756 matches found
CVE-2026-6541
creationtimestamp| type| source ---|---|--- 2026-07-13 13:19:19+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqjrrssiwv27 2026-07-13 13:34:43+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqjsnlua352g 2026-07-13 18:19:01+00:00| seen|...
CVE-2026-12924
Eventin WordPress plugin (WP Event Solution) ≤ 4.1.15 is vulnerable to Stored Cross‑Site Scripting via the etn_faq_content parameter due to insufficient input sanitization and output escaping. Exploitation requires contributor‑level authentication or higher, enabling injection of scripts that exe...
CVE-2026-52784
CVE-2026-52784 (OpenProject) is a CSRF vulnerability in OpenProject’s web UI. The issue allows CSRF on a user-targeted action via POST to /users/:id with the parameter user[admin], enabling unauthorized state changes without user interaction. Affected software versions are prior to 17.3.3 and 17....
EUVD-2026-39688
Unauthenticated Broken Access Control in Paymob for WooCommerce = 4.1.2 versions...
EUVD-2026-39361
Contributor Sensitive Data Exposure in Elementor Website Builder = 4.1.3 versions...
Astra Linux – Vulnerability in util-linux
util-linux is a random collection of Linux utilities. Prior to version 2.41.4, a TOCTOU Time-of-Check-Time-of-Use vulnerability was identified in the SUID binary /usr/bin/mount from util-linux. The mount binary, when setting up loop devices, validates the source file path with user privileges via...
Astra Linux – Vulnerability in mapserver
MapServer is a system for developing web-based GIS applications. Prior to version 8.4.1, the XML Filter Query directive’s PropertyName was vulnerable to Boolean-based SQL injection. It seems that expression checking was bypassed by introducing double quote characters in PropertyName, allowing...
EUVD-2026-35091
phpMyFAQ has Weak Cryptography - SHA1 for Password Hashing...
CVE-2026-46068 affecting package kernel for versions less than 6.6.141.1-1
CVE-2026-46068 affecting package kernel for versions less than 6.6.141.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2026-45840 affecting package kernel for versions less than 6.6.141.1-1
CVE-2026-45840 affecting package kernel for versions less than 6.6.141.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2026-50268
Steeltoe is an open source project that provides a collection of libraries that helps users build cloud-native applications. In Steeltoe.Configuration.Encryption 4.0.0 through 4.1.0, configuring encrypt:rsa:algorithm=OAEP does not enable OAEP encryption. Due to an incorrect BouncyCastle...
EUVD-2025-210253
Unauthenticated PHP Object Injection in Reisen = 1.4.1 versions...
CVE-2026-46875
Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Deployment Library. Supported versions that are affected are 13.5 and 24.1. Easily exploitable vulnerability allows high privileged attacker with network access via HTTPS to compromise...
CVE-2026-46857
Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Oracle Management Service. Supported versions that are affected are 13.5 and 24.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromi...
EUVD-2026-37054
Unauthenticated Sensitive Data Exposure in GetGenie = 4.4.1 versions...
PT-2026-49960
Name of the Vulnerable Software and Affected Versions Oracle Enterprise Manager Base Platform version 13.5 Oracle Enterprise Manager Base Platform version 24.1 Description An issue exists in the Metadata Plugin component of the Oracle Enterprise Manager Base Platform. A low privileged attacker wi...
PT-2026-49962
Name of the Vulnerable Software and Affected Versions Oracle Enterprise Manager Base Platform version 13.5 Oracle Enterprise Manager Base Platform version 24.1 Description An issue exists in the Target Management component of the Oracle Enterprise Manager Base Platform. A low privileged attacker...
PT-2026-49965
Name of the Vulnerable Software and Affected Versions Oracle Enterprise Manager Base Platform version 13.5 Oracle Enterprise Manager Base Platform version 24.1 Description An issue exists in the Oracle Management Service component of the Oracle Enterprise Manager Base Platform. This flaw allows a...
PT-2026-49950
Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Discovery Framework. Supported versions that are affected are 13.5 and 24.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise...
CVE-2026-48878
Subscriber Sensitive Data Exposure in Visual Link Preview = 2.4.1 versions...