Confirmable "change email" race condition permits user to confirm email they have no access to

Impact A race condition in Devise's Confirmable module allows an attacker to confirm an email address they do not own. This affects any Devise application using the reconfirmable option the default when using Confirmable with email changes. By sending two concurrent email change requests, an...

MCP Server to Auto commit changes 命令注入漏洞

MCP Server to Auto commit Changes is an AI tool developed by Hypermodel Inc for automatically generating Git commit messages. Version 1.0.0 of MCP Server to Auto commit Changes contains a command injection vulnerability. This vulnerability stems from incorrect operations on the getGitChanges...

PT-2026-25805

Craft CMS is a content management system CMS. From version 4.0.0-RC1 to before version 4.17.5 and from version 5.0.0-RC1 to before version 5.9.11, there is a Behavior injection RCE vulnerability in ElementIndexesController and FieldsController. Craft control panel administrator permissions and...

PT-2026-25804

Name of the Vulnerable Software and Affected Versions Craft CMS versions 5.6.0 through 5.9.10 Description Craft CMS is a content management system. A flaw exists where the $settings array from parse str is passed directly to Craft::configure without proper sanitization using...

EulerOS 2.0 SP12 : cups (EulerOS-SA-2026-1385)

According to the versions of the cups package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to version 2.4.15, a client that connects ...

EulerOS 2.0 SP10 : curl (EulerOS-SA-2026-1331)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a cross-protocol redirect to a second URL that uses an IMAP,...

CVE-2026-4198 hypermodel-labs mcp-server-auto-commit index.ts getGitChanges command injection

A vulnerability was determined in hypermodel-labs mcp-server-auto-commit 1.0.0. Affected by this vulnerability is the function getGitChanges of the file index.ts. This manipulation causes command injection. The attack can only be executed locally. The exploit has been publicly disclosed and may b...

Incorrect Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization via the browser.request. An attacker can modify or create browser profiles and persist unauthorized configuration changes by sending crafted requests to profile...

WordPress plugin Social Icons Widget & Block by WPZOOM 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

PT-2026-25147

wpDiscuz before 7.6.47 contains a cross-site request forgery vulnerability in the getFollowsPage function that allows attackers to trigger unauthorized actions without nonce validation. Attackers can craft malicious requests to enumerate follow relationships and manipulate user follow data by...

CVE-2026-30868

OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.4, multiple OPNsense MVC API endpoints perform state‑changing operations but are accessible via HTTP GET requests without CSRF protection. The framework CSRF validation in ApiControllerBase only applies to POST/PUT/DELETE...

CVE-2026-30868

OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.4, multiple OPNsense MVC API endpoints perform state‑changing operations but are accessible via HTTP GET requests without CSRF protection. The framework CSRF validation in ApiControllerBase only applies to POST/PUT/DELETE...

EUVD-2026-11238

OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.4, multiple OPNsense MVC API endpoints perform state‑changing operations but are accessible via HTTP GET requests without CSRF protection. The framework CSRF validation in ApiControllerBase only applies to POST/PUT/DELETE...

EUVD-2026-10937

Umbraco Affected by Vertical Privilege Escalation via Missing Authorization Checks...

CVE-2026-24311

The SAP Customer Checkout application exhibits certain design characteristics that involve locally storing operational data using reversible protection mechanisms. Access to this data, combined with user?initiated interaction, may allow modifications to occur without validation. Such changes coul...

Improper Privilege Management

Overview Affected versions of this package are vulnerable to Improper Privilege Management due to insufficient authorization enforcement when modifying user group memberships. An attacker can gain higher-level privileges by assigning highly privileged roles without proper validation of their own...

Sylius is Missing Authorization in API v2 Add Item Endpoint

Impact The POST /api/v2/shop/orders/tokenValue/items endpoint does not verify cart ownership. An unauthenticated attacker can add items to other registered customers' carts by knowing the cart tokenValue. POST /api/v2/shop/orders/tokenValue/items Other mutation endpoints PUT, PATCH, DELETE are no...

Micro Research MR-GM5L-S1和Micro Research MR-GM5A-L1 安全漏洞

Both Micro Research MR-GM5L-S1 and Micro Research MR-GM5A-L1 are embedded industrial communication module devices produced by the Canadian company Micro Research. Both devices have security vulnerabilities; these vulnerabilities stem from authentication bypass issues, which could allow attackers ...

WordPress plugin LatePoint – Calendar Booking Plugin for Appointments and Events 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

PT-2026-24587

The divi-booster WordPress plugin before 5.0.2 does not have authorization and CSRF checks in one of its fixing function, allowing unauthenticated users to modify stored divi-booster WordPress plugin before 5.0.2 options. Furthermore, due to the use of unserialize on the data, this could be furth...