CVE-2026-24990

Missing Authorization vulnerability in Fahad Mahmood WP Docs wp-docs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Docs: from n/a through = 2.2.8...

CVE-2026-24990

Missing Authorization vulnerability in Fahad Mahmood WP Docs wp-docs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Docs: from n/a through = 2.2.8...

CVE-2026-24990 WordPress WP Docs plugin <= 2.2.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in Fahad Mahmood WP Docs wp-docs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Docs: from n/a through = 2.2.8...

CVE-2026-24990

Missing Authorization vulnerability in Fahad Mahmood WP Docs wp-docs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Docs: from n/a through = 2.2.8...

CVE-2026-24990 WordPress WP Docs plugin <= 2.2.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in Fahad Mahmood WP Docs wp-docs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Docs: from n/a through = 2.2.8...

EUVD-2026-5250

Missing Authorization vulnerability in Fahad Mahmood WP Docs wp-docs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Docs: from n/a through = 2.2.8...

CVE-2026-24990

CVE-2026-24990 affects the WordPress WP Docs plugin up to version 2.2.8. The issue is a missing authorization due to incorrectly configured access control levels, enabling bounded actions to be performed without proper permissions. Affected component: Fahad Mahmood WP Docs wp-docs (plugin). Impac...

WordPress plugin WP Docs 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

PT-2026-6236

Name of the Vulnerable Software and Affected Versions Fahad Mahmood WP Docs versions through 2.2.8 Description The software contains a missing authorization issue related to incorrectly configured access control security levels. This allows for exploitation of the system. Recommendations Update...

GHSA-GR56-3GP6-6GMJ vulnerabilities

Vulnerabilities for packages: pgpool2exporter, flux-notification-controller, guac, cortex, actions-runner-controller, kubernetes-csi-driver-nfs, nri-rabbitmq, secrets-store-csi-driver, blobfuse2, nri-nginx, kube-bench, tofu-controller, amazon-cloudwatch-agent-operator, vale, vault-k8s,...

GHSA-CM6P-QC7V-M3JW vulnerabilities

Vulnerabilities for packages: pgpool2exporter, flux-notification-controller, mockgen, nri-nginx, petname, eksctl, git-sync, bom, neuvector-sigstore-interface, gitleaks, fluxcd-kustomize-mutating-webhook, sbom-convert, node-feature-discovery, tekton-pipelines, azcopy, ctop, nri-mongodb, hivemind,...

GHSA-XVQR-69V8-F3GV vulnerabilities

Vulnerabilities for packages: pgpool2exporter, flux-notification-controller, mockgen, nri-nginx, petname, eksctl, git-sync, bom, neuvector-sigstore-interface, gitleaks, fluxcd-kustomize-mutating-webhook, sbom-convert, node-feature-discovery, tekton-pipelines, azcopy, ctop, nri-mongodb, hivemind,...

CVE-2025-68119 vulnerabilities

Vulnerabilities for packages: pgpool2exporter, flux-notification-controller, mockgen, nri-nginx, petname, eksctl, git-sync, bom, neuvector-sigstore-interface, gitleaks, fluxcd-kustomize-mutating-webhook, sbom-convert, node-feature-discovery, tekton-pipelines, azcopy, ctop, nri-mongodb, hivemind,...

GHSA-GM9R-Q53W-2GH4 vulnerabilities

Vulnerabilities for packages: pgpool2exporter, flux-notification-controller, guac, cortex, actions-runner-controller, kubernetes-csi-driver-nfs, secrets-store-csi-driver, vault-k8s, blobfuse2, vale, kube-bench, amazon-cloudwatch-agent-operator, mountpoint-s3-csi-driver, db-operator, step,...

CVE-2025-61731 vulnerabilities

Vulnerabilities for packages: pgpool2exporter, flux-notification-controller, mockgen, nri-nginx, petname, eksctl, git-sync, bom, neuvector-sigstore-interface, gitleaks, fluxcd-kustomize-mutating-webhook, sbom-convert, node-feature-discovery, tekton-pipelines, azcopy, ctop, nri-mongodb, hivemind,...

CVE-2025-61726 vulnerabilities

Vulnerabilities for packages: pgpool2exporter, flux-notification-controller, guac, cortex, actions-runner-controller, kubernetes-csi-driver-nfs, secrets-store-csi-driver, vault-k8s, blobfuse2, vale, kube-bench, amazon-cloudwatch-agent-operator, mountpoint-s3-csi-driver, db-operator, step,...

Directory Traversal

Overview @backstage/plugin-techdocs-node is a Common node.js functionalities for TechDocs, to be shared between techdocs-backend plugin and techdocs-cli Affected versions of this package are vulnerable to Directory Traversal via the TechdocsGenerator function when processing documentation from...

CVE-2026-25153 @backstage/plugin-techdocs-node vulnerable to arbitrary code execution via MkDocs hooks

Backstage is an open framework for building developer portals, and @backstage/plugin-techdocs-node provides common node.js functionalities for TechDocs. In versions of @backstage/plugin-techdocs-node prior to 1.13.11 and 1.14.1, when TechDocs is configured with runIn: local, a malicious actor who...

Malicious Package

Overview fabric-shim-docs is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious Package

Overview docs-ux is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...