PT-2026-22052

Socomec DIRIS A-40 HTTP API Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Socomec DIRIS A-40 power monitoring devices. Authentication is not required to exploit this vulnerability. The specific flaw...

📄 FUX 1.2.8 Authentication Bypass / Remote Command Execution

This Python exploit targets CVE-2025-69985, an authentication bypass in FUXA web-based SCADA/HMI software that allows access to the protected /api/runscript endpoint even when authentication is enabled. By sending a crafted JavaScript payload using childprocess.execSync, it achieves full remote...

PT-2026-21966

Name of the Vulnerable Software and Affected Versions Angular SSR versions prior to 21.2.0-rc.1, 21.1.5, 20.3.17, and 19.2.21 Description Angular SSR, a server-side rendering tool for Angular applications, contains a Server-Side Request Forgery SSRF issue in its request handling pipeline. The...

PT-2026-36799

Name of the Vulnerable Software and Affected Versions Ollama versions prior to 0.17.1 Description A heap out-of-bounds read issue exists in the GGUF model loader. This occurs during quantization within the WriteTo function in fs/ggml/gguf.go and server/quantization.go when the server processes a...

Sz-Admin 安全漏洞

Sz-Admin is a mid-tier management software developed by INS6+ individuals. Versions of Sz-Admin such as 1.3.2-beta and earlier contained security vulnerabilities. These vulnerabilities stemmed from incorrect handling of the parameter userId in files/api/admin/sys-user/reset/password/, which could...

PT-2026-21957

Name of the Vulnerable Software and Affected Versions Cisco Catalyst SD-WAN Manager affected versions not specified Description Insufficient file system access restrictions could allow an unauthenticated remote attacker to view sensitive information on the underlying operating system. Exploitatio...

OpenEMR 安全漏洞

OpenEMR is a set of open-source medical management systems developed by the OpenEMR community. This system can be used for medical practice management, electronic medical records, prescription writing, and medical billing applications. Versions of OpenEMR prior to 8.0.0 contained security...

PT-2026-21953

Name of the Vulnerable Software and Affected Versions Cisco Catalyst SD-WAN Manager affected versions not specified Description A flaw exists in Cisco Catalyst SD-WAN Manager that could allow an authenticated, local attacker with low privileges to gain root privileges on the underlying operating...

Parse Dashboard 跨站请求伪造漏洞

Parse Dashboard is an dashboard tool open source by the Parse Platform. Versions of Parse Dashboard from 7.3.0-alpha.42 to 9.0.0-alpha.7 have a cross-site request forgeing vulnerability. This vulnerability stems from the lack of CSRF protection on the AI Agent API endpoints, which may allow...

PT-2026-21907

A vulnerability was found in feiyuchuixue sz-boot-parent up to 1.3.2-beta. Affected is an unknown function of the file /api/admin/sys-message/ of the component API Endpoint. The manipulation of the argument messageId results in authorization bypass. The attack can be launched remotely. The exploi...

dagu 路径遍历漏洞

Dagu is a workflow engine developed under open source by Dagu Workflow Engine. Versions of Dagu 1.16.7 and earlier contained a path traversal vulnerability. This vulnerability stemmed from the CreateNewDAG API endpoint not verifying the DAG name properly. As a result, authenticated users could...

OpenEMR 安全漏洞

OpenEMR is a set of open-source medical management systems developed by the OpenEMR community. This system can be used for medical practice management, electronic medical records, prescription writing, and medical billing applications. Versions of OpenEMR prior to 8.0.0 contained security...

PT-2026-22057

Name of the Vulnerable Software and Affected Versions Mailpit versions prior to 1.29.2 Description Mailpit is an email testing tool and API for developers. A Server-Side Request Forgery SSRF issue exists in the Link Check API. This allows unauthenticated remote attackers to map internal networks...

GitLab 安全漏洞

GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD continuous integration and delivery. Security vulnerabilities exist in versions of GitLab before 18.7.5,...

Dagu: Path traversal in DAG creation allows arbitrary YAML file write outside DAGs directory

The CreateNewDAG API endpoint POST /api/v1/dags does not validate the DAG name before passing it to the file store. While RenameDAG calls core.ValidateDAGName to reject names containing path separators line 273 in dags.go, CreateNewDAG skips this validation entirely and passes user input directly...

Cross-site Request Forgery (CSRF)

Overview Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF through the adminLoad.handleLoad process. An attacker can modify the running configuration and alter server behavior by sending cross-origin requests to the local admin API when origin enforcement is not...

Cross-site Request Forgery (CSRF)

Overview Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF through the adminLoad.handleLoad process. An attacker can modify the running configuration and alter server behavior by sending cross-origin requests to the local admin API when origin enforcement is not...

Cross-site Request Forgery (CSRF)

Overview Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF through the adminLoad.handleLoad process. An attacker can modify the running configuration and alter server behavior by sending cross-origin requests to the local admin API when origin enforcement is not...

GHSA-879P-475X-RQH2 Caddy is vulnerable to cross-origin config application via local admin API /load

commit: e0f8d9b2047af417d8faf354b675941f3dac9891 as-of 2026-02-04 channel: GitHub security advisory per SECURITY.md summary The local caddy admin API default listen 127.0.0.1:2019 exposes a state-changing POST /load endpoint that replaces the entire running configuration. When origin enforcement ...

CVE-2026-3105

SummaryThis advisory addresses a SQL injection vulnerability in the API endpoint used for retrieving contact activities. A vulnerability exists in the query construction for the Contact Activity timeline where the parameter responsible for determining the sort direction was not strictly validated...