CVE-2026-5130

The Debugger & Troubleshooter plugin for WordPress was vulnerable to Unauthenticated Privilege Escalation in versions up to and including 1.3.2. This was due to the plugin accepting the wpdebugtroubleshootsimulateuser cookie value directly as a user ID without any cryptographic validation or...

CVE-2026-5130 Debugger & Troubleshooter <= 1.3.2 - Unauthenticated Privilege Escalation to Administrator via Cookie Manipulation

The Debugger & Troubleshooter plugin for WordPress was vulnerable to Unauthenticated Privilege Escalation in versions up to and including 1.3.2. This was due to the plugin accepting the wpdebugtroubleshootsimulateuser cookie value directly as a user ID without any cryptographic validation or...

CVE-2026-5130 Debugger & Troubleshooter <= 1.3.2 - Unauthenticated Privilege Escalation to Administrator via Cookie Manipulation

The Debugger & Troubleshooter plugin for WordPress was vulnerable to Unauthenticated Privilege Escalation in versions up to and including 1.3.2. This was due to the plugin accepting the wpdebugtroubleshootsimulateuser cookie value directly as a user ID without any cryptographic validation or...

CVE-2026-5130

The PatchStack entry details an unauthenticated privilege escalation in the WordPress plugin Debugger & Troubleshooter (versions

WordPress Debugger & Troubleshooter plugin <= 1.3.2 - Unauthenticated Privilege Escalation to Administrator via Cookie Manipulation vulnerability

Unauthenticated Privilege Escalation to Administrator via Cookie Manipulation vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Plugin Debugger & Troubleshooter versions = 1.3.2...

PT-2026-29142

Name of the Vulnerable Software and Affected Versions WordPress Debugger & Troubleshooter plugin versions through 1.3.2 Description The Debugger & Troubleshooter plugin for WordPress was susceptible to Unauthenticated Privilege Escalation. The plugin accepted the wp debug troubleshoot simulate us...

WordPress plugin Debugger & Troubleshooter 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

CVE-2026-4753 Out-of-bounds Read in slajerek RetroDebugger

Out-of-bounds Read vulnerability in slajerek RetroDebugger.This issue affects RetroDebugger: before v0.64.72...

CVE-2026-4753

Out-of-bounds Read vulnerability in slajerek RetroDebugger.This issue affects RetroDebugger: before v0.64.72...

Retro Debugger 安全漏洞

Retro Debugger is a retro game console code debugger developed by slajerek’s individual developer. Versions of Retro Debugger prior to v0.64.72 contained security vulnerabilities, which were caused by out-of-bounds read operations...

CVE-2026-22174 OpenClaw < 2026.2.22 - Gateway Token Disclosure via Chrome CDP Probe

OpenClaw versions prior to 2026.2.22 inject the x-OpenClaw-relay-token header into Chrome CDP probe traffic on loopback interfaces, allowing local processes to capture the Gateway authentication token. An attacker controlling a loopback port can intercept CDP reachability probes to the...

Huawei EulerOS: Security Advisory for gdb (EulerOS-SA-2026-1481)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Malicious code in transform-remove-debugger (npm)

The package 'transform-remove-debugger' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...

MAL-2026-1509 Malicious code in transform-remove-debugger (npm)

The package 'transform-remove-debugger' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...

Huawei EulerOS: Security Advisory for gdb (EulerOS-SA-2026-1307)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Exploit for Classic Buffer Overflow in Freefloat Freefloat_Ftp_Server

CVE 2025-5548 Este es el repositorio principal donde document...

[SECURITY] Fedora 42 Update: insight-18.0.50.20260306-1.fc42

Insight is a tight graphical user interface to GDB written in Tcl/Tk. It provides a comprehensive interface that enables users to harness most of GDB's power. It's also probably the only up-to-date UI for the latest GDB version...

[SECURITY] Fedora 43 Update: insight-18.0.50.20260306-1.fc43

Insight is a tight graphical user interface to GDB written in Tcl/Tk. It provides a comprehensive interface that enables users to harness most of GDB's power. It's also probably the only up-to-date UI for the latest GDB version...

PT-2026-25564

These vulnerabilities matter because they target the trust boundary of development tools. A crafted object file can crash your debugger CVE-2026-2341 or potentially execute code CVE-2025-11495. Read more: 👉 https://t.co/eePbxfrCYi Security Fedora https://t.co/6gh3G5nd2g...

Huawei EulerOS: Security Advisory for gdb (EulerOS-SA-2026-1234)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...