CVE-2026-38978

A flaw was found in Transmission. A clickjacking weakness exists in the browser-facing WebUI and RPC Remote Procedure Call response paths. This vulnerability could allow a remote attacker to trick a user into performing unintended actions by overlaying malicious content over legitimate interface...

unilogies/bumsys < v2.0.2 - Clickjacking

This template checks for the presence of clickjacking prevention headers in the HTTP response, aiming to identify vulnerabilities related to the improper restriction of rendered UI layers or frames in the GitHub repository unilogies/bumsys prior to version 2.0.2. id: CVE-2023-1362 info: name:...

SUSE CVE-2026-38978

transmission through 4.1.1 was found to have a clickjacking weakness in the browser-facing WebUI and RPC response paths...

Linux Distros Unpatched Vulnerability : CVE-2026-38978

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - transmission through 4.1.1 was found to have a clickjacking weakness in the browser-facing WebUI and RPC response paths. CVE-2026-38978 Note that Nessus relies ...

UBUNTU-CVE-2026-38978

transmission through 4.1.1 was found to have a clickjacking weakness in the browser-facing WebUI and RPC response paths...

DEBIAN-CVE-2026-38978

transmission through 4.1.1 was found to have a clickjacking weakness in the browser-facing WebUI and RPC response paths...

CVE-2026-38978

transmission through 4.1.1 was found to have a clickjacking weakness in the browser-facing WebUI and RPC response paths...

CVE-2026-38978

Transmission up to version 4.1.1 is reported to have a clickjacking weakness in the browser-facing WebUI and RPC response paths. The provided documents do not specify the root cause, affected components beyond WebUI/RPC paths, or available remediations. No exploitation details are given. Monitor ...

PT-2026-45777

transmission through 4.1.1 was found to have a clickjacking weakness in the browser-facing WebUI and RPC response paths...

CVE-2026-38978

transmission through 4.1.1 was found to have a clickjacking weakness in the browser-facing WebUI and RPC response paths...

EUVD-2026-33971

transmission through 4.1.1 was found to have a clickjacking weakness in the browser-facing WebUI and RPC response paths...

CVE-2026-38978

transmission through 4.1.1 was found to have a clickjacking weakness in the browser-facing WebUI and RPC response paths...

CVE-2026-38978

transmission through 4.1.1 was found to have a clickjacking weakness in the browser-facing WebUI and RPC response paths...

Atlassian Jira Service Management Data Center and Server 10.0.0 < 10.3.7 / 10.4.0 < 11.3.5 (JSDSERVER-16588)

The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16588 advisory. - This Security Headers Omission vulnerability allows an unauthenticated attacker to receive responses...

Astra Linux - уязвимость в firefox

The browser might have mistakenly transferred the pointer lock state to another tab, which could lead to clickjacking attacks. This vulnerability affects Firefox versions earlier than 85...

Security Headers Omission in Jira Service Management Data Center

This is a vulnerability in a non-Atlassian Jira Service Management dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity Security Headers Omission vulnerability was introduced in versions 10.3.0 and 11.3.0 of Jira Service...

Security Bulletin: IBM Integration Bus for z/OS webui is potentially vulnerable to an clickjacking attack ( CVE-2026-1353 )

Summary IBM Integration Bus for z/OS webui is potentially vulnerable to an clickjacking attack. Vulnerability Details CVEID:CVE-2026-1353 DESCRIPTION: IBM App Connect Enterprise could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious...

Security Headers Omission in Jira Software Data Center

This is a vulnerability in a non-Atlassian Jira Software dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity Security Headers Omission vulnerability was introduced in versions 10.3.0 and 11.3.0 of Jira Software Data Center...

Astra Linux - уязвимость в firefox, thunderbird

The permission prompt input delay may expire if the window is not in focus. This makes it vulnerable to clickjacking by malicious websites. This vulnerability affects Firefox 124, Firefox ESR 115.10, and Thunderbird 115.10...

Astra Linux - уязвимость в firefox, thunderbird

The black fade animation when exiting fullscreen is roughly the same duration as the delay in permission prompts during the anti-clickjacking process. It was possible to take advantage of this fact to surprise users by tempting them to click on the permission grant button before it appeared. This...