WordPress Transbank Webpay plugin < 1.14.0 - Unauthenticated Stored XSS vulnerability

Unauthenticated Stored XSS vulnerability discovered by Mateo Contenla & Matías Schiappacasse in WordPress Plugin Transbank Webpay REST versions 1.14.0...

EUVD-2025-210250

Unauthenticated SQL Injection in Advanced Ads – Tracking 3.0.7 versions...

CVE-2026-39547 WordPress Getaway theme < 1.8 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Getaway 1.8 versions...

CVE-2026-39433

The CVE-2026-39433 entry concerns the WordPress WPAMS plugin (Apartment Management) with versions

NPM: n8n: Python sandbox escape

NPM: n8n: Python sandbox escape vulnerability discovered by ? in WordPress Npm n8n versions 1.123.48...

PT-2026-50089

Unauthenticated Local File Inclusion in Thegov Core 2.0.23 versions...

PT-2026-50090

Unauthenticated Local File Inclusion in Integrio Core 1.2.8 versions...

CVE-2026-9261

Use of weak SSH cryptographic algorithms in Canon EOS Network Setting Tool Version 1.5.0 or earlier...

CVE-2026-39515

Subscriber Broken Access Control in Motors 1.4.107 versions...

CVE-2026-49066 WordPress Conekta Payment Gateway plugin <= 6.0.0 - Sensitive Data Exposure vulnerability

Unauthenticated Sensitive Data Exposure in Conekta Payment Gateway = 6.0.0 versions...

CVE-2026-40767 WordPress wpForo Forum plugin < 3.0.2 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in wpForo Forum 3.0.2 versions...

CVE-2026-5419 affecting package gnutls for versions less than 3.8.13-1

CVE-2026-5419 affecting package gnutls for versions less than 3.8.13-1. An upgraded version of the package is available that resolves this issue...

CVE-2026-50261 affecting package xorg-x11-server-Xwayland for versions less than 24.1.12-1

CVE-2026-50261 affecting package xorg-x11-server-Xwayland for versions less than 24.1.12-1. An upgraded version of the package is available that resolves this issue...

WordPress Powerpack for LearnDash plugin < 1.3.0 - Unauthenticated Arbitrary Option Update vulnerability

Unauthenticated Arbitrary Option Update vulnerability discovered by Khaled Alenazi Nxploited in WordPress Plugin PowerPack for LearnDash versions 1.3.0...

CVE-2026-46598 affecting package docker-buildx for versions less than 0.14.0-15

CVE-2026-46598 affecting package docker-buildx for versions less than 0.14.0-15. A patched version of the package is available...

CVE-2026-25680 affecting package docker-buildx for versions less than 0.14.0-15

CVE-2026-25680 affecting package docker-buildx for versions less than 0.14.0-15. A patched version of the package is available...

CVE-2026-33814 affecting package cert-manager for versions less than 1.12.15-9

CVE-2026-33814 affecting package cert-manager for versions less than 1.12.15-9. A patched version of the package is available...

CVE-2026-33814 affecting package containerized-data-importer for versions less than 1.62.0-6

CVE-2026-33814 affecting package containerized-data-importer for versions less than 1.62.0-6. A patched version of the package is available...

CVE-2026-34956 affecting package openvswitch for versions less than 3.3.0-3

CVE-2026-34956 affecting package openvswitch for versions less than 3.3.0-3. A patched version of the package is available...

CVE-2026-39829 affecting package kubernetes for versions less than 1.30.10-25

CVE-2026-39829 affecting package kubernetes for versions less than 1.30.10-25. A patched version of the package is available...