GHSA-6R7F-Q7F5-WPX8 Payload has Authenticated SSRF via Upload Functionality

Impact An authenticated Server-Side Request Forgery SSRF vulnerability existed in the upload functionality. Authenticated users with create or update access to an upload-enabled collection could cause the server to make outbound HTTP requests to arbitrary URLs. Consumers are affected if ALL of...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS in the admin panel when user-supplied content is saved in a collection with versions enabled. An attacker can execute arbitrary scripts in the context of another user's browser by submitting crafted input and...

Cross-site Scripting (XSS)

Overview @payloadcms/plugin-mcp is a MCP Model Context Protocol capabilities with Payload Affected versions of this package are vulnerable to Cross-site Scripting XSS in the admin panel when user-supplied content is saved in a collection with versions enabled. An attacker can execute arbitrary...

Server-side Request Forgery (SSRF)

Overview payload is a Node, React and MongoDB Headless CMS and Application Framework Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the external file upload endpoint due to insufficient validation of HTTP redirects. An attacker can access internal network...

PT-2026-21760

Name of the Vulnerable Software and Affected Versions Payload versions prior to 3.75.0 Description Payload is a free and open source headless content management system. A Server-Side Request Forgery SSRF issue exists in the external file upload functionality. Insufficient validation of HTTP...

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection via the overrides.yoke.cd/flight annotation, which allows a user-supplied URL to be used directly by the controller without validation. An attacker can execute arbitrary code within the controller context by...

PT-2026-4740

Name of the Vulnerable Software and Affected Versions exos 9300 server affected versions not specified Description A SOAP API is reachable on port 8002 on the exos 9300 server without requiring authentication. Network access to the server allows for actions such as creating arbitrary access log...

CVE-2025-59021

Backend users with access to the redirects module and write permission on the sysredirect table were able to read, create, and modify any redirect record without restriction to the user’s own file-mounts or web-mounts. This allowed attackers to insert or alter redirects pointing to arbitrary URLs...

jbd2: avoid bug_on in jbd2_journal_get_create_access() when file system corrupted

...

CVE-2025-68337 jbd2: avoid bug_on in jbd2_journal_get_create_access() when file system corrupted

In the Linux kernel, the following vulnerability has been resolved: jbd2: avoid bugon in jbd2journalgetcreateaccess when file system corrupted There's issue when file system corrupted: ------------ cut here ------------ kernel BUG at fs/jbd2/transaction.c:1289! Oops: invalid opcode: 0000 1 SMP...

PT-2025-52665

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.18.0-rc1-next Description The Linux kernel contains an issue within the jbd2 journaling system. A bug can occur in the jbd2 journal get create access function when the file system is corrupted. Specifically, th...

CVE-2023-50718 NocoDB SQL Injection vulnerability

NocoDB is software for building databases as spreadsheets. Prior to version 0.202.10, an authenticated attacker with create access could conduct a SQL Injection attack on MySQL DB using unescaped tablename. This vulnerability may result in leakage of sensitive data in the database. Version 0.202....

CVE-2023-33972 Privilege escalation from having CREATE access on a keyspace in Scylladb

Scylladb is a NoSQL data store using the seastar framework, compatible with Apache Cassandra. Authenticated users who are authorized to create tables in a keyspace can escalate their privileges to access a table in the same keyspace, even if they don't have permissions for that table. This issue...

Scylla Security Breach

Scylla is a ScyllaDB open source real-time big data database compatible with Apache Cassandra and Amazon DynamoDB APIs. Scylla has a security vulnerability that stems from allowing an attacker with CREATE access to elevate to higher privileges...

Oracle Financial Services Applications Financial Services Liquidity Risk Management Unauthorized Access Vulnerability

Financial Services Applications Financial Services Liquidity Risk Management is an Oracle Financial Services Applications Component: User Interface Oracle Financial Services Liquidity Risk Management product from Oracle Corporation. Oracle Financial Services Applications Financial Services...