CVE-2026-46741

Etsy::StatsD versions through 1.002002 for Perl allow metric injections. The metric names and values are not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. Note that the git repository contains an unreleased version with the...

CVE-2026-46741

Etsy::StatsD versions through 1.002002 for Perl allow metric injections. The metric names and values are not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. Note that the git repository contains an unreleased version with the...

CVE-2026-46739

Net::Statsd versions before 0.13 for Perl allow metric injections. The metric names are not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. The updatestats used for updating counters and gauge methods do not check that values...

EUVD-2026-34296

Etsy::StatsD versions through 1.002002 for Perl allow metric injections. The metric names and values are not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. Note that the git repository contains an unreleased version with the...

CVE-2026-46741 Etsy::StatsD versions through 1.002002 for Perl allow metric injections

Etsy::StatsD versions through 1.002002 for Perl allow metric injections. The metric names and values are not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. Note that the git repository contains an unreleased version with the...

CVE-2026-46741

Etsy::StatsD for Perl (versions up to 1.002002) is affected by metric injection due to unvalidated metric names and values containing newlines, colons, or pipes. The issue can allow an attacker to inject additional statsd metrics when metrics are generated from untrusted sources, with the Git rep...

EUVD-2026-34295

Net::Statsd versions before 0.13 for Perl allow metric injections. The metric names are not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. The updatestats used for updating counters and gauge methods do not check that values...

CVE-2026-46739

Net::Statsd for Perl with versions prior to 0.13 is vulnerable to metric injections. The flaw arises because metric names aren’t checked for newlines, colons, or pipes, allowing untrusted-sourced metrics to inject additional statsd metrics. Additionally, update_stats and gauge do not validate tha...

PT-2026-46265

Name of the Vulnerable Software and Affected Versions Etsy::StatsD versions prior to 1.002002 Description Etsy::StatsD for Perl allows metric injections because metric names and values are not validated for newlines, colons, or pipes. This allows metrics generated from untrusted sources to inject...

PT-2026-46264

Name of the Vulnerable Software and Affected Versions Net::Statsd versions prior to 0.13 Description Net::Statsd for Perl allows metric injections because metric names are not validated for newlines, colons, or pipes. This allows metrics generated from untrusted sources to inject additional stats...

CISA: CISA and Partners Urge Hardening Automatic Tank Gauge Systems

The Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, the National Security Agency NSA, the Department of Energy DOE, the Environmental Protection Agency EPA, the Transportation Security Administration TSA, the Department of Transportation DOT, and th...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: axp288fuelgauge: Fixed the race condition related to externalpowerchanged. The function fuelgaugeexternalpowerchanged dereferes the variable info-bat, which is then set in the function axp288fuelgaugeprobe. This process looks lik...

CVE-2025-69298

Missing Authorization vulnerability in GhostPool Gauge gauge allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gauge: from n/a through = 6.56.4...

CVE-2025-69298

Missing Authorization vulnerability in GhostPool Gauge gauge allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gauge: from n/a through = 6.56.4...

CVE-2025-69298 WordPress Gauge theme <= 6.56.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in GhostPool Gauge gauge allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gauge: from n/a through = 6.56.4...

CVE-2025-69298 WordPress Gauge theme <= 6.56.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in GhostPool Gauge gauge allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gauge: from n/a through = 6.56.4...

CVE-2025-69298

CVE-2025-69298 : WordPress Gauge theme

WordPress plugin Gauge 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

PT-2026-21126

Name of the Vulnerable Software and Affected Versions GhostPool Gauge versions through 6.56.4 Description A missing authorization flaw exists in the GhostPool Gauge gauge, allowing exploitation due to incorrectly configured access control security levels. Recommendations Update GhostPool Gauge to...

WordPress Gauge theme <= 6.56.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Gauge versions = 6.56.4...