4 matches found
CVE-2026-27190
Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.6.8, a command injection vulnerability exists in Deno's node:childprocess implementation. This vulnerability is fixed in 2.6.8...
CVE-2026-25767 LavinMQ has incomplete shovel configuration validation
LavinMQ is a high-performance message queue & streaming server. Before 2.6.8, an authenticated user, with the “Policymaker” tag, could create shovels bypassing access controls. an authenticated user with the "Policymaker" management tag could exploit it to read messages from vhosts they are not...
WordPress JobSearch Plugin <= 2.6.7 is vulnerable to Arbitrary File Upload
Software JobSearch Type Plugin Vulnerable versions = 2.6.7 Fixed in 2.6.8 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-8614 Patch priority High CVSS severity High 9.9 Developer Claim ownership PSID d16b486be3a5 Credits Tonn Required privilege Subscriber Published 5...
WordPress Fat Rat Collect Plugin <= 2.6.7 is vulnerable to Broken Access Control
Software Fat Rat Collect Type Plugin Vulnerable versions = 2.6.7 Fixed in 2.6.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-35045 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 3675b324429a Credits Abdi Pranata Required privile...