83 matches found
CVE-2026-1832
The ThriveDesk – Live Chat, AI Chatbot, Helpdesk & Knowledge Base plugin for WordPress is vulnerable to unauthorized cache deletion due to a missing capability check on the 'thrivedeskclearcache' AJAX action in all versions up to, and including, 2.1.7. This makes it possible for authenticated...
CVE-2026-1832 ThriveDesk <= 2.1.7 - Missing Authorization to Authenticated (Subscriber+) Cache Deletion
The ThriveDesk – Live Chat, AI Chatbot, Helpdesk & Knowledge Base plugin for WordPress is vulnerable to unauthorized cache deletion due to a missing capability check on the 'thrivedeskclearcache' AJAX action in all versions up to, and including, 2.1.7. This makes it possible for authenticated...
CVE-2026-40605
Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.1, a path traversal vulnerability in the cache deletion endpoint allows authenticated API access to delete directories outside the configured cache path. This can cause arbitrary data loss and...
CVE-2026-40605
Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.1, a path traversal vulnerability in the cache deletion endpoint allows authenticated API access to delete directories outside the configured cache path. This can cause arbitrary data loss and...
CVE-2026-40605 Tautulli Vulnerable to Authenticated Path Traversal in Cache Deletion API
Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.1, a path traversal vulnerability in the cache deletion endpoint allows authenticated API access to delete directories outside the configured cache path. This can cause arbitrary data loss and...
CVE-2026-40605 Tautulli Vulnerable to Authenticated Path Traversal in Cache Deletion API
Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.1, a path traversal vulnerability in the cache deletion endpoint allows authenticated API access to delete directories outside the configured cache path. This can cause arbitrary data loss and...
EUVD-2026-34256
Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.1, a path traversal vulnerability in the cache deletion endpoint allows authenticated API access to delete directories outside the configured cache path. This can cause arbitrary data loss and...
CVE-2026-40605
Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.1, a path traversal vulnerability in the cache deletion endpoint allows authenticated API access to delete directories outside the configured cache path. This can cause arbitrary data loss and...
CVE-2026-40605
CVE-2026-40605 concerns Tautulli, a Python-based tool for Plex Media Server. A path traversal vulnerability existed in the cache deletion API prior to version 2.17.1, allowing an authenticated user to delete directories outside the configured cache path, which could lead to arbitrary data loss an...
CVE-2026-40605 Tautulli Vulnerable to Authenticated Path Traversal in Cache Deletion API
Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.1, a path traversal vulnerability in the cache deletion endpoint allows authenticated API access to delete directories outside the configured cache path. This can cause arbitrary data loss and...
PT-2026-46228
Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.1, a path traversal vulnerability in the cache deletion endpoint allows authenticated API access to delete directories outside the configured cache path. This can cause arbitrary data loss and...
Tautulli 安全漏洞
Tautulli is an open-source application developed by Tautulli for monitoring Plex Media Server. Versions of Tautulli prior to 2.17.1 contained security vulnerabilities. These vulnerabilities were caused by a path traversal issue in the cache deletion endpoint, which could allow authenticated API...
SUSE-SU-2026:1541-1 Security update for flatpak
This update for flatpak fixes the following issues: - CVE-2026-34078: improper processing of app-controlled symlinks by sandbox-expose can lead to sandbox escape, host file access and code execution in the host context bsc1261769. - CVE-2026-34079: improper removal of outdated cache files allows...
CVE-2026-2849
A vulnerability has been found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected by this issue is the function deleteCache/removeAllCache/syncCache of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\CacheController.java of the component Cache Sy...
CVE-2025-13864
The Breeze WordPress Cache Plugin (WordPress) is vulnerable in all versions up to 2.2.21 due to the REST endpoint /wp-json/breeze/v1/clear-all-cache being registered with permission_callback => '__return_true' and authentication disabled by default when the API is enabled. This allows unauthen...
EUVD-2023-24114
Malicious code in bioql PyPI...
EUVD-2023-24115
Malicious code in bioql PyPI...
EUVD-2023-24119
Malicious code in bioql PyPI...
EUVD-2023-23631
Malicious code in bioql PyPI...
EUVD-2022-30275
Malicious code in bioql PyPI...