CVE-2026-34659 Adobe Connect | Deserialization of Untrusted Data (CWE-502)

Adobe Connect versions 2025.9.15, 2025.8.157 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could exploit this vulnerability to execute arbitrary code. Exploitation of this...

CVE-2026-34659

Technical details for CVE-2026-34659 are not publicly available in the provided documents. Monitor for updates from Adobe security advisories and authoritative sources.

CVE-2026-34660 Adobe Connect | Incorrect Authorization (CWE-863)

Adobe Connect versions 2025.9.15, 2025.8.157 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could exploit this vulnerability to inject malicious scripts into a web page, potentially...

CVE-2026-34660

Adobe Connect versions 2025.9.15, 2025.8.157 and earlier are affected by an Incorrect Authorization vulnerability that could lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim visits a malicious URL or interacts with a compromised p...

CVE-2026-34660 Adobe Connect | Incorrect Authorization (CWE-863)

Adobe Connect versions 2025.9.15, 2025.8.157 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could exploit this vulnerability to inject malicious scripts into a web page, potentially...

EUVD-2026-29482

Pocket ID is an OIDC provider that allows users to authenticate with their passkeys to your services. Prior to 2.6.0, The createTokenFromRefreshToken function oidcservice.go validates the refresh token's cryptographic integrity but does not re-validate the user's current authorization state befor...

CVE-2026-43983 Pocket ID: OIDC refresh token flow bypasses authorization revocation, account disabling, and group restrictions

Pocket ID is an OIDC provider that allows users to authenticate with their passkeys to your services. Prior to 2.6.0, The createTokenFromRefreshToken function oidcservice.go validates the refresh token's cryptographic integrity but does not re-validate the user's current authorization state befor...

CVE-2026-43983

Pocket ID’s OIDC refresh token flow (createTokenFromRefreshToken in oidc_service.go) fails to re-check the user’s current authorization state before issuing new tokens prior to version 2.6.0. This can allow token refresh after authorization revocation, post-account disabling, or after removal fro...

CVE-2026-32687 SQL injection via channel name in Postgrex.Notifications.listen/3 and unlisten/3

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in elixir-ecto postgrex 'Elixir.Postgrex.Notifications' module allows SQL Injection. The channel argument passed to 'Elixir.Postgrex.Notifications':listen/3 and...

KB5089270 - Description of the security update for SQL Server 2016 SP3 Azure Connect Feature Pack: May 12, 2026

KB5089270 - Description of the security update for SQL Server 2016 SP3 Azure Connect Feature Pack: May 12, 2026 Summary Known issues in this update Improvements and fixes included in this update How to obtain and install the update More information File information Information about protection an...

CVE-2026-6663

The GWD Connect plugin for WordPress is vulnerable to missing authorization to limited code execution in all versions up to, and including, 2.9. This is due to the plugin's standalone agent endpoints gwd-backup.php and gwd-logs.php not verifying authentication when the API key has not been...

Authentication Bypass in ID4me handling via Missing JWT Signature Verification in User OIDC

None...

Open Redirect in user_oidc login flow via protocol-relative URL bypass

None...

CVE-2026-6663 GWD Connect <= 2.9 - Unauthenticated Limited Code Execution via update_agent

The GWD Connect plugin for WordPress is vulnerable to missing authorization to limited code execution in all versions up to, and including, 2.9. This is due to the plugin's standalone agent endpoints gwd-backup.php and gwd-logs.php not verifying authentication when the API key has not been...

CVE-2026-6663

CVE-2026-6663 affects the WordPress GWD Connect plugin (versions up to and including 2.9). The vulnerability arises from missing authorization on standalone agent endpoints (gwd-backup.php and gwd-logs.php) when the API key is not configured (default state). This allows unauthenticated attackers,...

CVE-2026-6663

The GWD Connect plugin for WordPress is vulnerable to missing authorization to limited code execution in all versions up to, and including, 2.9. This is due to the plugin's standalone agent endpoints gwd-backup.php and gwd-logs.php not verifying authentication when the API key has not been...

PT-2026-39960

The GWD Connect plugin for WordPress is vulnerable to missing authorization to limited code execution in all versions up to, and including, 2.9. This is due to the plugin's standalone agent endpoints gwd-backup.php and gwd-logs.php not verifying authentication when the API key has not been...

APSB26-50 : Security update available for Adobe Connect

Adobe has released a security update for Adobe Connect. This update resolves critical vulnerabilities that could lead to arbitrary code execution and privilege escalation...

Hikvision Hik-Connect APP 安全漏洞

Hikvision Hik-Connect APP is a mobile monitoring application developed by Hikvision, a company in China, designed for remote access and management of video surveillance devices. The Hikvision Hik-Connect APP has a security vulnerability, which stems from insufficiently strict restrictions on...

PT-2026-39905

Name of the Vulnerable Software and Affected Versions TanStack affected versions not specified Description A supply chain attack involving a self-propagating worm known as Mini Shai-Hulud allowed the publication of malicious versions of 42 @tanstack/ packages to the npm registry. The attacker...