PT-2026-48461

🚨 CVE-2026-46558 Plane is an open-source project management tool. Prior to version 1.3.1, there is a cross-workspace asset authorization bypass lets any authenticated user read, copy, delete, and overwrite assets in other Plane workspaces. This issue has been patched in version 1.3.1. 🎖@cveNotify...

Termix 安全漏洞

Termix is a server management platform developed by Karmaa’s individual developers. Versions of Termix prior to 2.3.2 contained security vulnerabilities. These vulnerabilities stemmed from the lack of verification by 16 file manager endpoints to ensure that the requesting user had an SSH session...

praisonai-platform: Project endpoints accept any project_id without workspace ownership check, cross-workspace read/update/delete IDOR

Summary Type: Insecure Direct Object Reference. The project CRUD endpoints GET / PATCH / DELETE /workspaces/workspaceid/projects/projectid and GET .../projectid/stats gate access on requireworkspacememberworkspaceid only, then resolve projectid through ProjectService.getprojectid / updateprojecti...

Goobi viewer - Core: Unauthenticated Solr Streaming Expression Proxy

Summary The Goobi viewer REST endpoint POST /api/v1/index/stream accepted an arbitrary Solr streaming expression from unauthenticated network clients and forwarded it to the backend Solr server without restriction. An attacker could read the complete Solr index and, in default Solr deployments,...

CVE-2026-34603

Tina is a headless content management system. Prior to version 2.2.2, @tinacms/cli recently added lexical path-traversal checks to the dev media routes, but the implementation still validates only the path string and does not resolve symlink or junction targets. If a link already exists under the...

CVE-2026-34603

Tina is a headless content management system. Prior to version 2.2.2, @tinacms/cli recently added lexical path-traversal checks to the dev media routes, but the implementation still validates only the path string and does not resolve symlink or junction targets. If a link already exists under the...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the pathfor function in DiskService. An attacker can read, write, or delete arbitrary files on the server by supplying blob keys containing path traversal sequences like ../. Note: In most cases, blob keys are...

PT-2026-20382

The Brevo - Email, SMS, Web Push, Chat, and more. plugin for WordPress is vulnerable to authorization bypass due to type juggling in all versions up to, and including, 3.3.0. This is due to the use of loose comparison == instead of strict comparison === when validating the installation ID in the...

CVE-2026-25574

Payload CMS prior to 3.74.0 is affected by a cross-collection IDOR in the payload-preferences internal collection. In multi-auth environments using Postgres or SQLite with default serial/auto-increment IDs, authenticated users from one auth collection can read and delete preferences belonging to ...

CVE-2026-25574 Payload Affected by Cross-Collection IDOR in payload-preferences Access Control (Multi-Auth Environments)

Payload is a free and open source headless content management system. Prior to 3.74.0, a cross-collection Insecure Direct Object Reference IDOR vulnerability exists in the payload-preferences internal collection. In multi-auth collection environments using Postgres or SQLite with default...

CVE-2025-62287

Vulnerability in the Oracle Life Sciences InForm product of Oracle Health Sciences Applications component: Web Server. The supported version that is affected is 7.0.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Life Science...

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for resource management allows a perpetrator to gain access to read, modify, and delete information.

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for resource management involves security segmentation flaws. Exploiting this vulnerability could allow an attacker to gain read, modify, and delete access to information...

The vulnerability of the Preferences component of the Oracle CRM system’s customer relationship management module. The Oracle E-Business Suite technical foundation for automating business processes, allowing attackers to gain access to read, modify, and delete information.

The vulnerability of the Preferences component of the Oracle CRM system’s customer relationship management module is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain read, modify, and delete access to information...

The vulnerability of the PIA Core Technology component of the Oracle PeopleSoft Enterprise PeopleTools business application suite allows a hacker to gain read, modify, and delete access to data.

The vulnerability of the PIA Core Technology component in the Oracle PeopleSoft Enterprise PeopleTools business application suite is related to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker to gain read, modify, and delete access to data...

The vulnerability of the software for Hitachi Energy’s equipment control and management systems, Hitachi Energy MicroSCADA X SYS600 and Pro SYS600, arises from incorrect restrictions on the path name to the restricted-access catalog. This allows attackers to gain access to read, modify, and delete system files.

The vulnerability of the software for controlling and managing equipment in Hitachi Energy’s MicroSCADA X SYS600 and Pro SYS600 systems lies in improper restrictions on the path name to the restricted-access catalog. Exploiting this vulnerability could allow a malicious actor to gain read, modify...

CVE-2025-2290

CVE-2025-2290 affects the LifterLMS WordPress plugin (versions up to and including 8.0.1). The issue is an unauthenticated post trashing vulnerability caused by a missing capability check in the delete_access_plan function and related AJAX handlers. Impact per sources is that an unauthenticated a...

WordPress plugin LifterLMS 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

The vulnerability of the Personalization component of the Oracle Applications Framework, a web application development platform, within the Oracle E-Business Suite, allows an intruder to gain unauthorized access to read, modify, or delete data.

The vulnerability of the Personalization component of the Oracle Applications Framework, a platform for developing web applications in enterprise automation systems within the Oracle E-Business Suite, is related to improper authentication. Exploiting this vulnerability allows an attacker to gain...

The vulnerability of the AddGeneratedReport method in the SolarWinds Access Rights Manager (ARM) access control software allows a perpetrator to gain read, modify, or delete access to data.

The vulnerability of the AddGeneratedReport method in the SolarWinds Access Rights Manager ARM access control software is related to incorrect restrictions on the path name to the restricted directory. Exploiting this vulnerability could allow a malicious actor to gain read, modify, or delete...

The vulnerability of the Jenkins automation server relates to the creation of temporary files with insecure permissions, allowing a malicious actor to gain read, modify, or delete access to these files.

The vulnerability of the Jenkins automation server relates to the creation of temporary files with insecure permissions. Exploiting this vulnerability can allow a remote attacker to gain read, modify, or delete access to these files...