PT-2026-42513

Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in incs/remotes.inc.php where latitude, longitude, callsign, mph, altitude, and timestamp values parsed from external GPS tracking service XML/JSON responses InstaMapper and Google Latitude integration are concatenated into...

PT-2026-42664

Name of the Vulnerable Software and Affected Versions MVT Mobile Verification Toolkit versions prior to 2026.5.12 Description A path traversal issue exists during iOS Backup processing due to unsanitized file identifiers. The fileID field from the Manifest.db SQLite database is used directly in...

PT-2026-42613

This is not applicable if an application is configuring the Secrets Store to store credentials. Please make sure to follow the best practices when deploying in production In OpenMetadata 1.12.1, a non-admin SSO user can trigger a TEST CONNECTION workflow for a Database Service and receive, in the...

PT-2026-42598

Summary The fileID field from Manifest.db a SQLite database inside iOS backups, generated by the device is used directly in filesystem path construction without validation. This affects two commands through a shared code path: - mvt-ios decrypt-backup decrypt.py: file id is used to construct both...

WordPress plugin WP Directory Kit SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. The WordPre...

tickets SQL注入漏洞

Tickets is an open-source public safety scheduling and tracking application developed by Open ISES. Versions of tickets prior to 3.44.2 contained a SQL injection vulnerability. This vulnerability stemmed from the fact that the values of latitude, longitude, callsign, mph, altitude, and timestamp,...

tickets SQL注入漏洞

Tickets is an open-source public safety scheduling and tracking application developed by Open ISES. Versions of tickets prior to 3.44.2 contained a SQL injection vulnerability. This vulnerability stemmed from multiple POST parameters in the dbloader.php file—ticketsdb, ticketshost, ticketsuser, a...

PT-2026-45157

Name of the Vulnerable Software and Affected Versions Twig affected versions not specified Description The TwigProfilerDumperHtmlDumper component fails to escape the output of Profile::getTemplate and Profile::getName when writing to HTML. If an attacker can control the template name—which may...

PT-2026-42663

Name of the Vulnerable Software and Affected Versions OpenMetadata versions prior to 1.12.4 Description A non-admin SSO user can trigger a TEST CONNECTION workflow for a Database Service and receive sensitive information in the HTTP 201 response of the 'POST /api/v1/automations/workflows' endpoin...

PT-2026-42520

Open ISES Tickets before 3.44.2 contains hardcoded MySQL database connection credentials host, username, password, database name in import mdb.php. The credentials are embedded in source code committed to the public repository, allowing any reader of the source to obtain valid configuration value...

tickets SQL注入漏洞

Tickets is an open-source public safety scheduling and tracking application developed by Open ISES. Versions of tickets prior to 3.44.2 contained a SQL injection vulnerability. This vulnerability stemmed from the offset GET parameters in the ajax/sitincidents.php file being directly concatenated...

GO-2026-4983 ydb-go-sdk's transactions are not committed using the `options.WithCommit()` option on last call `table.Transaction.Execute` in transaction in github.com/ydb-platform/ydb-go-sdk

ydb-go-sdk's transactions are not committed using the options.WithCommit option on last call table.Transaction.Execute in transaction in github.com/ydb-platform/ydb-go-sdk...

drupal-sa-core-2026-004-lab

SA-CORE-2026-004 — Lab, PoC, and Post-mortem Drupal core SQ...

CVE-2026-9129 Path Traversal in Altium Enterprise Server Viewer StorageController Allows Arbitrary File Read

A path traversal vulnerability exists in the Altium Enterprise Server Viewer StorageController due to improper handling of file path route parameters. On on-premise deployments that use local filesystem storage, a regular authenticated user can supply a URL-encoded absolute path such as an encode...

SQL Injection

Overview symfony/cache is a cache component provides an extended PSR-6 implementation for adding cache to your applications. Affected versions of this package are vulnerable to SQL Injection via PdoAdapter::doClear method. An attacker can influence SQL query to expand deletion scope or perform...

aana (>=0.2.1 <=0.2.2), ace-step (=0.1.0) +234 more potentially affected by CVE-2026-45804 via diffusers (>=0.10.2 <=0.37.1)

diffusers PYPI version =0.10.2, =0.2.1, =1.8.20, =1.9.0, =0.0.0, =0.2.2, =0.0.2, =0.0.0, =0.1.0, =0.6.37, =0.0.4, =0.1.0, =0.1.0, =0.5.0 and more Source cves: CVE-2026-45804 Source advisory: SNYK:PYTHON-DIFFUSERS-16787358...

CVE-2026-42383

The CVE-2026-42383 entry concerns the WordPress plugin “YITH WooCommerce Product Add-Ons” (affected versions: n/a through 4.29.0). The issue is described as an improper neutralization of special elements in SQL commands, i.e., a SQL Injection vulnerability that can enable blind SQL injection. Rel...

CVE-2026-42383 WordPress YITH WooCommerce Product Add-Ons plugin <= 4.29.0 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in YITH YITH WooCommerce Product Add-Ons allows Blind SQL Injection. This issue affects YITH WooCommerce Product Add-Ons: from n/a through 4.29.0...

WordPress YITH WooCommerce Product Add-Ons plugin <= 4.29.0 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin YITH WooCommerce Product Add-Ons versions = 4.29.0...

EUVD-2026-31072

SureCart version prior to 4.2.1 are vulnerable to authenticated SQL injection via multiple parameters 'modelname', 'modelid', 'integrationid', 'provider' on the REST API endpoint '/surecart/v1/integrations/id'. The root cause is a flawed escaping bypass in the query builder 'wp-query-builder'...