Fedora 44 : roundcubemail (2026-2b956d89d3)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-2b956d89d3 advisory. Release 1.7.1 - Enigma: Support automatic public key lookup import using HKP v1 protocol 5314 - Managesieve: Fix error when a mail message contains...

CVE-2026-45344 LinkAce: Setup database password newline injection enables pre-auth RCE on uninitialized instances

LinkAce is a self-hosted archive to collect website links. Prior to 2.5.6, the setup database configuration flow on uninitialized LinkAce instances accepts attacker-controlled database credential fields and writes them back into .env without escaping. A remote attacker who can reach the setup...

GHSA-XWCR-WM99-G9JC Algernon: handler.lua discovery walks parent directories above the server root

Summary When Algernon is asked for any URL path that resolves to a directory without an index file, DirPage walks upward through parent directories — past the configured server root — looking for a file named handler.lua to execute as the request handler. The loop terminates only after 100 ancest...

PT-2026-41968

Summary The Mailpit SMTP server has a Server.MaxSize int field that controls the maximum allowed DATA payload size, but the field is never assigned anywhere outside test code, leaving it at Go's zero value 0 ⇒ "no limit". The same applies to the HTTP /api/v1/send endpoint, whose request body is...

@better-auth/cli (>=1.5.0-beta.10 <=1.5.0-beta.13), @onmax/nuxt-better-auth (>=0.0.2-alpha.14 <=0.0.2-alpha.31) +2 more potentially affected by CVE-2026-45364 via better-auth (>=1.5.0-beta.10 <=1.5.0-beta.20)

better-auth NPM version =1.5.0-beta.10, =1.5.0-beta.10, =0.0.2-alpha.14, =1.5.0-beta.15, =0.0.2-beta.19, =0.0.10-beta.25 Source cves: CVE-2026-45364 Source advisory: OSV:GHSA-P6V2-XCPG-H6XW...

@alstar/studio (=0.0.0-beta.20), @better-auth/cli (>=1.0.0 <=1.4.1-beta.1) +71 more potentially affected by CVE-2026-45364 via better-auth (>=1.0.0-canary.10 <=1.4.16)

better-auth NPM version =1.0.0-canary.10, =1.0.0, =1.3.27, =1.3.27, =1.3.27, =1.3.27, =1.3.27, =1.3.27, =1.3.26, =1.3.27, =0.18.0, =0.5.2, =1.0.2, =1.0.2, =1.0.2, =1.0.3 and more Source cves: CVE-2026-45364 Source advisory: SNYK:JS-BETTERAUTH-16722787...

CVE-2026-42189 Russh: Pre-auth DoS via unbounded allocation in keyboard-interactive auth

Russh is a Rust SSH client & server library. Prior to version 0.60.1, a pre-authentication denial-of-service vulnerability exists in the server's keyboard-interactive authentication handler. A malicious client can crash any russh-based server that implements keyboard-interactive auth e.g., for...

RHEL 9 : nginx (RHSA-2026:13839)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:13839 advisory. nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage...

russh has pre-auth DoS via unbounded allocation in its keyboard-interactive auth handler

Summary A pre-authentication denial-of-service vulnerability exists in the server's keyboard-interactive authentication handler. A malicious client can crash any russh-based server that implements keyboard-interactive auth e.g., for 2FA/TOTP with a single malformed packet, requiring no credential...

CVE-2026-31813

Supabase Auth is a JWT based API for managing users and issuing JWT tokens. Prior to 2.185.0, a vulnerability has been identified that allows an attacker to issue sessions for arbitrary users using specially crafted ID tokens when the Apple or Azure providers are enabled. The attacker issues a...

CVE-2026-28678 dsa-hub-server: Clear-Text Storage of Sensitive Data

DSA Study Hub is an interactive educational web application. Prior to commit d527fba, the user authentication system in server/routes/auth.js was found to be vulnerable to Insufficiently Protected Credentials. Authentication tokens JWTs were stored in HTTP cookies without cryptographic protection...

Exploit for Code Injection in Ivanti Endpoint_Manager_Mobile

Ivanti EPMM pre-auth RCE Dummy Target A simple demo applicati...

