BIT-DISCOURSE-2026-26973 Discourse doesn't scope reviewable notes to user-visible reviewables

Discourse is an open source discussion platform. Versions prior to 2025.12.2, 2026.1.1, and 2026.2.0 have an IDOR Insecure Direct Object Reference in ReviewableNotesController. When enablecategorygroupmoderation is enabled, a user belonging to a category moderation group can create or delete thei...

kernel: Linux kernel: xHCI driver isochronous event handling race condition leading to data loss or UAF

A flaw was found in the Linux kernel's xHCI eXtensible Host Controller Interface driver. This vulnerability allows data loss or buffer Use-After-Free UAF due to a race condition during isochronous Ring Underrun/Overrun event handling...

Mitsubishi Electric MELSEC iQ-F series 安全漏洞

The Mitsubishi Electric MELSEC iQ-F series is a programmable logic controller developed by Mitsubishi Electric, a Japanese company. The MELSEC iQ-F series contains security vulnerabilities, which stem from improper resource closure or release procedures. This could allow remote attackers to cause...

CVE-2025-48635

In multiple functions of TaskFragmentOrganizerController.java, there is a possible activity token leak due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-31328

In broadcastIntentLockedTraced of BroadcastController.java, there is a possible way to launch arbitrary activities from the background on the paired companion phone due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed...

CVE-2024-31328

In broadcastIntentLockedTraced of BroadcastController.java, there is a possible way to launch arbitrary activities from the background on the paired companion phone due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed...

CVE-2024-31328

In broadcastIntentLockedTraced of BroadcastController.java, there is a possible way to launch arbitrary activities from the background on the paired companion phone due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed...

CVE-2025-48635

In multiple functions of TaskFragmentOrganizerController.java, there is a possible activity token leak due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-50195

Chamilo is a learning management system. Prior to version 1.11.30, there is an OS Command Injection vulnerability in /plugin/vchamilo/views/manage.controller.php. This issue has been patched in version 1.11.30...

CVE-2025-50195 Chamilo: OS Command Injection in /plugin/vchamilo/views/manage.controller.php

Chamilo is a learning management system. Prior to version 1.11.30, there is an OS Command Injection vulnerability in /plugin/vchamilo/views/manage.controller.php. This issue has been patched in version 1.11.30...

CVE-2025-50195 Chamilo: OS Command Injection in /plugin/vchamilo/views/manage.controller.php

Chamilo is a learning management system. Prior to version 1.11.30, there is an OS Command Injection vulnerability in /plugin/vchamilo/views/manage.controller.php. This issue has been patched in version 1.11.30...

CVE-2025-50195 Chamilo: OS Command Injection in /plugin/vchamilo/views/manage.controller.php

Chamilo is a learning management system. Prior to version 1.11.30, there is an OS Command Injection vulnerability in /plugin/vchamilo/views/manage.controller.php. This issue has been patched in version 1.11.30...

EUVD-2025-208164

Chamilo is a learning management system. Prior to version 1.11.30, there is an OS Command Injection vulnerability in /plugin/vchamilo/views/manage.controller.php. This issue has been patched in version 1.11.30...

CVE-2025-50195

CVE-2025-50195 affects the Chamilo learning management system. A vulnerability in the file /plugin/vchamilo/views/manage.controller.php allows an OS Command Injection on Chamilo installations running versions prior to 1.11.30 . The issue has been addressed in Chamilo release 1.11.30 (patch/commit...

📄 Honeywell Trend IQ4xx BMS Controller Unauthenticated Remote Web-HMI Control / Lockout

The Honeywell IQ4 Trend IQ4 exposes its full web-based HMI without authentication in its factory-default configuration. With no user module configured, security is disabled by design and the system operates under a System User level 100 context, granting read/write privileges to any party able to...

Cisco AppDynamics Controller Path Traversal Vulnerability (cisco-sa-appd-traversal-m7N8mZpF)

According to its self-reported version, Cisco AppDynamics is affected by a vulnerability. - A vulnerability in the file upload functionality of Cisco AppDynamics Controller could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. This vulnerabili...

CVE-2026-28408

WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, the script in adicionartipodocsatendido.php does not go through the project's central controller and does not have its own authentication and permission checks. A malicious user could make a request through tools like...

GHSA-9H8M-3FM2-QJRQ vulnerabilities

Vulnerabilities for packages: trivy-operator-fips, verticadb-operator-fips, task, k8sgpt, helm-operator-fips, eks-distro, grype, aws-otel-collector-fips, gitaly, tekton-chains-fips, ratify-fips, packer, docker-compose-fips, cloudprober-fips, temporal-server, prometheus-alertmanager,...

net: can: j1939: j1939_xtp_rx_rts_session_active(): deactivate session upon receiving the second rts

...

CVE-2026-3286

A vulnerability was identified in itwanger paicoding 1.0.0/1.0.1/1.0.2/1.0.3. The impacted element is the function Save of the file paicoding-web/src/main/java/com/github/paicoding/forum/web/common/image/rest/ImageRestController.java of the component Image Save Endpoint. Such manipulation of the...