PT-2026-49145

Name of the Vulnerable Software and Affected Versions Grit42 Grit versions prior to 0.11.0 Description A SQL injection issue exists in the GritEntityController component, specifically within the file modules/core/backend/app/controllers/concerns/grit/core/grit entity controller.rb. This flaw allo...

CVE-2026-54394

MISP contains a path traversal vulnerability in OrganisationsController::getOrgLogo. The vulnerable code builds organisation logo file paths using organisation-controlled fields such as id, name, and uuid without ensuring that the resolved file remains inside the intended APP/files/img/orgs/...

CVE-2026-47264

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, DetailedTagSerializertaggroupnames returned every tag group a tag belonged to without filtering against the requesting...

EUVD-2026-36563

MISP contains a path traversal vulnerability in OrganisationsController::getOrgLogo. The vulnerable code builds organisation logo file paths using organisation-controlled fields such as id, name, and uuid without ensuring that the resolved file remains inside the intended APP/files/img/orgs/...

CVE-2026-47264

CVE-2026-47264 affects Discourse releases 2026.1.0–2026.1.3, 2026.3.0–2026.3.0x (up to 2026.3.0-latest until 2026.3.1), and 2026.4.0–2026.4.0x (up to 2026.4.0-latest until 2026.4.1). The root cause is that DetailedTagSerializer#tag_group_names returned every tag group a tag belonged to without fi...

CVE-2026-54361

MISP contained multiple mass assignment vulnerabilities in the handling of collections, tag collections, event delegations, and shadow attributes. Several controller actions accepted user-supplied fields that should have remained server-controlled, including record identifiers and ownership-relat...

GHSA-FP5J-4FJ2-4JVQ Radius Controller May Delete a Container Resource via an Injected Deployment Annotation (Multi-Tenant Installs)

Radius Controller May Delete a Container Resource via an Injected Deployment Annotation Multi-Tenant Installs Summary A configuration-validation issue in the Radius Kubernetes controller can cause it to issue a DELETE for the container resource referenced by a tampered radapp.io/status annotation...

Radius Controller May Delete a Container Resource via an Injected Deployment Annotation (Multi-Tenant Installs)

Radius Controller May Delete a Container Resource via an Injected Deployment Annotation Multi-Tenant Installs Summary A configuration-validation issue in the Radius Kubernetes controller can cause it to issue a DELETE for the container resource referenced by a tampered radapp.io/status annotation...

CVE-2026-54361 MISP mass assignment vulnerabilities allow unauthorized modification of ownership and delegation records

MISP contained multiple mass assignment vulnerabilities in the handling of collections, tag collections, event delegations, and shadow attributes. Several controller actions accepted user-supplied fields that should have remained server-controlled, including record identifiers and ownership-relat...

CVE-2026-54361

CVE-2026-54361 affects MISP and stems from mass assignment flaws in collections, tag collections, event delegations, and shadow attributes. Several controller actions accepted user-supplied fields that should be server-controlled (e.g., id, org_id, orgc_id, user_id), enabling an authenticated att...

kernel: can: raw: fix ro->uniq use-after-free in raw_rcv()

A flaw was found in the Linux kernel's Controller Area Network CAN raw socket implementation. A use-after-free vulnerability can occur due to a timing window during the unregistration of CAN receive filters, allowing a freed memory region to be accessed. This could lead to system instability or a...

CVE-2026-54360 MISP sharing group creation mass assignment allows unauthorized takeover of existing sharing groups

A mass assignment vulnerability exists in MISP’s sharing group creation endpoint. When creating a new sharing group, the controller did not remove a user-supplied id field before saving the submitted data. In CakePHP, supplying a primary key in the save data can cause a create followed by save...

CVE-2026-47190 IPAM controller service account granted unnecessary full access to Secrets

IPAM is the IP address Manager for Cluster API Provider Metal3. Prior to versions 1.11.7, 1.12.4, and 1.13.0, the IPAM controller's ClusterRole granted full CRUD permissions create, delete, get, list, patch, update, watch on core/v1 Secrets. The controller never accesses Secrets during normal...

CVE-2026-47190

The CVE concerns IPAM (Metal3) where the IPAM controller’s ClusterRole granted full CRUD access to core/v1 Secrets prior to versions 1.11.7, 1.12.4, and 1.13.0. Although the controller does not access Secrets during normal operation, a compromised IPAM pod (e.g., via supply‑chain attack or contai...

CVE-2026-12066

A security flaw has been discovered in PbootCMS up to 3.2.12. This vulnerability affects the function retrieve of the file apps/home/controller/MemberController.php of the component Password Handler. The manipulation of the argument username/password/email/checkcode results in weak password...

EUVD-2026-36423

A security flaw has been discovered in PbootCMS up to 3.2.12. This vulnerability affects the function retrieve of the file apps/home/controller/MemberController.php of the component Password Handler. The manipulation of the argument username/password/email/checkcode results in weak password...

CVE-2026-12066 PbootCMS Password MemberController.php retrieve password recovery

A security flaw has been discovered in PbootCMS up to 3.2.12. This vulnerability affects the function retrieve of the file apps/home/controller/MemberController.php of the component Password Handler. The manipulation of the argument username/password/email/checkcode results in weak password...

CVE-2026-12066 PbootCMS Password MemberController.php retrieve password recovery

A security flaw has been discovered in PbootCMS up to 3.2.12. This vulnerability affects the function retrieve of the file apps/home/controller/MemberController.php of the component Password Handler. The manipulation of the argument username/password/email/checkcode results in weak password...

BIT-JENKINS-2026-53442

Jenkins 2.567 and earlier, LTS 2.555.2 and earlier does not encrypt secrets from POST config.xml submissions before storing them in job configurations unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission, or access to t...

PT-2026-48996

Name of the Vulnerable Software and Affected Versions MISP affected versions not specified Description A path traversal issue exists in the getOrgLogo function of the OrganisationsController. The software constructs file paths for organization logos using fields controlled by the organization, su...