66858 matches found
MINI-RH2W-7CPX-4245
Bulletin has no description...
CVE-2024-28996
creationtimestamp| type| source ---|---|--- 2026-07-06 12:00:06+00:00| seen| https://t.me/ZerodayAlert/249 2026-07-07 00:00:11+00:00| seen| https://t.me/ZerodayAlert/249...
MINI-FFX6-X63R-8Q8F
Bulletin has no description...
MINI-Q6CH-J8F5-RXPR
Bulletin has no description...
CVE-2026-24013
Authentication Bypass by Spoofing vulnerability in Apache IoTDB. Certain Thrift RPC query handlers lack strict validation of the sessionId parameter. An attacker can construct requests with a forged sessionId and, without performing openSession authentication, receive valid query results. This...
MINI-58Q7-G5CX-5VXW
Bulletin has no description...
EUVD-2026-41860
An authenticated user could manipulate a company ID parameter in a POST request to the backend to gain unauthorised access to other companies hosted within the same subdomain environment. The application does not adequately verify whether the requested company ID belongs to the authenticated user...
CVE-2026-12686
CVE-2026-12686 affects Adiss’s Biloop: an authenticated user can manipulate a company ID in a POST to the backend, bypassing cross-tenant authorization and gaining access to other companies’ data (including billing) and potentially modifying third-party data. Root cause is inadequate verification...
CVE-2026-14801
A security vulnerability has been detected in GPAC 26.03-DEV-rev342-g80071f700-master. The impacted element is the function txtinprobeduration of the file src/filters/loadtext.c of the component TeXML File Handler. Such manipulation of the argument txmltimescale leads to divide by zero. An attack...
CVE-2026-14791
creationtimestamp| type| source ---|---|--- 2026-07-06 04:06:39+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpx7negsoo23 2026-07-08 02:52:08+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mq44fxergo2i...
CVE-2026-14787
creationtimestamp| type| source ---|---|--- 2026-07-06 04:02:53+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpx7gnkinz2c 2026-07-07 23:59:12+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mq3sqqm3dl2y...
ROOT-OS-DEBIAN-13-CVE-2025-68173 CVE-2025-68173 in rootio-linux - Patched by Root
Root has patched CVE-2025-68173 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2025-40166 CVE-2025-40166 in rootio-linux - Patched by Root
Root has patched CVE-2025-40166 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2026-31409 CVE-2026-31409 in rootio-linux - Patched by Root
Root has patched CVE-2026-31409 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2025-68174 CVE-2025-68174 in rootio-linux - Patched by Root
Root has patched CVE-2025-68174 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
EUVD-2026-41803
A security vulnerability has been detected in Formbricks 5.0.0. This impacts an unknown function of the file apps/web/modules/survey/link/actions.ts of the component Survey Handler. The manipulation leads to improper access controls. Remote exploitation of the attack is possible. Upgrading to...
CVE-2026-14776
creationtimestamp| type| source ---|---|--- 2026-07-06 00:50:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpwuohsoeu22 2026-07-07 12:29:44+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mq2m7verje2w 2026-07-07 12:29:45+00:00| seen|...
EUVD-2026-41781
A flaw has been found in SourceCodester Class and Exam Timetabling System 1.0/1.php. The affected element is an unknown function of the file /editexam1.php. Executing a manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2026-14773
creationtimestamp| type| source ---|---|--- 2026-07-06 00:17:19+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpwstchuzv26 2026-07-07 12:23:06+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mq2ltza6zm2b...
PT-2026-55915
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An authenticated user can perform a cross-tenant authorization bypass by manipulating a company ID parameter in a POST request to the backend. The application...