CVE-2026-7882 Concrete CMS 9.5.0 and below is vulnerable to CSRF via the DeleteFile controller

Concrete CMS 9.5.0 and below is vulnerable to unauthorized file deletion due to an Inverted CSRF token check in the DeleteFile controller. The code throws an error when the token IS valid and proceeds with file deletion when the token is invalid or missing. This effectively disables CSRF protecti...

CVE-2026-6826 Concrete 9.5.0 and below has file usage disclosure via missing permission check in Usage controller

Concrete CMS 9.5.0 and below is vulnerable to unauthenticated file usage disclosure via missing permission check in the usage controller. Any unauthenticated visitor can request /ccm/system/dialogs/file/usage/fID with any file ID and receive a list of every page that references that file,...

CVE-2026-6826

Concrete CMS 9.5.0 and below is vulnerable to unauthenticated file usage disclosure via missing permission check in the usage controller. Any unauthenticated visitor can request /ccm/system/dialogs/file/usage/fID with any file ID and receive a list of every page that references that file,...

CVE-2026-6826

Concrete CMS 9.5.0 and below is vulnerable to unauthenticated file usage disclosure due to a missing permission check in the usage controller. An unauthenticated visitor can access /ccm/system/dialogs/file/usage/{fID} with any file ID and obtain a list of every page referencing that file, includi...

CVE-2026-6826 Concrete 9.5.0 and below has file usage disclosure via missing permission check in Usage controller

Concrete CMS 9.5.0 and below is vulnerable to unauthenticated file usage disclosure via missing permission check in the usage controller. Any unauthenticated visitor can request /ccm/system/dialogs/file/usage/fID with any file ID and receive a list of every page that references that file,...

CVE-2026-8428 CSRF token is not validated in the core CMS update controller for Concrete CMS 9.5.0 and below

Concrete CMS 9.5.0 and below emits a CSRF token in the localavailableupdate.php view $token-output'doupdate' but the corresponding doupdate method in concrete/controllers/singlepage/dashboard/system/update/update.php never calls $this-token-validate'doupdate'. The form is rendered as a POST form,...

CVE-2026-8428

Concrete CMS

CVE-2026-8428 CSRF token is not validated in the core CMS update controller for Concrete CMS 9.5.0 and below

Concrete CMS 9.5.0 and below emits a CSRF token in the localavailableupdate.php view $token-output'doupdate' but the corresponding doupdate method in concrete/controllers/singlepage/dashboard/system/update/update.php never calls $this-token-validate'doupdate'. The form is rendered as a POST form,...

CVE-2026-8417 Concrete CMS 9.5.0 and below is vulnerable to CSRF in do_update() in the package update controller

Concrete CMS 9.5.0 and below does not validate a CSRF token before processing requests to /dashboard/extend/update/doupdate/. The doupdate method in concrete/controllers/singlepage/dashboard/extend/update.php checks only canInstallPackages before executing upgradeCoreData and upgrade on the named...

CVE-2026-8135 Concrete CMS 9.5.0 and below is vulnerable to RCE due to insecure deserialization occurring in the ExpressEntryList block controller.

Concrete CMS 9.5.0 and below is vulnerable to Remote Code Execution due to insecure deserialization occurring in the ExpressEntryList block controller. An rogue administrator with privileges to add blocks to an area can bypass the intended protection mechanism fromCIF === true, which normally...

CVE-2026-8135 Concrete CMS 9.5.0 and below is vulnerable to RCE due to insecure deserialization occurring in the ExpressEntryList block controller.

Concrete CMS 9.5.0 and below is vulnerable to Remote Code Execution due to insecure deserialization occurring in the ExpressEntryList block controller. An rogue administrator with privileges to add blocks to an area can bypass the intended protection mechanism fromCIF === true, which normally...

Concrete CMS 跨站请求伪造漏洞

Concrete CMS is an open-source content management system designed for teams. Versions of Concrete CMS 9.5.0 and earlier contained a cross-site request forgeing vulnerability. This vulnerability stemmed from the reverse implementation of CSRF token checks in the DeleteFile controller, which could...

PT-2026-42573

Name of the Vulnerable Software and Affected Versions Concrete CMS versions 9.0.0 through 9.4.x Description Cross Site Request Forgery CSRF occurs at the 'concrete/controllers/backend/file' endpoint within the removeFavoriteFolder$id function. CSRF is a flaw that allows an attacker to induce a us...

PT-2026-42540

Name of the Vulnerable Software and Affected Versions Concrete CMS versions 9.5.0 and earlier Description An issue exists where a missing permission check in the usage controller allows unauthenticated visitors to disclose file usage information. By requesting the endpoint...

Concrete CMS 代码问题漏洞

Concrete CMS is an open-source content management system developed by Concrete CMS. Versions of Concrete CMS 9.5.0 and earlier have code vulnerabilities. These vulnerabilities stem from insecure deserialization in the ExpressEntryList block controller. This could allow malicious administrators wi...

PT-2026-42536

Name of the Vulnerable Software and Affected Versions Concrete CMS versions prior to 9.5.1 Description Remote Code Execution RCE is possible due to insecure deserialization in the ExpressEntryList block controller. An administrator with permissions to add blocks can bypass the fromCIF === true...

Concrete CMS 跨站请求伪造漏洞

Concrete CMS is an open-source content management system developed by Concrete CMS. Versions prior to Concrete CMS 9.5.0 had a cross-site request forgeing vulnerability. This vulnerability stemmed from the concrete/controllers/backend/file function, which was vulnerable to cross-site request...

kernel: can: raw: fix ro->uniq use-after-free in raw_rcv()

A flaw was found in the Linux kernel's Controller Area Network CAN raw socket implementation. A use-after-free vulnerability can occur due to a timing window during the unregistration of CAN receive filters, allowing a freed memory region to be accessed. This could lead to system instability or a...

GHSA-CRHJ-59GH-8X96 vulnerabilities

Vulnerabilities for packages: coder-fips, gitea-fips, argocd-image-updater, trivy, kubescape, pulumi-language-yaml, grype-fips, gitlab-rails-ce-fips, witness, gitaly-fips, nuclei, cerbos, grype, steampipe, flux-image-automation-controller-fips, pulumi-kubernetes-operator, cloudbeat-fips,...

Insertion of Sensitive Information Into Sent Data

Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data via the diagnostics endpoint. An attacker can obtain sensitive secret-backed plugin configuration data by accessing this endpoint. Remediation There is no fixed version for...