CVE-2026-34615

Adobe Connect (versions 2025.3, 12.10 and earlier) are affected by a Deserialization of Untrusted Data vulnerability that could lead to arbitrary code execution in the context of the current user. Exploitation does not require user interaction. Root cause: deserialization of untrusted data. Affec...

CVE-2026-27243 Adobe Connect | Cross-site Scripting (Reflected XSS) (CWE-79)

Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. An attacker could exploit this vulnerability to inject malicious scripts into a web page, potentially gaining elevated access or control over the victim's account or session...

CVE-2026-27243

Adobe Connect (versions 2025.3, 12.10 and earlier) contains a reflected Cross-Site Scripting (XSS) vulnerability. An attacker can lure a user to a crafted URL referencing a vulnerable page, enabling arbitrary JavaScript execution in the user’s browser with high impact to confidentiality and integ...

CVE-2026-27243 Adobe Connect | Cross-site Scripting (Reflected XSS) (CWE-79)

Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. An attacker could exploit this vulnerability to inject malicious scripts into a web page, potentially gaining elevated access or control over the victim's account or session...

CVE-2026-27243

Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. An attacker could exploit this vulnerability to inject malicious scripts into a web page, potentially gaining elevated access or control over the victim's account or session...

KB5084820 - Description of the security update for SQL Server 2016 SP3 Azure Connect Feature Pack: April 14, 2026

KB5084820 - Description of the security update for SQL Server 2016 SP3 Azure Connect Feature Pack: April 14, 2026 Summary Known issues in this update Improvements and fixes included in this update How to obtain and install the update More information File information Information about protection...

CVE-2026-31923 Apache APISIX: Openid-connect `tls_verify` field is disabled by default

Cleartext Transmission of Sensitive Information vulnerability in Apache APISIX. This can occur due to sslverify in openid-connect plugin configuration being set to false by default. This issue affects Apache APISIX: from 0.7 through 3.15.0. Users are recommended to upgrade to version 3.16.0, whic...

CVE-2026-31923 Apache APISIX: Openid-connect `tls_verify` field is disabled by default

Cleartext Transmission of Sensitive Information vulnerability in Apache APISIX. This can occur due to sslverify in openid-connect plugin configuration being set to false by default. This issue affects Apache APISIX: from 0.7 through 3.15.0. Users are recommended to upgrade to version 3.16.0, whic...

EUVD-2026-22239

Cleartext Transmission of Sensitive Information vulnerability in Apache APISIX. This can occur due to sslverify in openid-connect plugin configuration being set to false by default. This issue affects Apache APISIX: from 0.7 through 3.15.0. Users are recommended to upgrade to version 3.16.0, whic...

CVE-2026-31923

CVE-2026-31923 affects Apache APISIX (0.7–3.15.0) due to openid-connect plugin tls_verify/ssl_verify being disabled by default, enabling cleartext transmission of sensitive information. The CVSSv3.1 base score is 7.5 (Network attack, Low attack complexity, no privileges or user interaction, Confi...

CVE-2026-31923

Cleartext Transmission of Sensitive Information vulnerability in Apache APISIX. This can occur due to sslverify in openid-connect plugin configuration being set to false by default. This issue affects Apache APISIX: from 0.7 through 3.15.0. Users are recommended to upgrade to version 3.16.0, whic...

PT-2026-32762

Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser...

PT-2026-32767

Name of the Vulnerable Software and Affected Versions Adobe Connect versions 2025.3 and 12.10 and earlier Description An issue involving Deserialization of Untrusted Data allows for arbitrary code execution in the context of the current user. This flaw can be exploited without requiring any user...

Adobe Connect 跨站脚本漏洞

Adobe Connect is a software for creating meeting environments from the American company Audobee Adobe. Adobe Connect suffers from a cross-site scripting vulnerability that can be exploited by an attacker to execute malicious JavaScript in the context of the victim's browser by manipulating the DO...

Adobe Connect 跨站脚本漏洞

Adobe Connect is a software for creating meeting environments from the American company Audobee Adobe. Adobe Connect suffers from a cross-site scripting vulnerability that could be exploited by an attacker to steal a victim's cookie-based authentication credentials...

Adobe Connect 跨站脚本漏洞

Adobe Connect is a software for creating meeting environments from the American company Audobee Adobe. Adobe Connect suffers from a cross-site scripting vulnerability that is caused by improper validation of user-supplied input. An attacker could exploit the vulnerability to steal the victim's...

Adobe Connect 跨站脚本漏洞

Adobe Connect is a software for creating meeting environments from the American company Audobee Adobe. Adobe Connect suffers from a cross-site scripting vulnerability that is caused by improper validation of user-supplied input. An attacker could exploit the vulnerability to steal the victim's...

PT-2026-32573

MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, sandbox network protection can be bypassed by using socket.sendto with the MSG FASTOPEN flag. This allows authenticated user with tool-editing permissions to reach internal services that are explicitly blocked by th...

Adobe Connect 跨站脚本漏洞

Adobe Connect is a software developed by Adobe, a company based in the United States, used for creating meeting environments. Versions of Adobe Connect such as 2025.3 and earlier, as well as 12.10 and earlier versions, have a cross-site scripting vulnerability. This vulnerability allows attackers...

Adobe Connect 跨站脚本漏洞

Adobe Connect is a software developed by Adobe, a company based in America, used to create meeting environments. The Adobe Connect version 2025.3, along with versions 12.10 and earlier, contained a cross-site scripting vulnerability. This vulnerability stemmed from a reflective cross-site scripti...