CVE-2026-41422

Daptin (CVE-2026-41422) exposes SQL injection in the /aggregate/:typename endpoint via unvalidated user input passed to goqu.L() in server/resource/resource_aggregate.go. Root cause: user-controlled column/group parameters were inserted directly into SQL without validation, bypassing parameteriza...

Slackware Linux 15.0 / current libssh Multiple Vulnerabilities (SSA:2026-047-01)

The version of libssh installed on the remote host is prior to 0.11.4 / 0.12.0. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2026-047-01 advisory. New libssh packages are available for Slackware 15.0 and -current to fix security issues. Tenable has extracted the...

CVE-2023-0901

Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository pixelfed/pixelfed prior to 0.11.4...

PT-2023-16616 · Pixelfed · Pixelfed

Name of the Vulnerable Software and Affected Versions: pixelfed/pixelfed versions prior to 0.11.4 Description: The issue is related to improper authorization in the GitHub repository pixelfed/pixelfed. Recommendations: For versions prior to 0.11.4, update to version 0.11.4 or later to resolve the...

Pixelfed 信息泄露漏洞

Pixelfed is a free and ethical photo sharing platform from the individual developers of Pixelfed. An information disclosure vulnerability exists in versions of Pixelfed prior to 0.11.4. An attacker exploiting this vulnerability could gain access to sensitive information...