CVE-2025-63939

Improper input handling in /Grocery/searchproductsitname.php, in anirudhkannan Grocery Store Management System 1.0, allows SQL injection via the sitemname POST parameter...

Fortinet FortiSOAR PaaS和Fortinet FortiSOAR on-premise 跨站脚本漏洞

Fortinet FortiSOAR PaaS and Fortinet FortiSOAR on-premise are security orchestration, automation, and response software developed by Fortinet, a US-based company. Both versions have cross-site scripting vulnerabilities, which stem from improper input during web page generation. These...

PT-2026-32836

Name of the Vulnerable Software and Affected Versions Azure Monitor Agent affected versions not specified Description Improper input validation allows an authorized attacker to elevate privileges locally. Recommendations At the moment, there is no information about a newer version that contains a...

PT-2026-32848

Name of the Vulnerable Software and Affected Versions Windows Admin Center affected versions not specified Description Improper neutralization of input during web page generation leads to cross-site scripting XSS, which is a flaw where malicious scripts are injected into trusted websites. An...

CVE-2026-22563

A series of Improper Input Validation vulnerabilities could allow a Command Injection by a malicious actor with access to the UniFi Play network. Affected Products: UniFi Play PowerAmp Version 1.0.35 and earlier UniFi Play Audio Port Version 1.0.24 and earlier Mitigation: Update UniFi Play...

CVE-2026-22565

An Improper Input Validation vulnerability could allow a malicious actor with access to the UniFi Play network to cause the device to stop responding. Affected Products: UniFi Play PowerAmp Version 1.0.35 and earlier UniFi Play Audio Port Version 1.0.24 and earlier Mitigation: Update UniFi Play...

CVE-2026-22565

CVE-2026-22565: A vulnerability described as an improper input validation issue could allow a malicious actor with access to the UniFi Play network to cause the device to stop responding. Affected products are UniFi Play PowerAmp (versions ≤ 1.0.35) and UniFi Play Audio Port (versions ≤ 1.0.24). ...

CVE-2026-22565

An Improper Input Validation vulnerability could allow a malicious actor with access to the UniFi Play network to cause the device to stop responding. Affected Products: UniFi Play PowerAmp Version 1.0.35 and earlier UniFi Play Audio Port Version 1.0.24 and earlier Mitigation: Update UniFi Play...

CVE-2026-22565

An Improper Input Validation vulnerability could allow a malicious actor with access to the UniFi Play network to cause the device to stop responding. Affected Products: UniFi Play PowerAmp Version 1.0.35 and earlier UniFi Play Audio Port Version 1.0.24 and earlier Mitigation: Update UniFi Play...

EUVD-2026-21816

Improper input validation in data related to network restrictions prior to SMR Apr-2026 Release 1 allows physical attackers to bypass the restrictions...

CVE-2026-21003

CVE-2026-21003 describes improper input validation of data related to network restrictions before SMR Apr-2026 Release 1, enabling physical attackers to bypass those restrictions. The impact in the provided metrics shows no confidentiality impact, high integrity and availability impact, with phys...

PT-2026-32241

Improper input validation in data related to network restrictions prior to SMR Apr-2026 Release 1 allows physical attackers to bypass the restrictions...

Ubiquiti UniFi Play PowerAmp和Ubiquiti UniFi Play Audio Port 安全漏洞

Both the Ubiquiti UniFi Play PowerAmp and the Ubiquiti UniFi Play Audio Port are products of the American company Ubiquiti. The Ubiquiti UniFi Play PowerAmp is a home audio control device that supports multi-room audio distribution and amplifier integration. The Ubiquiti UniFi Play Audio Port is ...

PT-2026-32536

An Improper Input Validation vulnerability could allow a malicious actor with access to the UniFi Play network to cause the device to stop responding. Affected Products: UniFi Play PowerAmp Version 1.0.35 and earlier UniFi Play Audio Port Version 1.0.24 and earlier Mitigation: Update UniFi Play...

VulnCheck KEV: CVE-2026-32201

Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network...

CVE-2026-39575

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ronald Huereca Custom Query Blocks post-type-archive-mapping allows DOM-Based XSS.This issue affects Custom Query Blocks: from n/a through = 5.5.0...

CVE-2026-39508

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Josh Kohlbach Advanced Coupons for WooCommerce Coupons advanced-coupons-for-woocommerce-free allows DOM-Based XSS.This issue affects Advanced Coupons for WooCommerce Coupons: from n/a through =...

EUVD-2025-209404

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Zootemplate Cerato allows Reflected XSS.This issue affects Cerato: from n/a through 2.2.18...

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the Undertow server core

Summary Due to use of Undertow, DevOps Test Performance and Rational Performance Tester contain a potential improper input validation vulnerability. CVE-2025-12543 Vulnerability Details CVEID:CVE-2025-12543 DESCRIPTION: A flaw was found in the Undertow HTTP server core, which is used in WildFly,...

CVE-2025-58920

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Zootemplate Cerato cerato allows Reflected XSS.This issue affects Cerato: from n/a through = 2.2.18...