Drupal to Release Urgent Core Security Updates on May 20, Sites Told to Prepare

Drupal has issued an alert stating that it intends to release a "core security release" for all supported branches on May 20, 2026, from 5-9 p.m. UTC. "The Drupal Security Team urges you to reserve time for core updates at that time because exploits might be developed within hours or days," the...

Mattermost 安全漏洞

Mattermost is an open-source collaboration platform developed by the American company Mattermost. Versions of Mattermost such as 11.5.1 and earlier 11.5.x series, 10.11.13 and earlier 10.11.x series, and 11.4.3 and earlier 11.4.x series have security vulnerabilities. These vulnerabilities stem fr...

GHSA-6C5X-3H35-VVW2

creationtimestamp| type| source ---|---|--- 2026-03-31 17:25:19+00:00| seen| Telegram/nw5w-ohs-CK0Rjuv5tJSQsl41JpqhSQHTKMS4QN8816OY...

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability exists in Mattermost versions 10.11.4 and prior to 10.11.x and 10.5.12 and prior to 10.5.x. The vulnerability stems from unvalidated user permissions and could lead to...

Security update for chrony

This update for chrony fixes the following issues: Race condition during socket creation by chronyc allows privilege escalation from user chrony to root bsc1246544. This update also ships chrony-pool-empty to SLE Micro 5.x jscSMO-587 Patch Instructions: To install this SUSE update use the SUSE...

EUVD-2025-34730

Mattermost has an Observable Timing Discrepancy vulnerability...

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability in Mattermost versions 10.11.1 and prior to 10.11.x, 10.10.2 and prior to 10.10.x, and 10.5.10 and prior to 10.5.x stems from a failure to validate that a user has the privileg...

Joomla! 5.x < 5.3.4 Multiple Vulnerabilities

According to its self-reported version, the instance of Joomla! running on the remote web server is 4.x prior to 4.4.14 or 5.x prior to 5.3.4. It is, therefore, affected by multiple vulnerabilities. - Inadequate content filtering within the checkAttribute methods leads to XSS vulnerabilities in...

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability exists in Mattermost versions 10.5.8 and prior 10.5.x and 9.11.17 and prior 9.11.x, which stems from insufficient access control validation and could cause an authenticated use...

CVE-2025-47700

Mattermost Server versions 10.5.x

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability exists in Mattermost versions 10.8.3 and prior to 10.8.x, 10.5.8 and prior to 10.5.x, 10.10.0 and prior to 10.10.x, and 10.9.3 and prior to 10.9.x, which stems from an un-clean...

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability in Mattermost versions 10.5.5 and prior 10.5.x, 9.11.15 and prior 9.11.x, 10.8.0 and prior 10.8.x, 10.7.2 and prior 10.7.x, and 10.6.5 and prior 10.6.x, which stems from an...

CVE-2023-39269

A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i800NC, RUGGEDCOM i801, RUGGEDCOM i801NC, RUGGEDCOM i802, RUGGEDCOM i802NC, RUGGEDCOM i803, RUGGEDCOM i803NC, RUGGEDCOM M2100, RUGGEDCOM M2100F, RUGGEDCOM M2100NC, RUGGEDCOM M2200, RUGGEDCOM M2200F, RUGGEDCOM M2200NC, RUGGEDCOM M969...

CVE-2024-37672

Cross Site Scripting vulnerability in Tessi Docubase Document Management product 5.x allows a remote attacker to execute arbitrary code via the idactivity parameter...

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability exists in Mattermost versions 9.5.x through 9.5.3 and 8.1.x through 8.1.12, which stems from the presence of an issue where a team administrator can promote a guest to a team...

CVE-2023-49101

WebAdmin in Axigen 10.3.x before 10.3.3.61, 10.4.x before 10.4.24, and 10.5.x before 10.5.10 allows XSS attacks against admins because of mishandling of viewing the usage of SSL certificates...

Milesight Cross-Site Scripting Vulnerability

Milesight is a complete Artificial Intelligence Video Surveillance solution from China's StarZone IOT Milesight. A cross-site scripting vulnerability exists in Ursalink Milesight UR5X, UR32L, UR32, UR35, UR41 , Industrial Cellular Routers prior to v35.3.0.7, which stems from the admin panel being...

Milesight Log Information Disclosure Vulnerability

Milesight is a complete Artificial Intelligence Video Surveillance solution from China's StarZone IOT Milesight. A log information disclosure vulnerability exists in Milesight UR5X, UR32L, UR32, UR35, UR41, and Industrial Cellular Routers prior to v35.3.0.7, which stems from a vulnerability that...

PT-2022-27415 · Chicken +1 · Chicken +1

Name of the Vulnerable Software and Affected Versions: CHICKEN versions 5.x before 5.3.1 Description: The issue allows arbitrary OS command execution during package installation via escape characters in a .egg file. This is due to a problem in the egg-compile.scm file. Recommendations: For CHICKE...

SiteServerCMS 安全漏洞

SSCMS SiteServerCMS SSCMS is an open source, cross-platform, enterprise-level content management system from China's SSCMS Corporation. A security vulnerability exists in SiteServerCMS version 5.X. The vulnerability stems from a remote download Getshell vulnerability via...