Unzip 安全漏洞

Unzip is a Golang.zip decompression tool developed by Yige’s developers. Versions of Unzip prior to 2.215 contained security vulnerabilities. These vulnerabilities stemmed from failing to catch exceptions when parsing zip headers with incorrect DOS date formats. As a result, an exception was thro...

PT-2026-43629

GitHub Security Advisory Draft — GM-369 Summary SQL injection in Pimcore's translation grid date filter — the user-supplied property field from the filter JSON is interpolated directly into a UNIX TIMESTAMPDATEFROM UNIXTIME... SQL expression without parameterization or allowlist validation...

PT-2026-44026

Missing Authorization vulnerability in Prasad Kirpekar WP Meta and Date Remover allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Meta and Date Remover: from n/a through 2.3.6...

PT-2026-44154

Summary The date filter's strftime implementation parses width specifiers like %9999999d and forwards the captured width unchecked into pad/padStart in src/util/underscore.ts. The pad loop performs unbounded string concatenation without consulting the Context's memoryLimit or renderLimit, so a...

WordPress plugin WP Meta and Date Remover 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

PT-2026-43482

IO::Uncompress::Unzip versions before 2.215 for Perl propagate uncaught exception when parsing zip header with malformed DOS date. dosToUnixTime decodes the local-file-header last-modification date field and calls Time::Local::timelocal without an eval guard. A header whose date field decodes to ...

Linux Distros Unpatched Vulnerability : CVE-2025-15649

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - IO::Uncompress::Unzip versions before 2.215 for Perl propagate uncaught exception when parsing zip header with malformed DOS date. dosToUnixTime decodes the...

CVE-2026-25426

creationtimestamp| type| source ---|---|--- 2026-05-26 22:25:10+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmrzvwhgpz2i...

CVE-2025-68710

creationtimestamp| type| source ---|---|--- 2026-05-26 22:23:39+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmrztac7fc2r...

CVE-2026-7766

Kenik Camera management Panel is vulnerable to Path Traversal vulnerability. An unauthenticated attacker can send GET request with arbitrary file path and read corresponding files located on the server. The issue was fixed in version 2026-04-23 of the KG-5260xxxx-IL-G2 cameras. Rest of the produc...

CVE-2026-44706

Chatwoot is a customer engagement suite. From 2.2.0 to before 4.11.2, a SQL injection vulnerability exists in the conversation and contact filter APIs. When filtering by a custom attribute of type date or number using the isgreaterthan or islessthan operators, user-supplied values in the values...

CVE-2026-44706

Chatwoot is a customer engagement suite. From 2.2.0 to before 4.11.2, a SQL injection vulnerability exists in the conversation and contact filter APIs. When filtering by a custom attribute of type date or number using the isgreaterthan or islessthan operators, user-supplied values in the values...

EUVD-2026-31913

Chatwoot is a customer engagement suite. From 2.2.0 to before 4.11.2, a SQL injection vulnerability exists in the conversation and contact filter APIs. When filtering by a custom attribute of type date or number using the isgreaterthan or islessthan operators, user-supplied values in the values...

CVE-2026-46275

creationtimestamp| type| source ---|---|--- 2026-05-26 16:00:05+00:00| seen| https://t.me/GithubRedTeam/86003 2026-05-27 21:11:38+00:00| seen| Telegram/gErohbwTCKTWlpvhKyjoMZM9ytnNcaUIrq9IFwI-Mxv4...

CVE-2026-9544

creationtimestamp| type| source ---|---|--- 2026-05-26 15:57:53+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmrebfzcfx2r...

CVE-2026-48136

creationtimestamp| type| source ---|---|--- 2026-05-26 15:28:33+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmrcmxmhyr2p 2026-05-27 14:35:30+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mmtq4yad4r2m...

CVE-2026-8479

creationtimestamp| type| source ---|---|--- 2026-05-26 15:21:27+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmrcabhm4p2i 2026-06-04 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-155-04...

CVE-2026-41917

creationtimestamp| type| source ---|---|--- 2026-05-26 15:03:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmrb7ezuu62i...

CVE-2026-41401

creationtimestamp| type| source ---|---|--- 2026-05-26 14:59:48+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmrazkiwx22k 2026-06-01 15:38:41+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mnafjazque2y...

CVE-2026-2340

creationtimestamp| type| source ---|---|--- 2026-05-26 14:33:00+00:00| seen| https://vulnerability.circl.lu/bundle/ef598036-eda2-4311-807e-ebbdfb04a51d 2026-05-27 02:01:27+00:00| seen| https://bsky.app/profile/slackers.it/post/3mmsfyjytqj2i 2026-05-27 02:01:29+00:00| seen|...