219592 matches found
CVE-2026-34892
Subscriber Broken Access Control in Rank Math SEO = 1.0.271 versions...
CVE-2026-25425
Unauthenticated Broken Access Control in User Registration = 5.1.2 versions...
CVE-2025-68049
Subscriber Broken Access Control in bunny.net = 2.3.6 versions...
CVE-2025-69332
Subscriber Broken Access Control in Bookify = 1.1.1 versions...
Malicious code in lab-helper (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9bbde4e4075983db0c5aba255bc29f84fb2536681b13e8289412cce5c3ee7a2e On npm install, the package's postinstall hook runs seccheck.js, which enumerates the host's network interfaces and proceeds only if an IPv4 address...
EUVD-2026-36468
Netty: HttpObjectDecoder skips arbitrary initial control characters when only initial CRLF characters are permitted...
Netty: HttpObjectDecoder skips arbitrary initial control characters when only initial CRLF characters are permitted
Summary Before reading the first request-line, HttpObjectDecoder skips every byte for which Character.isISOControlb is true 0x00–0x1F and 0x7F as well as all whitespace. RFC 9112 §2.2 only asks servers to ignore empty CRLF lines preceding the request-line — a carefully scoped robustness allowance...
GHSA-HVCG-QMG6-JM4C Netty: HttpObjectDecoder skips arbitrary initial control characters when only initial CRLF characters are permitted
Summary Before reading the first request-line, HttpObjectDecoder skips every byte for which Character.isISOControlb is true 0x00–0x1F and 0x7F as well as all whitespace. RFC 9112 §2.2 only asks servers to ignore empty CRLF lines preceding the request-line — a carefully scoped robustness allowance...
CVE-2026-49775 WordPress Welcart e-Commerce plugin <= 2.11.28 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in Welcart e-Commerce = 2.11.28 versions...
CVE-2026-49775
CVE-2026-49775 affects WordPress Welcart e-Commerce plugin versions
CVE-2026-49070 WordPress Knit Pay plugin <= 9.4.0.0 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in Knit Pay = 9.4.0.0 versions...
CVE-2026-49070 WordPress Knit Pay plugin <= 9.4.0.0 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in Knit Pay = 9.4.0.0 versions...
CVE-2026-49070
CVE-2026-49070 affects the WordPress Knit Pay plugin (versions
EUVD-2026-36876
Unauthenticated Broken Access Control in Knit Pay = 9.4.0.0 versions...
CVE-2026-49065 WordPress Hippoo Mobile App for WooCommerce plugin <= 1.9.5 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in Hippoo Mobile App for WooCommerce = 1.9.5 versions...
CVE-2026-49065 WordPress Hippoo Mobile App for WooCommerce plugin <= 1.9.5 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in Hippoo Mobile App for WooCommerce = 1.9.5 versions...
CVE-2026-49065
The CVE applies to WordPress Hippoo Mobile App for WooCommerce plugin versions
CVE-2026-48887 WordPress JS Help Desk plugin <= 3.0.9 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in JS Help Desk = 3.0.9 versions...
CVE-2026-48887 WordPress JS Help Desk plugin <= 3.0.9 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in JS Help Desk = 3.0.9 versions...
EUVD-2026-36861
Unauthenticated Broken Access Control in JS Help Desk = 3.0.9 versions...