Adobe Commerce License Issues Vulnerability (CNVD-2026-15169)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. Adobe Commerce has an authorization issue vulnerability that can be exploited by an attacker to bypass security measures and gain unauthorized viewing...

CVE-2026-21309

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain...

CVE-2026-21289

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain...

CVE-2026-21309 Adobe Commerce | Incorrect Authorization (CWE-863)

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain...

CVE-2026-21289 Adobe Commerce | Incorrect Authorization (CWE-863)

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain...

Adobe Commerce 安全漏洞

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. Adobe Commerce has an authorization issue vulnerability that can be exploited by an attacker to bypass security measures and gain unauthorized viewing...

PT-2026-24553

Name of the Vulnerable Software and Affected Versions Adobe Commerce versions 2.4.4-p16 through 2.4.9-alpha3 Description Adobe Commerce is affected by an Incorrect Authorization issue that could allow a security feature bypass. An attacker could exploit this to gain unauthorized view access to da...

IBM Engineering Requirements Management DOORS Next Improper Access Control (7261900)

The version of IBM Engineering Requirements Management DOORS Next installed on the remote host is 7.1.0 prior to 7.1.0 ifix 08 or 7.2.0 prior to 7.2.0 ifix 01. It is, therefore, affected by a vulnerability as referenced in the 7261900 advisory. - IBM Engineering Requirements Management DOORS Next...

CVE-2025-41110

Encrypted WiFi and SSH credentials were found in the Ghost Robotics Vision 60 v0.27.2 APK. This vulnerability allows an attacker to connect to the robot's WiFi and view all its data, as it runs on ROS 2 without default authentication. In addition, the attacker can connect via SSH and gain full...

EUVD-2025-34189

A Stored Cross-Site Scripting security issue exists in the affected product that could potentially allow a malicious user to view and modify sensitive data or make the webpage unavailable. The vulnerability stems from missing special character filtering and encoding. Successful exploitation...

CVE-2025-7329

A Stored Cross-Site Scripting security issue exists in the affected product that could potentially allow a malicious user to view and modify sensitive data or make the webpage unavailable. The vulnerability stems from missing special character filtering and encoding. Successful exploitation...

EUVD-2023-54238

Malicious code in bioql PyPI...

CVE-2024-37759

DataGear v5.0.0 and earlier was discovered to contain a SpEL Spring Expression Language expression injection vulnerability via the Data Viewing interface...

CVE-2024-20417

Multiple vulnerabilities in the REST API of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to conduct blind SQL injection attacks. These vulnerabilities are due to insufficient validation of user-supplied input in REST API calls. An attacker could exploit these...

CVE-2024-37759

DataGear v5.0.0 and earlier was discovered to contain a SpEL Spring Expression Language expression injection vulnerability via the Data Viewing interface...

CVE-2024-37759

DataGear v5.0.0 and earlier contains a SpEL (Spring Expression Language) expression injection in the Data Viewing interface. Root cause: SpEL injection can be triggered when viewing data, potentially enabling arbitrary code execution. Exploitation and PoC exist (GitHub proof of concept shows remo...

CVE-2024-37759

DataGear v5.0.0 and earlier was discovered to contain a SpEL Spring Expression Language expression injection vulnerability via the Data Viewing interface...

CVE-2024-37759

DataGear v5.0.0 and earlier was discovered to contain a SpEL Spring Expression Language expression injection vulnerability via the Data Viewing interface...

PT-2024-27732 · Datagear · Datagear

Name of the Vulnerable Software and Affected Versions: DataGear versions 5.0.0 and earlier Description: A SpEL Spring Expression Language expression injection issue was found in the Data Viewing interface. This allows for potential malicious activity via the injection of expressions...

DataGear Security Breach

DataGear is an open source, free data visualization and analysis platform from DataGear, Inc. A security vulnerability exists in DataGear v5.0.0 and prior versions, which originates from the Data Viewing interface containing a SpEL expression injection...