CVE-2026-5396

The Fluent Forms plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in all versions up to, and including, 6.1.21. This is due to the SubmissionPolicy class authorizing submission-level actions read, modify, delete, add notes based on a user-supplied formid quer...

CVE-2026-47123

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.220, the email processing pipeline in FreeScout's FetchEmails command has two code paths for identifying agent user replies based on In-Reply-To / References headers. The notification reply path...

PT-2025-45344

Name of the Vulnerable Software and Affected Versions AnyDesk versions through 9.0.4 Description An issue exists in AnyDesk where, when a connection is established between two clients using an IP address, data manipulation is possible, leading to spoofing of the AnyDesk ID. Recommendations Update...

Authd 安全漏洞

Authd is a cloud-based authentication daemon for identity providers in the Ubuntu open source. A security vulnerability exists in Authd versions prior to 0.3.6 that stems from insufficient randomization of user IDs to prevent conflicts, allowing a local attacker with a registered username to spoo...

CVE-2020-20094

Instagram iOS 106.0 and prior and Android 107.0.0.11 and prior user interface does not properly represent URI messages to the user, which results in URI spoofing via specially crafted messages...

CVE-2020-20095

iMessage Messages app iOS 12.4 and prior user interface does not properly represent URI messages to the user, which results in URI spoofing via specially crafted messages...

Apple iMessage iOS 安全漏洞

Apple iMessage iOS is an instant messaging service from Apple Inc. in the United States. A security vulnerability exists in Apple iMessage iOS Messages app version 12.4, which stems from a failure of the user interface in iMessage Messages app iOS version 12.4 and earlier to properly present URI...

DELL Dell EMC Isilon OneFS 和 EMC PowerScale 安全漏洞

DELL Dell EMC Isilon OneFS and EMC PowerScale are both a set of horizontally scalable storage systems for unstructured data from Dell USA. A security vulnerability exists in Dell Isilon OneFS 8.2.2 and prior versions and Dell EMC PowerScale OneFS 9.0.0 and prior versions. The vulnerability stems...

atomic-openshift: cross-namespace owner references can trigger deletions of valid children

A vulnerability exists in the garbage collection mechanism of atomic-openshift. An attacker able spoof the UUID of a valid object from another namespace is able to delete children of those objects...

PT-2019-16753 · Red Hat · Atomic-Openshift

Name of the Vulnerable Software and Affected Versions: atomic-openshift versions 3.6 through 4.1 Description: A flaw in the garbage collection mechanism allows an attacker to spoof the UUID of a valid object from another namespace, enabling them to delete children of those objects. Recommendation...

PT-2013-4945 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.11 Description: The issue allows local users to gain privileges via PID spoofing due to an incorrect namespace capability check in the scm check creds function. Recommendations: For versions prior to 3.11,...