EUVD-2026-30681

A flaw has been found in Open5GS up to 2.7.6. This impacts the function ogssbinfinstancesetid in the library /lib/sbi/context.c of the component NRF. Executing a manipulation of the argument nfInstanceId can lead to denial of service. The attack may be performed from remote. The exploit has been...

Open5GS 安全漏洞

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for LTE/NR networks. Versions of Open5GS 2.7.6 and earlier contain security vulnerabilities. These vulnerabilities stem from the ogssbinfinstancesetid function in the...

PT-2026-41516

A flaw has been found in Open5GS up to 2.7.6. This impacts the function ogs sbi nf instance set id in the library /lib/sbi/context.c of the component NRF. Executing a manipulation of the argument nfInstanceId can lead to denial of service. The attack may be performed from remote. The exploit has...

GHSA-RMQR-H98C-QG2M phpMyFAQ: Path traversal in Client::deleteClientFolder enables arbitrary directory deletion by non-super-admin admins

phpMyFAQ before 4.1.2 contains a path traversal vulnerability in Client::deleteClientFolder that allows admins with INSTANCEDELETE permission to delete arbitrary directories. Attackers can submit traversal sequences like https://../../../ in the client URL parameter to recursively delete...

EUVD-2026-30609

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the toolservers and terminalservers keys in utils/tools.py do use a prefix. When two or more Open WebUI instances share a Redis database a supported and documented deployment pattern...

CVE-2026-44552 Open WebUI: Redis Cache Keys tool_servers and terminal_servers Missing Instance Prefix Enable Cross-Instance Cache Poisoning

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the toolservers and terminalservers keys in utils/tools.py do use a prefix. When two or more Open WebUI instances share a Redis database a supported and documented deployment pattern...

CVE-2026-44552

CVE-2026-44552 affects Open WebUI. Before 0.9.0, tool_servers and terminal_servers keys in Redis were unprefixed, so when multiple instances share a Redis backend they can collide, allowing an admin on one instance to poison another’s cache and have users interact with attacker-controlled tool co...

CVE-2026-45008

phpMyFAQ before 4.1.2 contains a path traversal vulnerability in Client::deleteClientFolder that allows admins with INSTANCEDELETE permission to delete arbitrary directories. Attackers can submit traversal sequences like https://../../../ in the client URL parameter to recursively delete...

CVE-2026-45008 phpMyFAQ - Path Traversal in Client::deleteClientFolder via URL Parameter

phpMyFAQ before 4.1.2 contains a path traversal vulnerability in Client::deleteClientFolder that allows admins with INSTANCEDELETE permission to delete arbitrary directories. Attackers can submit traversal sequences like https://../../../ in the client URL parameter to recursively delete...

CVE-2026-45008 phpMyFAQ - Path Traversal in Client::deleteClientFolder via URL Parameter

phpMyFAQ before 4.1.2 contains a path traversal vulnerability in Client::deleteClientFolder that allows admins with INSTANCEDELETE permission to delete arbitrary directories. Attackers can submit traversal sequences like https://../../../ in the client URL parameter to recursively delete...

CVE-2026-45008

CVE-2026-45008 affects phpMyFAQ up to version 4.1.2 and describes a path traversal vulnerability in the Client::deleteClientFolder function. An admin with INSTANCE_DELETE permission can submit a crafted client URL parameter (for example using sequences like ../../../) to traverse outside the inte...

EUVD-2026-30593

phpMyFAQ before 4.1.2 contains a path traversal vulnerability in Client::deleteClientFolder that allows admins with INSTANCEDELETE permission to delete arbitrary directories. Attackers can submit traversal sequences like https://../../../ in the client URL parameter to recursively delete...

CLSA-2026-1778798046 binutils: Fix of CVE-2022-48065

CVE-2022-48065: Fix memory leak in function findabstractinstance in dwarf2.c and free allocated memory...

phpMyFAQ 安全漏洞

phpMyFAQ is a multilingual FAQ system developed by Thorsten Rinne. It is entirely database-driven. Versions of phpMyFAQ prior to 4.1.2 contained security vulnerabilities. These vulnerabilities stemmed from path traversal in the Client::deleteClientFolder function, which could allow administrators...

CVE-2026-44428

The MCP Registry provides MCP clients with a list of MCP servers, like an app store for MCP servers. Prior to 1.7.6, the client-side and server-side GitHub OIDC flow is bound only to a global audience string, not to the specific registry instance being targeted. On the client side, the publisher...

GHSA-7P5M-V798-F8VV Electerm Local code through electerm's single-instance socket

Impact Local code execution without UI interaction: any same-user process can send a JSON payload to electerm's single-instance socket/pipe, causing the app to create tabs and potentially spawn attacker-controlled local processes. Affects electerm single-instance installs on the machine. Patches ...

Improper Verification of Source of a Communication Channel

Overview electerm is an open-sourced terminal/ssh/telnet/serialport/sftp client Affected versions of this package are vulnerable to Improper Verification of Source of a Communication Channel via the single-instance socket process. An attacker can execute arbitrary code by sending a crafted JSON...

NPM: Electerm Local code through electerm's single-instance socket

NPM: Electerm Local code through electerm's single-instance socket vulnerability discovered by ? in WordPress Npm electerm versions = 3.0.6, = 3.8.8...

Electerm Local code through electerm's single-instance socket

Impact Local code execution without UI interaction: any same-user process can send a JSON payload to electerm's single-instance socket/pipe, causing the app to create tabs and potentially spawn attacker-controlled local processes. Affects electerm single-instance installs on the machine. Patches ...

CVE-2026-2900

GitLab has remediated an issue in GitLab EE affecting all versions from 16.10 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that when instance-level approval rule editing prevention was enabled, could have allowed an authenticated user with Maintainer permissions to modify or dele...