally returns true, allowing any...