Netatalk 后置链接漏洞

Netatalk is an open-source software developed by Netatalk Inc. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. Versions 3.0.2 to 4.4.2 of Netatalk had a post-release vulnerability due to improper link resolution. This vulnerability could allo...

Trend Micro Apex One 后置链接漏洞

Trend Micro Apex One is a terminal protection software developed by Trend Micro, a US-based company. Trend Micro Apex One has a postback link vulnerability, which stems from issues with the scanning engine’s link tracking mechanism. This vulnerability may allow local attackers to gain elevated...

PT-2026-42581

Name of the Vulnerable Software and Affected Versions Concrete CMS versions prior to 9.5.1 Description Stored Cross-Site Scripting XSS occurs via the 'external-link' page cvName because the updateCollectionAliasExternal function bypasses sanitization. Stored XSS is a flaw where malicious scripts...

CVE-2026-8632

creationtimestamp| type| source ---|---|--- 2026-05-20 22:53:00+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmcyo6kin52p 2026-05-22 22:00:35+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mmhwoaxvcv2q 2026-05-28 10:44:28+00:00| seen|...

CVE-2026-40092

creationtimestamp| type| source ---|---|--- 2026-05-20 22:44:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmcy7grcig2r...

CVE-2026-9129

creationtimestamp| type| source ---|---|--- 2026-05-20 21:07:12+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmcsqz245d2p...

CVE-2026-9136

creationtimestamp| type| source ---|---|--- 2026-05-20 20:57:12+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmcs744lqz2p...

CVE-2026-26028

CryptPad is an end-to-end encrypted collaborative office suite. In versions prior to 2026.2.0, the HTML sanitizer in Diffmarked.js can be bypassed due to incomplete attribute filtering on restricted tags. The sanitizer validates only the src attribute of , , and elements, leaving all other...

EUVD-2026-31176

Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in single.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the ticketid GET parameter directly into an HTML attribute. Attackers can craft a...

GHSA-GP95-J463-VV28

creationtimestamp| type| source ---|---|--- 2026-05-20 19:10:50+00:00| seen| https://gist.github.com/alon710/ab000f54d49f4216c2a377595eab5831...

GO-2026-4966 monetr: Server-side request forgery in Lunch Flow link creation and refresh in github.com/monetr/monetr

monetr: Server-side request forgery in Lunch Flow link creation and refresh in github.com/monetr/monetr...

CVE-2026-7613

creationtimestamp| type| source ---|---|--- 2026-05-20 19:03:49+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmcluegihp2r 2026-05-25 02:12:57+00:00| seen| https://bsky.app/profile/donwebmedia.bsky.social/post/3mmnfpf2cmd2i...

CVE-2026-20238

creationtimestamp| type| source ---|---|--- 2026-05-20 18:54:44+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmcle4nvvp2h...

CVE-2026-26028

CryptPad is an end-to-end encrypted collaborative office suite. In versions prior to 2026.2.0, the HTML sanitizer in Diffmarked.js can be bypassed due to incomplete attribute filtering on restricted tags. The sanitizer validates only the src attribute of , , and elements, leaving all other...

CVE-2026-20171

creationtimestamp| type| source ---|---|--- 2026-05-20 18:47:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmckxnd7wn2h...

CVE-2026-44925

Cross-Site Request Forgery CSRF vulnerability in InfoScale v.9.1.3 Operations Manager VIOM allows an attacker to force the user with an active session into clicking a malicious HTML link, which triggers unintended modifications on VIOM web application without the user's knowledge...

GHSA-CRR4-7RM4-8GPW

creationtimestamp| type| source ---|---|--- 2026-05-20 16:56:46+00:00| seen| https://bsky.app/profile/Whiskeyomega.cupoftea.social.ap.brid.gy/post/3mmceqyeaiq72...

CVE-2026-26028

creationtimestamp| type| source ---|---|--- 2026-05-20 15:52:46+00:00| published-proof-of-concept| https://github.com/cryptpad/cryptpad/security/advisories/GHSA-g2g4-47gv-p72v...

CVE-2026-35671

creationtimestamp| type| source ---|---|--- 2026-05-20 15:46:17+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-xvp4-phqj-cjr3...

CVE-2018-7408

creationtimestamp| type| source ---|---|--- 2026-05-20 15:46:13+00:00| seen| https://gist.github.com/steig/ddd6193b319e8b70af8f2659034a7922...