PT-2026-49950

Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Discovery Framework. Supported versions that are affected are 13.5 and 24.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise...

PT-2026-49965

Name of the Vulnerable Software and Affected Versions Oracle Enterprise Manager Base Platform version 13.5 Oracle Enterprise Manager Base Platform version 24.1 Description An issue exists in the Oracle Management Service component of the Oracle Enterprise Manager Base Platform. This flaw allows a...

PT-2026-49980

Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Install. Supported versions that are affected are 13.5 and 24.1. Easily exploitable vulnerability allows high privileged attacker with network access via HTTPS to compromise Oracle...

PT-2026-50101

Unauthenticated Local File Inclusion in Aperitif = 1.5 versions...

PT-2026-49962

Name of the Vulnerable Software and Affected Versions Oracle Enterprise Manager Base Platform version 13.5 Oracle Enterprise Manager Base Platform version 24.1 Description An issue exists in the Target Management component of the Oracle Enterprise Manager Base Platform. A low privileged attacker...

PT-2026-49960

Name of the Vulnerable Software and Affected Versions Oracle Enterprise Manager Base Platform version 13.5 Oracle Enterprise Manager Base Platform version 24.1 Description An issue exists in the Metadata Plugin component of the Oracle Enterprise Manager Base Platform. A low privileged attacker wi...

EUVD-2026-36989

Subscriber Broken Authentication in AutomatorWP = 5.6.7 versions...

EUVD-2026-36979

Unauthenticated Cross Site Scripting XSS in Coupon Affiliates = 7.5.3 versions...

EUVD-2026-36972

Unauthenticated Cross Site Scripting XSS in Notification for Telegram = 3.5 versions...

EUVD-2026-36968

Unauthenticated Privilege Escalation in WP BASE Booking = 5.9.0 versions...

EUVD-2026-36960

Unauthenticated SQL Injection in SpeakOut! Email Petitions = 4.6.5 versions...

EUVD-2026-36941

Author Arbitrary File Download in Download Monitor = 5.1.9 versions...

EUVD-2026-36936

Shop manager PHP Object Injection in WooCommerce PDF Invoices & Packing Slips 5.9.0 versions...

EUVD-2026-36911

Unauthenticated Broken Access Control in User Registration = 5.1.2 versions...

EUVD-2026-36926

Unauthenticated SQL Injection in Feed KuantoKusta for WooCommerce – Free = 5.3 versions...

EUVD-2026-36784

Incorrect access control in the webhook management component of Project Firefly III v6.5.9 allows attackers to scan internal resources via a crafted POST request...

EUVD-2026-36785

A Server-Side Request Forgery SSRF in the automatic short URL title resolution component of shlink v5.0.1 allows attackers to scan internal resources via supplying a crafted longUrl...

EUVD-2026-36793

Discuz! X5.0 releases 20260320 through 20260610 contains a CAPTCHA bypass vulnerability that allows unauthenticated remote attackers to defeat challenge controls by exploiting limited complexity and predictable character sets in generated CAPTCHA images. Attackers can train a custom optical...

EUVD-2026-36746

PublicCMS V5.202506.d has a Cross Site Scripting XSS vulnerability in the site configuration management module...

CVE-2026-49780

Customer Privilege Escalation in Dokan = 5.0.2 versions...