PT-2026-41827

The Fortis for WooCommerce WordPress plugin before 1.3.1 may leak sensitive API keys to unauthenticated attackers, allowing them to query Fortis' API and retrieve sensitive customer information, like past orders, PII, etc...

Apple macOS 安全漏洞

Apple macOS is a specialized operating system developed by Apple for Mac computers. Apple macOS has a security vulnerability that can be exploited by attackers to cause applications to access sensitive user data...

CVE-2025-70829

An information exposure vulnerability in Datart v1.0.0-rc.3 allows authenticated attackers to access sensitive data via a custom H2 JDBC connection string...

Huawei HarmonyOS Memo Module Privilege Control Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A privilege control vulnerability exists in the Huawei HarmonyOS memo module, which can be exploited by an attacker to compromise confidentiality...

CVE-2025-41337 Missing Authorization vulnerability in CanalDenuncia.app

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameter 'web' in '/backend/api/buscarSSOParametros.php'...

CVE-2025-41336 Missing Authorization vulnerability in CanalDenuncia.app

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameter 'web' in '/backend/api/buscarConfiguracionParametros.php'...

Apple macOS Tahoe Privilege Mismanagement Vulnerability

Apple macOS Tahoe is the 26th major release of Apple's macOS operating system, which was released on June 10, 2025, and features a new "Liquid Glass" visual design that significantly optimizes interface aesthetics, feature integration, and cross-device collaboration. The 26th major version of the...

Google Android Information Disclosure Vulnerability (CNVD-2025-19997)

Google Android is a Linux-based open source operating system from Google. Google Android has an information disclosure vulnerability that can be exploited by attackers to obtain sensitive information...

CVE-2024-49827 IBM Concert Software information disclosure

IBM Concert Software 1.0.0 through 1.1.0 is vulnerable to excessive data exposure, allowing attackers to access sensitive information without proper filtering...

CVE-2025-21014

Improper export of android application component in Emergency SoS prior to SMR Aug-2025 Release 1 allows local attackers to access sensitive information...

Apple macOS Sequoia 安全漏洞

Apple macOS Sequoia is an operating system from the American company Apple Apple. A security vulnerability exists in Apple macOS Sequoia versions prior to 15.6, which can be exploited by attackers to access sensitive user data...

IBM Concert 加密问题漏洞

IBM Concert Software is a new tool from International Business Machines IBM Inc. that uses generative AI to help manage complex cloud-native applications. IBM Concert Software suffers from a cryptographic issue vulnerability that stems from the use of weak encryption algorithms, which could be...

Microsoft Outlook for Android 信息泄露漏洞

Microsoft Outlook for Android is an email application from Microsoft Corporation USA for the Android platform. An information disclosure vulnerability exists in Microsoft Outlook for Android. An attacker exploiting this vulnerability could gain access to sensitive information...

Ivanti Endpoint Manager SQL注入漏洞

Ivanti Endpoint Manager is an enterprise-grade endpoint management solution, mainly used for centralized management of various types of devices including Windows, MacOS, Linux, iOS/Android mobile devices, etc., to achieve unified configuration, security control and remote operation and maintenanc...

Microsoft Copilot Studio 信息泄露漏洞

Microsoft Copilot Studio is an artificial intelligence chatbot from Microsoft Corporation USA. An information disclosure vulnerability exists in Microsoft Copilot Studio. An attacker exploiting this vulnerability could gain access to sensitive information. No information about this vulnerability ...

LG Simple Editor 安全漏洞

LG Simple Editor is a simple editor from Luckin LG Korea that creates new content by simplifying the process and instant playback on signage. LG Simple Editor suffers from an information disclosure vulnerability that can be exploited by attackers to disclose sensitive information...

hw: amd: Cross-Process Information Leak

A flaw was found in hw, in “Zen 2” CPUs. This issue may allow an attacker to access sensitive information under specific microarchitectural circumstances...

Cisco Identity Services Engine 安全漏洞

Cisco Identity Services Engine ISE is an environment-aware platform ISE Identity Services Engine from Cisco. The platform collects real-time information from the network, users and devices, and develops and enforces policies to regulate the network. An arbitrary file write vulnerability exists in...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. A security vulnerability exists in Google Android version 13, which stems from an insecure default value in WindowManager that can be exploited by an attacker to obtain sensitive information...

Google Android 安全漏洞

Google Android is a Linux-based open-source operating system from the U.S. company Google. Google Android has a security vulnerability that stems from a privilege bypass in the settings provider program, which could be exploited by attackers to gain access to sensitive information...