CVE-2026-8386

The WP Go Maps WordPress plugin before 10.0.10 does not perform any approval-state filtering on its public single-marker REST endpoint, allowing unauthenticated users to retrieve marker records that an administrator has not yet approved for public display, including any PII placed in the address...

CVE-2026-8386 WP Go Maps < 10.0.10 - Unauthenticated Sensitive Information Disclosure via Marker ID

The WP Go Maps WordPress plugin before 10.0.10 does not perform any approval-state filtering on its public single-marker REST endpoint, allowing unauthenticated users to retrieve marker records that an administrator has not yet approved for public display, including any PII placed in the address...

PT-2026-49184

The WP Go Maps WordPress plugin before 10.0.10 does not perform any approval-state filtering on its public single-marker REST endpoint, allowing unauthenticated users to retrieve marker records that an administrator has not yet approved for public display, including any PII placed in the address...

CVE-2020-25900

HelloTalk through 3.4.1 stores full-precision GPS coordinates even when the user had intended to share only a country or city. Furthermore, these coordinates are placed into a database on the client of other users. The client side was changed in 2019 to encrypt that database...

CVE-2026-6209

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2026-6207

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2026-6208

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2026-6209

...

EUVD-2026-34841

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2026-6209

CVE-2026-6209 is rejected/not used; this ID does not represent an active vulnerability entry.

EUVD-2026-34840

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2026-6208

...

CVE-2026-6208

CVE-2026-6208 entry is rejected/not used and does not represent an active vulnerability.

CVE-2026-6207

CVE-2026-6207 is rejected and not an active vulnerability entry.

EUVD-2026-34836

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2026-6207

...

PT-2026-46967

Improper Access Control, Missing Authorization vulnerability in HAVELSAN Inc. Geographic Tracking System allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Geographic Tracking System: before v0.0.2...

Linux Distros Unpatched Vulnerability : CVE-2026-35235

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: GIS. Supported versions that are affected are 9.0.0-9.6.0. Easily exploitable...

EUVD-2026-24439

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: GIS. Supported versions that are affected are 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of thi...

CVE-2026-33147

GMT is an open source collection of command-line tools for manipulating geographic and Cartesian data sets. In versions from 6.6.0 and prior, a stack-based buffer overflow vulnerability was identified in the gmtremotedatasetid function within src/gmtremote.c. This issue occurs when a specially...