CVE-2026-7542 Slider Revolution 7.0 - 7.0.10 - Authenticated (Subscriber+) Sensitive Information Disclosure

The Slider Revolution plugin for WordPress is vulnerable to Sensitive Information Disclosure in versions 7.0 to 7.0.10. This is due to three compounding design flaws: 1 the plugin leaks a valid backend AJAX nonce revslideractions to all authenticated users including Subscribers via the adminfoote...

CVE-2026-35527

Incus is an open source container and virtual machine manager. In versions prior to 7.0.0, the image import flow issues an outbound HEAD request to a user-supplied URL before validating the request against project restrictions such as restricted.images.servers. The imgPostURLInfo function...

EUVD-2025-3570

Malicious code in bioql PyPI...

EUVD-2022-2828

Malicious code in bioql PyPI...

CVE-2025-8081

Summary (CVE-2025-8081) The Elementor WordPress plugin (versions ≤ 3.30.2) is vulnerable to an arbitrary file read via the Import_Images::import() path traversal due to insufficient validation of the uploaded file reference (tmp_name). The underlying issue allowed authenticated administrators to ...

The vulnerability of Containerd’s execution environment, related to the lack of restrictions on the amount of bytes read for certain files during OCI image import, allows a malicious actor to cause service failures.

The vulnerability of Containerd’s execution environment is related to the lack of restrictions on the amount of bytes that can be read for certain files during OCI image import. Exploiting this vulnerability could allow a attacker to cause service failures...