PT-2026-39229

Name of the Vulnerable Software and Affected Versions PgBouncer versions prior to 1.25.2 Description An improper authorization check exists for the 'KILL CLIENT' admin command. Any user with access to the administration console can execute this command, whereas it should be restricted exclusively...

Linux Distros Unpatched Vulnerability : CVE-2026-6667

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PgBouncer before 1.25.2 did not perform an appropriate authorization check for the KILLCLIENT admin command. All users with access to the administration console...

SUSE CVE-2026-31742

In the Linux kernel, the following vulnerability has been resolved: vt: discard stale unicode buffer on alt screen exit after resize When enteraltscreen saves vcunilines into vcsavedunilines and sets vcunilines to NULL, a subsequent console resize via vcdoresize skips reallocating the unicode...

CVE-2026-8106

A reflected HTML injection vulnerability was identified in the GitHub Enterprise Server Management Console login page that could allow credential theft. The redirectto query parameter on the /setup/unlock endpoint was reflected into an HTML attribute without proper sanitization, enabling an...

CVE-2026-8106 Reflected HTML injection vulnerability in GitHub Enterprise Server Management Console login page allowed credential theft

A reflected HTML injection vulnerability was identified in the GitHub Enterprise Server Management Console login page that could allow credential theft. The redirectto query parameter on the /setup/unlock endpoint was reflected into an HTML attribute without proper sanitization, enabling an...

CVE-2026-8106 Reflected HTML injection vulnerability in GitHub Enterprise Server Management Console login page allowed credential theft

A reflected HTML injection vulnerability was identified in the GitHub Enterprise Server Management Console login page that could allow credential theft. The redirectto query parameter on the /setup/unlock endpoint was reflected into an HTML attribute without proper sanitization, enabling an...

CVE-2026-8106

A reflected HTML injection vulnerability was identified in the GitHub Enterprise Server Management Console login page that could allow credential theft. The redirectto query parameter on the /setup/unlock endpoint was reflected into an HTML attribute without proper sanitization, enabling an...

CVE-2026-8106

CVE-2026-8106 describes a reflected HTML injection in the GitHub Enterprise Server Management Console login page. The vulnerability lies in the redirect_to query parameter on the /setup/unlock endpoint, which is reflected into an HTML attribute without proper sanitization. An attacker could entic...

Security Bulletin: IBM MQ is affected by weaker than expected security in IBM WebSphere Application Server Liberty (CVE-2025-14917)

Summary IBM WebSphere Application Server Liberty is used by IBM MQ as part of the IBM MQ Console and IBM MQ REST API functionality CVE-2025-14917 Vulnerability Details CVEID:CVE-2025-14917 DESCRIPTION: IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application...

Security Bulletin: IBM MQ is affected by a server-side request forgery vulnerability in IBM WebSphere Application Server Liberty (CVE-2026-1561)

Summary IBM WebSphere Application Server Liberty is used by IBM MQ as part of the IBM MQ Console and IBM MQ REST API functionality CVE-2026-1561 Vulnerability Details CVEID:CVE-2026-1561 DESCRIPTION: IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application...

Security Bulletin: IBM MQ is affected by a vulnerability in IBM WebSphere Application Server Liberty (CVE-2025-14914)

Summary A remote code execution vulnerability was identified in IBM WebSphere Application Server Liberty, which IBM MQ ships and uses to supply IBM MQ Console and IBM MQ REST API functionality CVE-2025-14914 Vulnerability Details CVEID:CVE-2025-14914 DESCRIPTION: IBM WebSphere Application Server...

Security Bulletin: IBM MQ is affected by a denial of service vulnerability in IBM WebSphere Application Server Liberty (CVE-2024-29371)

Summary IBM WebSphere Application Server Liberty is used by IBM MQ as part of the IBM MQ Console and IBM MQ REST API functionality CVE-2024-29371 Vulnerability Details CVEID:CVE-2024-29371 DESCRIPTION: In jose4j before 0.9.6, an attacker can cause a Denial-of-Service DoS condition by crafting a...

Security Bulletin: IBM MQ is affected by a privilege escalation vulnerability in IBM WebSphere Application Server Liberty (CVE-2025-14915)

Summary IBM WebSphere Application Server Liberty is used by IBM MQ as part of the IBM MQ Console and IBM MQ REST API functionality CVE-2025-14915 Vulnerability Details CVEID:CVE-2025-14915 DESCRIPTION: IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application...

EUVD-2025-209709

Remote Code Execution Vulnerability in Hitachi Storage Navigator and the maintenance console in Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H, Hitachi Virtual...

CVE-2025-1978

Remote Code Execution Vulnerability in Hitachi Storage Navigator and the maintenance console in Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H, Hitachi Virtual...

CVE-2025-1978 Remote Code Execution Vulnerability in Hitachi Storage Navigator and the maintenance console

Remote Code Execution Vulnerability in Hitachi Storage Navigator and the maintenance console in Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H, Hitachi Virtual...

CVE-2025-1978

Remote Code Execution Vulnerability in Hitachi Storage Navigator and the maintenance console in Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H, Hitachi Virtual...

CVE-2025-1978 Remote Code Execution Vulnerability in Hitachi Storage Navigator and the maintenance console

Remote Code Execution Vulnerability in Hitachi Storage Navigator and the maintenance console in Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H, Hitachi Virtual...

CVE-2025-1978

CVE-2025-1978 is a Remote Code Execution vulnerability in Hitachi Storage Navigator and the maintenance console affecting Hitachi Virtual Storage Platform family (G130/G150/G350/G370/G700/G900, F350/F370/F700/F900, E390/E590/E790/E990, E390H/E590H/E790H/E1090H, One Block 23/24/26/28). The issue i...

NocoBase 2.0.27 - VM Sandbox Escape

Exploit Title: NocoBase 2.0.27 - VM Sandbox Escape Date: 2026-03-26 Exploit Author: Onurcan Genç Vendor Homepage: https://www.nocobase.com/ Software Link: https://github.com/nocobase/nocobase Version: -u -P --cmd "id"...