CVE-2026-48887

Unauthenticated Broken Access Control in JS Help Desk = 3.0.9 versions...

CVE-2026-48886

Unauthenticated SQL Injection in JS Help Desk = 3.0.9 versions...

EUVD-2026-36863

Subscriber SQL Injection in ELEX WordPress HelpDesk & Customer Ticketing System = 3.3.6 versions...

CVE-2026-48887 WordPress JS Help Desk plugin <= 3.0.9 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in JS Help Desk = 3.0.9 versions...

CVE-2026-48887 WordPress JS Help Desk plugin <= 3.0.9 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in JS Help Desk = 3.0.9 versions...

EUVD-2026-36861

Unauthenticated Broken Access Control in JS Help Desk = 3.0.9 versions...

CVE-2026-48887

CVE-2026-48887 affects the WordPress JS Help Desk plugin ≤ 3.0.9 with an unauthenticated Broken Access Control flaw. Documents note unauthorized access control weakness but do not provide root cause details or a stated remediation; Patchstack is cited as the source. Exploitation status is not des...

EUVD-2026-36860

Unauthenticated SQL Injection in JS Help Desk = 3.0.9 versions...

CVE-2026-48886 WordPress JS Help Desk plugin <= 3.0.9 - SQL Injection vulnerability

Unauthenticated SQL Injection in JS Help Desk = 3.0.9 versions...

CVE-2026-48886 WordPress JS Help Desk plugin <= 3.0.9 - SQL Injection vulnerability

Unauthenticated SQL Injection in JS Help Desk = 3.0.9 versions...

CVE-2026-48886

The CVE-2026-48886 entry describes an unauthenticated SQL Injection in WordPress JS Help Desk plugin versions

PT-2026-49491

Name of the Vulnerable Software and Affected Versions JS Help Desk versions prior to 3.0.10 Description Broken Access Control allows unauthenticated users to bypass security restrictions. Recommendations Update to version 3.0.10 or later...

PT-2026-49490

Unauthenticated SQL Injection in JS Help Desk = 3.0.9 versions...

SolarWinds Web Help Desk < 2026.2 Multiple Vulnerabilities

The version of SolarWinds Web Help Desk installed on the remote host is prior to 2026.2. It is, therefore, affected by multiple vulnerabilities. - pgAdmin versions up to 9.9 are affected by a Remote Code Execution RCE vulnerability that occurs when running in server mode and performing restores...

Medium: yelp

Issue Overview: A sandbox escape vulnerability was found in yelp, the GNOME help viewer. Bypassing the fix for CVE-2025-3155, a malicious help document can use a CSS stylesheet embedded in an SVG image to exfiltrate the contents of local files such as files under /proc to an external server witho...

CVE-2026-23757

GFI HelpDesk before 4.99.10 contains a stored cross-site scripting vulnerability in the Reports module where the title parameter is passed directly to SWIFTReport::Create without HTML sanitization. Attackers can inject arbitrary JavaScript into the report title field when creating or editing a...

CVE-2026-40171

In Jupyter Notebook versions 7.0.0 through 7.5.5, JupyterLab versions 4.5.6 and earlier, and the corresponding @jupyter-notebook/help-extension and @jupyterlab/help-extension packages before 7.5.6 and 4.5.7, a stored cross-site scripting issue in the help command linker can be chained with...

exploit-validator

$repo Production-grade offensive security tool for Purpose...

CVE-2026-28299

SolarWinds Web Help Desk is found to be affected by a denial-of-service vulnerability, which when exploited, could cause the Web Help Desk server to crash due to insufficient memory...

CVE-2026-28299

SolarWinds Web Help Desk is found to be affected by a denial-of-service vulnerability, which when exploited, could cause the Web Help Desk server to crash due to insufficient memory...