CVE-2026-47715

Bugsink is a self-hosted error tracking tool. Prior to 2.2.0, Bugsink issue event pages accept a direct event identifier from the URL and, in affected versions, look up that event without also requiring it to belong to the issue in the URL. This is a project-boundary authorization issue: a...

CVE-2026-26004

CVE-2026-26004 (Sentry) : A cross-organization insecure direct object reference (IDOR) exists in Sentry’s GroupEventJsonView endpoint for versions prior to 26.1.0. This could allow unauthorized access to event data across organizational boundaries. The issue is mitigated by upgrading to version 2...

Discourse Security Breach

Discourse is an open source community discussion platform. The platform includes features such as communities, email and chat rooms. A security vulnerability exists in versions of Discourse Calendar prior to 0.4, which stems from allowing anyone to view invitees in events created by PMs and priva...

DEBIAN-CVE-2020-14332

A flaw was found in the Ansible Engine when using moduleargs. Tasks executed with check mode --check-mode do not properly neutralize sensitive data exposed in the event data. This flaw allows unauthorized users to read this data. The highest threat from this vulnerability is to confidentiality...