MedDream PACS Premium modifyRoute reflected cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2266 MedDream PACS Premium modifyRoute reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-57787 SUMMARY A reflected cross-site scripting xss vulnerability exists in the modifyRoute functionality of MedDream PACS Premium...

@agentcorporation/server (>=0.3.3 <=0.3.13), @airisos/server (>=2026.324.0-canary.0 <=2026.325.0-canary.3) +145 more potentially affected by unknown CVE via better-auth (>=0.4.10-beta.10 <=1.4.4)

better-auth NPM version =0.4.10-beta.10, =0.3.3, =2026.324.0-canary.0, =2026.501.0, =2026.501.0, =0.0.7, =0.0.1, =1.3.27, =1.3.27, =1.3.27, =1.3.27, =1.3.27, =1.3.27, =1.3.26, =1.3.27, =1.3.37 and more Source cves: unknown CVE Source advisory: OSV:GHSA-X732-6J76-QMHM...

@agentcorporation/server (>=0.3.3 <=0.3.13), @airisos/server (>=2026.324.0-canary.0 <=2026.325.0-canary.3) +142 more potentially affected by unknown CVE via better-auth (>=1.0.0-canary.10 <=1.4.22)

better-auth NPM version =1.0.0-canary.10, =0.3.3, =2026.324.0-canary.0, =2026.501.0, =2026.501.0, =0.0.7, =1.0.0, =1.3.27, =1.3.27, =1.3.27, =1.3.27, =1.3.27, =1.3.27, =1.3.26, =1.3.27, =1.3.37 and more Source cves: unknown CVE Source advisory: SNYK:JS-BETTERAUTH-14157194...

@agentcorporation/server (>=0.3.3 <=0.3.13), @airisos/server (>=2026.324.0-canary.0 <=2026.325.0-canary.3) +130 more potentially affected by unknown CVE via better-auth (>=0.4.10-beta.10 <=1.4.2-beta.5)

better-auth NPM version =0.4.10-beta.10, =0.3.3, =2026.324.0-canary.0, =2026.501.0, =2026.501.0, =0.0.1, =1.3.27, =1.3.27, =1.3.27, =1.3.27, =1.3.27, =1.3.27, =1.3.26, =1.3.27, =0.18.0, =1.9.7 and more Source cves: unknown CVE Source advisory: OSV:GHSA-569Q-MPPH-WGWW...

@alstar/studio (=0.0.0-beta.20), @better-auth/cli (>=1.3.4 <=1.4.0-beta.28) +24 more potentially affected by unknown CVE via better-auth (>=1.3.34 <=1.4.0-beta.9)

better-auth NPM version =1.3.34, =1.3.4, =0.18.9, =0.5.2, =0.0.9, =0.0.9, =0.0.9, =0.0.3, =0.0.9, =0.0.8, =0.0.11, =0.0.9, =7.0.9-canary.2, =7.0.9-canary.2, =0.1.8, =0.1.9 and more Source cves: unknown CVE Source advisory: SNYK:JS-BETTERAUTH-14135654...

@aangeles/jefeui (>=1.10.0 <=1.11.6), @aipmorg/chat (=1.5.3) +54 more potentially affected by unknown CVE via next-auth (>=5.0.0-beta.11 <=5.0.0-beta.3)

next-auth NPM version =5.0.0-beta.11, =1.10.0, =1.10.3, =0.1.0, =1.2.4-main.7f918ee.29, =0.0.2, =1.0.0, =0.1.6, =0.152.1, =1.0.0, =0.106.0, =0.122.0-rc.13 - @irshadkhan-dev/pandapulse-db =0.0.1 and more Source cves: unknown CVE Source advisory: OSV:GHSA-5JPX-9HW9-2FX4...

Adobe Experience Manager Forms - Insecure Deserialization

Adobe Experience Manager versions 6.5.23 and earlier are affected by a Misconfiguration vulnerability that could result in arbitrary code execution. An attacker could leverage this vulnerability to bypass security mechanisms and execute code. Exploitation of this issue does not require user...

CVE-2025-62169

OctoPrint-SpoolManager is a plugin for managing spools and all their usage metadata. In versions 1.8.0a2 and older of the testing branch and versions 1.7.7 and older of the stable branch, the APIs of the OctoPrint-SpoolManager plugin do not correctly enforce authentication or authorization checks...