EUVD-2026-32578

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the nnef-callback route group without inbound OAuth2/bearer-token authorization. A forged or arbitrary bearer token e.g. Authorization: Bearer not-a-real-token is enough to reach the SMF-callback...

CVE-2026-44327 free5GC: NEF nnef-oam route group is unauthenticated; no-token requests reach the OAM handler

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the nnef-oam route group without inbound OAuth2/bearer-token authorization. A network attacker who can reach NEF on the SBI can hit the OAM route with no Authorization header at all and the handl...

PT-2026-39724

Tookie is a advanced OSINT information gathering tool. Prior to 4.1fix, modules/modules.py's write txt, write csv, write json, and commented-but-shipping scan file helpers open their output as openf"user.", where user comes unsanitized from the -u CLI flag or any line of a -U usernames file. A...

PT-2026-30860

text-generation-webui is an open-source web interface for running Large Language Models. Prior to 4.3, an unauthenticated path traversal vulnerability in load prompt allows reading any .txt file on the server filesystem. The file content is returned verbatim in the API response. This vulnerabilit...

CVE-2026-33012

Micronaut Framework is a JVM-based full stack Java framework designed for building modular, easily testable JVM applications. Versions 4.7.0 through 4.10.16 used an unbounded ConcurrentHashMap cache with no eviction policy in its DefaultHtmlErrorResponseBodyProvider. If the application throws an...

CVE-2026-24671

The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, a Stored Cross-Site Scripting XSS vulnerability allows authenticated high-privileged users teachers or administrators to inject malicious JavaScript into multiple user-controllabl...

CVE-2026-25059 OpenList affected by Path Traversal in file copy and remove handlers

OpenList Frontend is a UI component for OpenList. Prior to 4.1.10, the application contains path traversal vulnerability in multiple file operation handlers in server/handles/fsmanage.go. Filename components in req.Names are directly concatenated with validated directories using stdpath.Join. Thi...

CVE-2026-24490 MobSF has Stored XSS via Manifest Analysis - Dialer Code Host Field

MobSF is a mobile application security testing tool used. Prior to version 4.4.5, a Stored Cross-site Scripting XSS vulnerability in MobSF's Android manifest analysis allows an attacker to execute arbitrary JavaScript in the context of a victim's browser session by uploading a malicious APK. The...

CVE-2026-24421 phpMyFAQ missing authorization exposes /api/setup/backup to any authenticated user

phpMyFAQ is an open source FAQ web application. Versions 4.0.16 and below have flawed authorization logic which exposes the /api/setup/backup endpoint to any authenticated user despite their permissions. SetupController.php uses userIsAuthenticated but does not verify that the requester has...

CVE-2026-23511

ZITADEL is an open source identity management platform. Prior to 4.9.1 and 3.4.6, a user enumeration vulnerability has been discovered in Zitadel's login interfaces. An unauthenticated attacker can exploit this flaw to confirm the existence of valid user accounts by iterating through usernames an...

WordPress ShopEngine plugin <= 4.8.5 - Cross-Site Request Forgery to Wishlist Manipulation vulnerability

Cross-Site Request Forgery to Wishlist Manipulation vulnerability discovered by Adrian Lukita in WordPress Plugin ShopEngine versions = 4.8.5...

CVE-2025-62789

CVE-2025-62789 affects Wazuh before 4.11.0. The fim_alert() path does not check the return value of ctime_r before calling strdup(), enabling a NULL pointer dereference that can crash analysisd when a compromised/malicious agent sends a crafted message to the Wazuh manager. Impact is denial of se...

WordPress Enable Media Replace plugin <= 4.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via file_modified Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via filemodified Shortcode vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Enable Media Replace versions = 4.1.6...

CVE-2025-61595

MANTRA is a purpose-built RWA Layer 1 Blockchain, capable of adherence to real world regulatory requirements. Versions 4.0.1 and below do not enforce the tx gas limit in its send hooks. Send hooks can spend more gas than what remains in tx, combined with recursive calls in the wasm contract,...

WordPress ShopEngine plugin <= 4.8.3 - Insufficient Authorization to Authenticated (Editor+) Settings Update vulnerability

Insufficient Authorization to Authenticated Editor+ Settings Update vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin ShopEngine versions = 4.8.3...

WordPress Export WP Page to Static HTML/CSS Plugin <= 4.1.0 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Bao - BlueRock in WordPress Plugin Export WP Page to Static HTML/CSS versions = 4.1.0...

AZL-44454 CVE-2024-4067 affecting package js-jquery 3.5.0-4

The NPM package micromatch prior to 4.0.8 is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability occurs in micromatch.braces in index.js because the pattern . will greedily match anything. By passing a malicious payload, the pattern matching will keep backtracking to the...

UBUNTU-CVE-2024-28233

JupyterHub is an open source multi-user server for Jupyter notebooks. By tricking a user into visiting a malicious subdomain, the attacker can achieve an XSS directly affecting the former's session. More precisely, in the context of JupyterHub, this XSS could achieve full access to JupyterHub API...

DEBIAN-CVE-2021-43008

Improper Access Control in Adminer versions 1.12.0 to 4.6.2 fixed in version 4.6.3 allows an attacker to achieve Arbitrary File Read on the remote server by requesting the Adminer to connect to a remote MySQL database...