PT-2026-48826

Name of the Vulnerable Software and Affected Versions phpBB versions prior to 3.3.16 Description Improper authentication checks in the OAuth implementation allow remote unauthenticated account hijacking. This issue can lead to unauthorized access in default installations, even in cases where OAut...

PT-2026-48845

Name of the Vulnerable Software and Affected Versions Apache CXF versions prior to 4.2.2 Apache CXF versions prior to 4.1.7 Description An authentication bypass exists in the OAuth2 TokenIntrospectionService. A missing 'throw' keyword in the security context check allows unauthenticated network...

PT-2026-48961

Name of the Vulnerable Software and Affected Versions Parse Server versions 9.8.0 through 9.9.1-alpha.4 Description Applications that enable Multi-Factor Authentication MFA and restrict the get permission on the User class via Class-Level Permissions CLP may expose sensitive user data. The issue...

PT-2026-48987

Name of the Vulnerable Software and Affected Versions Discourse versions 2026.1.0 through 2026.1.3 Discourse versions 2026.3.0 through 2026.3.0 Discourse versions 2026.4.0 through 2026.4.0 Description An issue exists in the Jobs::RedeliverWebHookEvents function where the MessageBus.publish call f...

Ivanti Sentry < R10.5.2 / R10.6.2 / R10.7.1 Multiple Vulnerabilities

The version of Ivanti Sentry formerly MobileIron Sentry running on the remote host is prior to R10.5.2, R10.6.2, or R10.7.1. It is, therefore, affected by multiple vulnerabilities : - An OS command injection vulnerability allows a remote, unauthenticated attacker to achieve root-level remote code...

PT-2026-48909

Name of the Vulnerable Software and Affected Versions Aqara Board service affected versions not specified Description The Aqara Board service at the endpoint "op-test.aqara.com" accepts arbitrary MQTT command payloads and forwards them to the platform's HiveMQ broker without authentication. This...

MongoDB 8.3.x < 8.3.3 Information Disclosure

The version of MongoDB installed on the remote host is 8.3.x prior to 8.3.3. It is, therefore, affected by an information disclosure vulnerability: - MongoDB server may log authentication parameters, including credentials, to the server log during SASL authentication. When connection health metri...

SAP NetWeaver AS ABAP XML Signature Wrapping in SAML Authentication (3746332)

The version of SAP NetWeaver AS ABAP and ABAP Platform detected on the remote host is affected by an XML signature wrapping vulnerability in SAML authentication as referenced in SAP Security Note 3746332: - SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated attacker...

Linux Distros Unpatched Vulnerability : CVE-2026-9735

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MongoDB server may log authentication parameters, including credentials, to the server log during SASL authentication. When connection health metric logging is...

📄 Palo Alto GlobalProtect Authentication Bypass

This Metasploit module exploits an authentication bypass vulnerability in Palo Alto Networks PAN-OS GlobalProtect portal and gateway components. The vulnerability stems from CWE-565: Reliance on Cookies without Validation and Integrity Checking. An unauthenticated remote attacker can forge...

Oracle PeopleSoft Enterprise PeopleTools Missing Authentication for Critical Function Vulnerability

Oracle PeopleSoft Enterprise PeopleTools contains a missing authentication for critical function vulnerability which could allow an unauthenticated attacker to obtain takeover of PeopleSoft Enterprise PeopleTools...

CVE-2026-47238 ClipBucket: IDOR in videos subtitle editor

ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - 133, a normal authenticated user can edit another user's video subtitles because of a lack of authorization. They can upload subtitles, edit their name or delete them. This issue has been patched in version 5.5.3 - 1...

EUVD-2026-36130

Russh: SSH identification parsing accepted non-canonical client banners and did not bound pre-banner input...

GHSA-76R6-X97P-67VR Russh: SSH identification parsing accepted non-canonical client banners and did not bound pre-banner input

Summary russh did not enforce the SSH identification-string rules as deliberately as OpenSSH. In particular, the server-side identification reader used the same permissive path as the client, allowing pre-banner lines from clients, and the reader did not enforce a bounded number of pre-banner...

CVE-2026-41005 UAA accepts SAML Encrypted Assertions authentication bypass

Cloud Foundry UAA incorrectly treated XML encryption to the Service Provider confidentiality as a substitute for XML signatures from the Identity Provider authenticity in two SAML flows: the OAuth 2.0 SAML2 bearer grant token endpoint and browser SSO ACS when wantAssertionSigned is set to false...

CVE-2026-41005 UAA accepts SAML Encrypted Assertions authentication bypass

Cloud Foundry UAA incorrectly treated XML encryption to the Service Provider confidentiality as a substitute for XML signatures from the Identity Provider authenticity in two SAML flows: the OAuth 2.0 SAML2 bearer grant token endpoint and browser SSO ACS when wantAssertionSigned is set to false...

CVE-2026-41005

Cloud Foundry UAA (uaa_release 2.0.0–78.13.0) and CF Deployment up to 56.1.0 are affected by CVE-2026-41005, where XML encryption intended for confidentiality in SAML content was incorrectly treated as a substitute for XML signatures, enabling authentication bypass in two flows: OAuth 2.0 SAML2 b...

CVE-2026-45177

Idira Secrets Manager SaaS Edge versions prior to 1.8 exhibit improper access control within its internal authentication components. A remote, unauthenticated attacker could exploit this by submitting a specially crafted request. Under specific circumstances, this could allow the attacker to...

USN-8423-1: lwIP vulnerabilities

It was discovered that lwIP contained a buffer overflow in the EAP authentication handling code. An attacker could possibly use this issue to trigger a buffer overflow, resulting in arbitrary code execution or a denial of service. This issue only affected Ubuntu 20.04 LTS. CVE-2020-8597 It was...

USN-8423-1 lwip vulnerabilities

It was discovered that lwIP contained a buffer overflow in the EAP authentication handling code. An attacker could possibly use this issue to trigger a buffer overflow, resulting in arbitrary code execution or a denial of service. This issue only affected Ubuntu 20.04 LTS. CVE-2020-8597 It was...