CVE-2025-69189

Missing Authorization vulnerability in EMV JobBank allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects JobBank: from n/a through 1.2.3...

Use of Incorrectly-Resolved Name or Reference

Overview starlette is a The little ASGI library that shines. Affected versions of this package are vulnerable to Use of Incorrectly-Resolved Name or Reference in the reconstruction of request.url when the HTTP request path does not begin with /. An attacker can mislead the application into trusti...

EUVD-2026-33688

Missing Authorization vulnerability in Themefic Hydra Booking allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Hydra Booking: from n/a through 1.1.41...

CVE-2026-24546

Missing Authorization vulnerability in Ruben Garcia GamiPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects GamiPress: from n/a through 7.6.3...

PT-2026-31153

Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Client Invoicing by Sprout Invoices: from n/a through = 20.8.10...

Use Of Incorrectly-Resolved Name Or Reference

github.com/apptainer/apptainer is vulnerable to Use of Incorrectly-Resolved Name or Reference. The vulnerability is due to improper enforcement of the --security option, which allows an attacker to disable AppArmor or SELinux restrictions and bypass container security controls...

Use Of Incorrectly-Resolved Name Or Reference

github.com/sylabs/singularity is vulnerable to Use of Incorrectly-Resolved Name or Reference. The vulnerability is due to improper handling of LSM label write operations during container execution, which allows an attacker to redirect mounts e.g., /proc and bypass security restrictions using a...

CVE-2026-32385 WordPress RegistrationMagic plugin <= 6.0.7.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RegistrationMagic: from n/a through = 6.0.7.6...

BIT-GOLANG-2026-27137 Incorrect enforcement of email constraints in crypto/x509

When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly applied, and only the last constraint will be considered...

CVE-2026-27344

Missing Authorization vulnerability in inseriswiss inseri core inseri-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects inseri core: from n/a through = 1.0.5...

CVE-2025-69340 WordPress WeDesignTech Ultimate Booking Addon plugin <= 1.0.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in BuddhaThemes WeDesignTech Ultimate Booking Addon wedesigntech-ultimate-booking-addon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WeDesignTech Ultimate Booking Addon: from n/a through = 1.0.3...

CVE-2026-24997

CVE-2026-24997 affects Wired Impact Volunteer Management (WordPress plugin) versions prior to 2.9, describing a Missing/Unauthorized Access vulnerability due to incorrectly configured access control. The CVE indicates unauthenticated access (no privileges required) with network attack vector and ...

CVE-2025-68882

Missing Authorization vulnerability in Scalenut Scalenut scalenut allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Scalenut: from n/a through = 1.1.5...

CVE-2026-24613

Missing Authorization vulnerability in Ecwid by Lightspeed Ecommerce Shopping Cart Ecwid Shopping Cart ecwid-shopping-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ecwid Shopping Cart: from n/a through = 7.0.6...

CVE-2026-24532

Missing Authorization vulnerability in SiteLock SiteLock Security – WP Hardening, Login Security & Malware Scans sitelock allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SiteLock Security – WP Hardening, Login Security & Malware Scans: from n/a through =...

CVE-2025-67967

CVE-2025-67967 is a Missing Authorization/Broken Access Control vulnerability in the WordPress plugin e-plugins Lawyer Directory (lawyer-directory) affecting versions up through 1.3.3. Root cause: incorrectly configured access control security levels allowing unauthorized privilege escalation. Pu...

CVE-2025-69327 WordPress Car Rental Manager plugin <= 1.0.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in magepeopleteam Car Rental Manager car-rental-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Car Rental Manager: from n/a through = 1.0.9...

CVE-2025-63031 WordPress EasyTest plugin <= 1.0.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in WP Grids EasyTest convertpro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EasyTest: from n/a through = 1.0.1...

CVE-2025-62141 WordPress Wawp plugin <= 4.0.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in 101gen Wawp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wawp: from n/a through 4.0.5...

CVE-2025-62128

Missing Authorization vulnerability in SiteLock SiteLock Security – WP Hardening, Login Security & Malware Scans sitelock allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SiteLock Security – WP Hardening, Login Security & Malware Scans: from n/a through =...