198 matches found
EUVD-2026-39492
pnpm Vulnerable to Arbitrary File Write/Delete via Malicious Patch File Path Traversal...
CVE-2026-50014
pnpm is a package manager. Prior to 10.34.0 and 11.4.0, pnpm passes the lockfile-controlled git resolution.commit value to git fetch without a -- separator or commit-format validation. For git dependencies fetched through the shallow-fetch path, a malicious lockfile can replace the expected...
EUVD-2026-38714
The Ultimate Member plugin for WordPress is vulnerable to Account Takeover via Password Reset Link Disclosure in all versions up to and including 2.11.4. This is due to a chain of three logic bugs: 1 an MD5 hash fallback in getdirectorybyhash that allows any post to be used as a member directory ...
CVE-2026-52845
Summary (CVE-2026-52845): Caddy 2.11.x contains a bypass in forward_auth copy_headers where, prior to 2.11.4, the exact client-supplied header was deleted but HTTP header names are later normalized to CGI variables, allowing an underscore alias to collide with a trusted header in FastCGI backends...
CVE-2026-52846
Summary: CVE-2026-52846 affects Caddy's stripHTML template function, which cannot reliably strip certain malformed HTML (e.g., <img src=x onerror=alert()>). This can bypass tag-stripping and may enable client-side XSS when untrusted strings are rendered as HTML. The issue originates in func...
CVE-2026-52846
Caddy is an extensible server platform that uses TLS by default. Prior to 2.11.4, Caddy’s stripHTML template function cannot reliably remove all HTML tags from input strings. Certain malformed HTML, such as img src=x onerror=alert, can bypass the tag-stripping logic, potentially leaving dangerous...
CVE-2026-46914
Vulnerability in the Oracle Solaris product of Oracle Systems component: Filesystem. The supported version that is affected is 11.4. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris...
PT-2026-50021
Name of the Vulnerable Software and Affected Versions Oracle Solaris version 11.4 Description An issue exists in the Filesystem component of Oracle Solaris. A low-privileged attacker with logon access to the infrastructure where the system executes can compromise the environment. Successful...
PT-2026-50075
Name of the Vulnerable Software and Affected Versions Oracle Solaris version 11.4 prior to SRU93 Description An issue exists in the Remote Administration Daemon that allows an unauthenticated attacker with network access via HTTPS to compromise the system. Successful exploitation can lead to...
EUVD-2026-36442
vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, Symbol.for override in setup-sandbox.js only intercepts 2 of 9 dangerous Node.js cross-realm symbols. Combined with the bridge's set/defineProperty/deleteProperty traps having no isDangerousCrossRealmSymbol key check, sandbox...
CVE-2026-34281
Vulnerability in the Oracle Solaris product of Oracle Systems component: Kernel. The supported version that is affected is 11.4. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the...
CVE-2026-9807
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.9 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that under certain conditions could have allowed a blocked Project Access Token to continue accessing private resources due to incorrect authorization...
CVE-2026-28735
Mattermost versions 11.6.x = 11.6.0, 11.5.x = 11.5.3, 11.4.x = 11.4.4, 10.11.x = 10.11.14 fail to validate the OAuth token scope on the callback which allows an authenticated Mattermost user to gain access to private repositories via modifying the scope parameter in the GitHub authorization URL...
EUVD-2026-31431
Mattermost versions 11.6.x = 11.6.0, 11.5.x = 11.5.3, 11.4.x = 11.4.4, 10.11.x = 10.11.14 fail to archive the channel before removing persistent notifications which allows authenticated user to crash the server via timing the creation of persistent notification message between the server deleting...
CVE-2026-5740 Unauthenticated WebSocket binary frame causes denial of service in Mattermost Server
Mattermost versions 11.6.x = 11.6.0, 11.5.x = 11.5.3, 11.4.x = 11.4.4, 10.11.x = 10.11.14 fail to properly validate msgpack-encoded WebSocket frames before memory allocation which allows an unauthenticated remote attacker to crash the server process and cause a full service outage for all users v...
Mattermost 安全漏洞
Mattermost is an open-source collaboration platform developed by the American company Mattermost. Vulnerabilities exist in Mattermost versions 11.6.0 and earlier 11.6.x series, 11.5.3 and earlier 11.5.x series, 11.4.4 and earlier 11.4.x series, as well as 10.11.14 and earlier 10.11.x series. Thes...
Mattermost 安全漏洞
Mattermost is an open-source collaboration platform developed by the American company Mattermost. Versions of Mattermost such as 11.5.1 and earlier 11.5.x series, 10.11.13 and earlier 10.11.x series, and 11.4.3 and earlier 11.4.x series have security vulnerabilities. These vulnerabilities stem fr...
CVE-2026-45218 WordPress WP Travel plugin <= 11.4.0 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Travel WP Travel wp-travel allows Blind SQL Injection.This issue affects WP Travel: from n/a through = 11.4.0...
EUVD-2026-24339
An incorrect authorization vulnerability exists in Esri Portal for ArcGIS 11.4, 11.5 and 12.0 on Windows, Linux and Kubernetes that did not correctly check permissions assigned to developer credentials...
CVE-2026-34281
Vulnerability in the Oracle Solaris product of Oracle Systems component: Kernel. The supported version that is affected is 11.4. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the...