PT-2026-42886

A security vulnerability has been detected in QuantumNous new-api up to 0.12.1. This affects the function RelayMidjourneyImage/GetByOnlyMJId of the file router/relay-router.go of the component Midjourney Image Relay Endpoint. Such manipulation leads to authorization bypass. The attack can be...

CVE-2025-14051 youlaitech youlai-mall addresses deleteAddress improper control of dynamically-identified variables

A flaw has been found in youlaitech youlai-mall 1.0.0/2.0.0. Affected is the function getById/updateAddress/deleteAddress of the file /mall-ums/app-api/v1/addresses/. Executing manipulation can lead to improper control of dynamically-identified variables. The attack can be executed remotely. The...

AZL-51504 CVE-2024-50028 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: thermal: core: Reference count the zone in thermalzonegetbyid There are places in the thermal netlink code where nothing prevents the thermal zone object from going away while being accessed after it has been returned by...

wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id()

...