PT-2026-44965

Name of the Vulnerable Software and Affected Versions JetBrains YouTrack versions prior to 2026.1.13570 Description Improper access control allows low-privileged users to modify service accounts. Recommendations Update to version 2026.1.13570...

BIT-JOOMLA-2026-48900 Joomla! Core - [20260516] - Incorrect Access Control in com_scheduler

An improper access check allowed low privileged users to edit the task types of existing scheduler tasks...

CVE-2026-48900

An improper access check allowed low privileged users to edit the task types of existing scheduler tasks...

CVE-2026-48900 Joomla! Core - [20260516] - Incorrect Access Control in com_scheduler

An improper access check allowed low privileged users to edit the task types of existing scheduler tasks...

EUVD-2026-31879

An improper access check allowed low privileged users to edit the task types of existing scheduler tasks...

CVE-2026-48900

CVE-2026-48900 affects Joomla! Core (com_scheduler). An improper access check allows low-privileged users to edit the task types of existing scheduler tasks, indicating a privilege-escalation in the scheduler component. The CVE details indicate a CVSS v4 score of 6.4 (MEDIUM) with network attack ...

CVE-2026-48900 Joomla! Core - [20260516] - Incorrect Access Control in com_scheduler

An improper access check allowed low privileged users to edit the task types of existing scheduler tasks...

PT-2026-43318

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An improper access check allows low privileged users to edit the task types of existing scheduler tasks. Recommendations At the moment, there is no information...

CVE-2026-0393

The affected product may expose credentials remotely between low privileged visualization users during concurrent login operations due to insufficient isolation of authentication data. The vulnerability affects only login operations within an active visualization session...

CVE-2026-0393 CODESYS Visualization - Insufficiently Protected Credentials

The affected product may expose credentials remotely between low privileged visualization users during concurrent login operations due to insufficient isolation of authentication data. The vulnerability affects only login operations within an active visualization session...

CVE-2026-0393

The affected product may expose credentials remotely between low privileged visualization users during concurrent login operations due to insufficient isolation of authentication data. The vulnerability affects only login operations within an active visualization session...

CVE-2026-44400

MailEnable Enterprise Premium 10.55 and earlier contains an improper authorization vulnerability in the WebAdmin mobile portal that allows attackers to bypass authentication checks by reusing AuthenticationToken cookies generated for low-privileged users. Attackers can obtain a token from the...

[20260516] - Core - Incorrect Access Control in com_scheduler

An improper access check allowed low privileged users to edit the task types of existing scheduler tasks...

PT-2026-35746

Cross-Site Scripting XSS vulnerability exists in FUEL CMS v1.5.2 and before within the asset upload functionality. The application fails to properly sanitize uploaded SVG files, allowing a low-privileged authenticated user to upload a crafted SVG file containing malicious code...

CVE-2026-30452

Textpattern CMS 4.9.0 contains a Broken Access Control vulnerability in the article management system that allows authenticated users with low privileges to modify articles owned by users with higher privileges. By manipulating the article ID parameter during the duplicate-and-save workflow in...

CVE-2025-13480

Fudo Enterprise in versions from 5.5.0 through 5.6.2 allows low privileged users to access certain administrator-only resources via improperly protected API endpoints. This includes sensitive information such as system logs and parts of system configuration settings. This vulnerability has been...

CVE-2025-13480 Incorrect authorization in Fudo Enterprise

Fudo Enterprise in versions from 5.5.0 through 5.6.2 allows low privileged users to access certain administrator-only resources via improperly protected API endpoints. This includes sensitive information such as system logs and parts of system configuration settings. This vulnerability has been...

PT-2026-33742

Fudo Enterprise in versions from 5.5.0 through 5.6.2 allows low privileged users to access certain administrator-only resources via improperly protected API endpoints. This includes sensitive information such as system logs and parts of system configuration settings. This vulnerability has been...

CVE-2026-24096

Insufficient permission validation on multiple REST API Quick Setup endpoints in Checkmk 2.5.0 beta before version 2.5.0b2 and 2.4.0 before version 2.4.0p25 allows low-privileged users to perform unauthorized actions or obtain sensitive information...

CVE-2026-24096 Insufficient permission validation on multiple REST API Quick Setup endpoints

Insufficient permission validation on multiple REST API Quick Setup endpoints in Checkmk 2.5.0 beta before version 2.5.0b2 and 2.4.0 before version 2.4.0p25 allows low-privileged users to perform unauthorized actions or obtain sensitive information...