CVE-2026-24666 Open eClass is Vulnerable to CSRF in Teacher-Restricted Endpoints Allows Unauthorized Actions

The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, a Cross-Site Request Forgery CSRF vulnerability in multiple teacher-restricted endpoints allows attackers to induce authenticated teachers to perform unintended actions, such as...

CVE-2025-61646

A flaw was found in MediaWiki. A low-privileged remote attacker could exploit this vulnerability by tricking a user into interacting with the EnhancedChangesList.Php program file. This could lead to low confidentiality impact, potentially disclosing sensitive information. Mitigation Mitigation fo...

CVE-2025-61639

A flaw was found in MediaWiki. This vulnerability, categorized as an Exposure of Sensitive Information to an Unauthorized Actor, allows an unauthorized individual to access sensitive data. The issue stems from how MediaWiki handles logging and recent changes, potentially leading to the disclosure...

CVE-2026-22888

Improper input verification issue exists in Cybozu Garoon 5.0.0 to 6.0.3, which may lead to unauthorized alteration of portal settings, potentially blocking access to the product...

USN-8006-1 mysql-8.0 vulnerabilities

Multiple security issues were discovered in MySQL and this update includes a new upstream MySQL version to fix these issues. MySQL has been updated to 8.0.45 in Ubuntu 20.04 LTS. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes...

Exposure of Sensitive System Information to an Unauthorized Control Sphere

Overview mediawiki/core is a Free software wiki application developed by the Wikimedia Foundation and others. Note: This package is not maintained on Packagist anymore, but newer releases exist. Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an...

Insertion of Sensitive Information Into Sent Data

Overview mediawiki/core is a Free software wiki application developed by the Wikimedia Foundation and others. Note: This package is not maintained on Packagist anymore, but newer releases exist. Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data...

UBUNTU-CVE-2025-61639

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/logging/ManualLogEntry.Php, includes/recentchanges/RecentChangeFactory.Php, includes/recentchanges/RecentChangeStore.Php. This...

CVE-2025-61646

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/RecentChanges/EnhancedChangesList.Php. This issue affects MediaWiki: from before 1.39.14, 1.43.4, 1.44.1...

EUVD-2025-206644

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/RecentChanges/EnhancedChangesList.Php. This issue affects MediaWiki: from before 1.39.14, 1.43.4, 1.44.1...

CVE-2025-61646

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/RecentChanges/EnhancedChangesList.Php. This issue affects MediaWiki: from before 1.39.14, 1.43.4, 1.44.1...

PT-2026-6050

Name of the Vulnerable Software and Affected Versions MOMA Seismic Station versions v2.4.2520 and prior Description The MOMA Seismic Station web management interface does not require authentication. This allows an unauthenticated attacker to modify configuration settings, obtain device data, or...

Open eClass 代码问题漏洞

Open eClass is an open-source e-classroom system developed by the Greek Universities Network. Versions of Open eClass prior to 4.2 contained code vulnerabilities. These vulnerabilities stemmed from an insecure password reset mechanism, which could allow local attackers to reuse already used...

Tenda AC7 跨站请求伪造漏洞

The Tenda AC7 is a wireless router produced by the Chinese company Tenda. Versions of the Tenda AC7 such as V03.03.03.01cn and earlier contained a vulnerability related to cross-site request forgery. This vulnerability stemmed from the lack of CSRF protection in the web management interface, whic...

RISS SRL MOMA Seismic Station 访问控制错误漏洞

RISS SRL MOMA Seismic Station is a specialized industrial control device for earthquake monitoring developed by the Italian company RISS SRL. Versions of RISS SRL MOMA Seismic Station prior to v2.4.2520 contained an access control vulnerability. This vulnerability stemmed from the lack of...

PT-2026-6198

Name of the Vulnerable Software and Affected Versions Open eClass versions prior to 4.2 Description The Open eClass platform, previously known as GUnet eClass, is a course management system. A Cross-Site Request Forgery CSRF issue exists in teacher-restricted endpoints prior to version 4.2. This...

Open eClass 代码问题漏洞

Open eClass is an open-source e-classroom system developed by the Greek Universities Network. Versions of Open eClass prior to 4.2 contained code vulnerabilities. These vulnerabilities stemmed from the failure to invalidate active user sessions after password changes, allowing unauthorized access...

CVE-2025-61639

CVE-2025-61639 affects Wikimedia Foundation MediaWiki and concerns exposure of sensitive information to an unauthorized actor. The issue involves files in includes/logging/ManualLogEntry.Php, includes/recentchanges/RecentChangeFactory.Php, and includes/recentchanges/RecentChangeStore.Php, with af...

CVE-2025-61639 Suppressed blocked IP is visible in Special:BlockList, RC, and other places

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/logging/ManualLogEntry.Php, includes/recentchanges/RecentChangeFactory.Php, includes/recentchanges/RecentChangeStore.Php. This...

CVE-2025-61639 Suppressed blocked IP is visible in Special:BlockList, RC, and other places

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/logging/ManualLogEntry.Php, includes/recentchanges/RecentChangeFactory.Php, includes/recentchanges/RecentChangeStore.Php. This...