EUVD-2026-30587

Mathesar is a web application that makes working with PostgreSQL databases both simple and powerful. From 0.2.0 to before 0.10.0, collaborators.list, tables.metadata.list, explorations.list, and forms.list accept a databaseid without verifying that the requesting user was a collaborator on that...

com.ritense.valtimo:besluit (>=10.0.0.RELEASE <=12.15.1.RELEASE), com.ritense.valtimo:besluiten-api (>=0.0.0 <=12.15.1.RELEASE) +66 more potentially affected by CVE-2025-58059 via com.ritense.valtimo:core (>=0.0.0-test <=12.15.1.RELEASE)

com.ritense.valtimo:core MAVEN version =0.0.0-test, =10.0.0.RELEASE, =0.0.0, =0.0.0, =10.0.0.RELEASE, =0.0.0, =0.0.0, =0.0.0, =10.0.0.RELEASE, =0.0.0, =0.0.0, =10.0.0.RELEASE, =10.0.0.RELEASE, =0.0.0, =12.15.1.RELEASE and more Source cves: CVE-2025-58059 Source advisory: OSV:GHSA-W48J-PP7J-FJ55...

Linux Distros Unpatched Vulnerability : CVE-2016-5303

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in the Horde Text Filter API in Horde Groupware and Horde Groupware Webmail Edition before 5.2.16 allows remote attackers...

CVE-2024-2020

The Calculated Fields Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form page href parameter in all versions up to, and including, 5.1.56 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...