CVE-2025-11694

The CVE-2025-11694 issue affects 1769 CompactLogix controllers (CIP protocol). The root cause is missing validation of sequence numbers and source IP addresses, enabling an attacker to abuse exposed Connection IDs visible on the web interface to trigger denial-of-service conditions resulting in a...

CVE-2026-45582 n8n-MCP: Workflow telemetry sanitizer could retain partial values from URL-shaped node parameters

n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. Prior to 2.51.3, the workflow telemetry sanitizer could retain partial fragments of URL-shaped node parameters before sending workflow data to the project's anonymous telemetry...

pretix: API leaks check-in data between events of the same organizer

A new API endpoint introduced in pretix 2025 that is supposed to return all check-in events of a specific event in fact returns all check-in events belonging to the respective organizer. This allows an API consumer to access information for all other events under the same organizer, even those th...

CVE-2026-32131 ZITADEL Cross-Tenant Information Disclosure in Management API

ZITADEL is an open source identity management platform. Prior to 3.4.8 and 4.12.2, a vulnerability in Zitadel's Management API has been reported, which allowed authenticated users holding a valid low-privilege token e.g., project.read, project.grant.read, or project.app.read to retrieve...

OpenEMR 安全漏洞

OpenEMR is a set of open-source medical management systems developed by the OpenEMR community. This system can be used for medical practice management, electronic medical records, prescription writing, and medical billing applications. Versions of OpenEMR prior to 8.0.0 contained security...

CVE-2026-25930

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the Layout-Based Form LBF printable view accepts formid and visitid or patientid from the request and does not verify that the form belongs to the current user’s...

Linux Distros Unpatched Vulnerability : CVE-2025-67857

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in moodle. During anonymous assignment submissions, user identifiers were inadvertently exposed in URLs. This data exposure allows unauthorized...

CVE-2025-30040

Technical details about CVE-2025-30040 are not publicly available in the provided connected documents. Monitor for updates from official advisories and EUVD entries.

Linux Distros Unpatched Vulnerability : CVE-2017-12870

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SimpleSAMLphp 1.14.12 and earlier make it easier for man-in-the-middle attackers to obtain sensitive information by leveraging use of the aesEncrypt and...

PT-2025-5378 · Pam · Pam

Name of the Vulnerable Software and Affected Versions: PAM affected versions not specified Description: A specific authentication strategy allows learning the ids of PAM users associated with certain authentication types. Recommendations: At the moment, there is no information about a newer versi...

PT-2020-6710 · Samba +5 · Samba +5

Name of the Vulnerable Software and Affected Versions: Samba affected versions not specified Description: The issue is related to insufficient input validation in the Samba package, which can be exploited by a remote attacker to access confidential data, compromise data integrity, and cause a...

CVE-2020-8497

In Artica Pandora FMS through 7.42, an unauthenticated attacker can read the chat history. The file is in JSON format and it contains user names, user IDs, private messages, and timestamps...

Kallithea Elevation of Privilege Vulnerability

Kallithea, a project under the US-based Software Freedom Conservancy organization, is a free source code management system. The system supports Mercurial and Git version control systems, hosting code, managing access control, and more. Kallithea suffers from an elevation of privilege vulnerabilit...