PT-2026-31335

Name of the Vulnerable Software and Affected Versions Kibana affected versions not specified Description Kibana’s Fleet plugin debug route handlers exhibit execution with unnecessary privileges, potentially allowing authenticated users with Fleet sub-feature privileges to read index data beyond...

CVE-2026-2698

CVE-2026-2698 is an improper access control vulnerability described across multiple sources as allowing an authenticated user to access areas outside their authorized scope. Connected documents tie the issue to Tenable Security Center (and its 6.8.0 fix) and Red Hat/NVD entries, all noting the sa...

Tenable Security Center 安全漏洞

Tenable Security Center is a security center provided by the American company Tenable. There are security vulnerabilities in Tenable Security Center. These vulnerabilities stem from improper access control, which may allow authenticated users to access areas that are beyond their authorized scope...

CVE-2026-1201 Authorization Bypass Through User-Controlled Key in Hubitat Elevation Hubs

An Authorization Bypass Through User-Controlled Key vulnerability in Hubitat Elevation home automation controllers prior to version 2.4.2.157 could allow a remote authenticated user to control connected devices outside of their authorized scope via client-side request manipulation...

CVE-2025-54755

A directory traversal vulnerability exists in TMUI that allows an authenticated attacker to access files which are not limited to the intended files. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...