CLEANSTART-2026-IR62391 Redis is an open source, in-memory database that persists on disk

Multiple security vulnerabilities affect the redis package. Redis is an open source, in-memory database that persists on disk. See references for individual vulnerability details...

CVE-2026-24313 Missing Authorization check in SAP Solution Tools Plug-In (ST-PI)

SAP Solution Tools Plug-In ST-PI contains a function module that does not perform the necessary authorization checks for authenticated users, allowing system information to be disclosed. This vulnerability has a low impact on confidentiality and does not affect integrity or availability...

CVE-2026-24313

CVE-2026-24313 affects SAP Solution Tools Plug-In (ST-PI). A function module does not perform proper authorization checks for authenticated users, enabling disclosure of system information. According to the provided documentation, the vulnerability has a low confidentiality impact and does not af...

CVE-2026-24313

SAP Solution Tools Plug-In ST-PI contains a function module that does not perform the necessary authorization checks for authenticated users, allowing system information to be disclosed. This vulnerability has a low impact on confidentiality and does not affect integrity or availability...

CVE-2026-24313 Missing Authorization check in SAP Solution Tools Plug-In (ST-PI)

SAP Solution Tools Plug-In ST-PI contains a function module that does not perform the necessary authorization checks for authenticated users, allowing system information to be disclosed. This vulnerability has a low impact on confidentiality and does not affect integrity or availability...

rssn 代码问题漏洞

rssn is a high-performance Rust scientific computing library open source by Apich Organization. rssn has code vulnerabilities, which stem from improper input validation in the JIT compilation engine, potentially allowing arbitrary code execution...

KLA90934 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, spoof user interface. Below is a complete list of vulnerabilities: 1. Heap buffer overflow vulnerability in WebML can be exploited to cause...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 146.0.7680.71 contained a security vulnerability. This vulnerability stemmed from incorrect security UI in PictureInPicture, which could allow UI deception through specially crafted HTML...

PT-2026-24889

CVE-2026-3942 Incorrect security UI in PictureInPicture in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium se… https://t.co/RNo7wnBviE...

PT-2026-24875

CVE-2026-3927 Incorrect security UI in PictureInPicture in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium se… https://t.co/xQOmuPUU6x...

Fortinet FortiManager和Fortinet FortiAnalyzer 信任管理问题漏洞

Fortinet FortiManager and Fortinet FortiAnalyzer are products of the American company Fortinet. Fortinet FortiManager is a centralized network security management platform. This platform supports centralized management of any number of Fortinet devices and allows for grouping devices into differe...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a security bypass vulnerability caused by an incorrect security UI in PictureInPicture, which can be exploited by an attacker to perform UI spoofing via specially crafted HTML pages...

EulerOS 2.0 SP13 : cups (EulerOS-SA-2026-1231)

According to the versions of the cups package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to version 2.4.15, a user in the lpadmin...

SAP Solution Tools Plug-In 安全漏洞

SAP Solution Tools Plug-In is a basic component plugin developed by the German company SAP. There is a security vulnerability in the SAP Solution Tools Plug-In, which stems from the lack of necessary authorization checks for authenticated users. This vulnerability may lead to the disclosure of...

PT-2026-24484

Name of the Vulnerable Software and Affected Versions sigstore-ruby versions prior to 0.2.3 Description The software does not correctly handle verification failures when the artifact digest does not match the digest in the in-toto attestation subject. Specifically, the Sigstore::Verifierverify...

PT-2026-24198

Name of the Vulnerable Software and Affected Versions HCL Sametime for Android affected versions not specified Description HCL Sametime for Android has a flaw that leads to sensitive information disclosure. Hostnames are written into application logs and specific URLs. Recommendations At the...

PT-2026-24179

The Court Reservation WordPress plugin before 1.10.9 does not have CSRF check in place when deleting events, which could allow attackers to make a logged in admin delete them via a CSRF attack...

PT-2026-24417

Craft Commerce is an ecommerce platform for Craft CMS. Prior to 5.5.3, Stored XSS vulnerabilities exist in the Commerce Inventory page. The Product Title, Variant Title, and Variant SKU fields are rendered without proper HTML escaping, allowing an attacker to execute arbitrary JavaScript when any...

Fortinet FortiAnalyzer Lack of TLS Certificate Validation during initial SSO Authentication (FG-IR-26-078)

The version of FortiAnalyzer installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-078 advisory. - A improper certificate validation vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0...

Fedora 44 : systemd (2026-c1c45c4b2d)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-c1c45c4b2d advisory. Fix for the linked bug. ---- Important bugfix release. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...