ALSA-2026:4216 Moderate: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

ALSA-2026:4165 Moderate: python3.12 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

Moderate: python3.12 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

Zoom Workplace < 6.6.0 Vulnerability (ZSB-26005)

The version of Zoom Workplace installed on the remote host is prior to 6.6.0. It is, therefore, affected by a vulnerability as referenced in the ZSB-26005 advisory. - External Control of File Name or Path in the Mail feature of Zoom Workplace for Windows before 6.6.0 may allow an unauthenticated...

CVE-2026-3794

A vulnerability was identified in doramart DoraCMS 3.0.x. This issue affects some unknown processing of the file /api/v1/mail/send of the component Email API. Such manipulation leads to improper authentication. It is possible to launch the attack remotely. The exploit is publicly available and...

CVE-2026-3794

A vulnerability was identified in doramart DoraCMS 3.0.x. This issue affects some unknown processing of the file /api/v1/mail/send of the component Email API. Such manipulation leads to improper authentication. It is possible to launch the attack remotely. The exploit is publicly available and...

firefox: thunderbird: Integer overflow in the Libraries component in NSS

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Integer overflow in the Libraries component in NSS...

CVE-2026-3794

Doramart DoraCMS 3.0.x is affected in the Email API component (/api/v1/mail/send) where improper authentication can be exploited remotely. Public exploit available; vendor did not respond to disclosure. Connected sources (CVE listings, Red Hat/EUVD/NVD mirrors, AttackersKB) confirm remote access ...

CVE-2026-3794 doramart DoraCMS Email API send improper authentication

A vulnerability was identified in doramart DoraCMS 3.0.x. This issue affects some unknown processing of the file /api/v1/mail/send of the component Email API. Such manipulation leads to improper authentication. It is possible to launch the attack remotely. The exploit is publicly available and...

CVE-2026-3794 doramart DoraCMS Email API send improper authentication

A vulnerability was identified in doramart DoraCMS 3.0.x. This issue affects some unknown processing of the file /api/v1/mail/send of the component Email API. Such manipulation leads to improper authentication. It is possible to launch the attack remotely. The exploit is publicly available and...

CVE-2026-3794

A vulnerability was identified in doramart DoraCMS 3.0.x. This issue affects some unknown processing of the file /api/v1/mail/send of the component Email API. Such manipulation leads to improper authentication. It is possible to launch the attack remotely. The exploit is publicly available and...

PT-2026-23999

Name of the Vulnerable Software and Affected Versions doramart DoraCMS versions 3.0.x Description A flaw exists in the processing of the /api/v1/mail/send file within the Email API component. This improper handling results in insufficient authentication. Remote attackers can exploit this issue. T...

DoraCMS 授权问题漏洞

DoraCMS is an open-source application developed by DoraCMS. It is a content management system built using Node.js, eggjs, and MongoDB. Version 3.0.x of DoraCMS has a vulnerability related to authorization. This vulnerability stems from improper handling of files/api/v1/mail/send, which may lead t...

EUVD-2026-10228

A flaw has been found in 1024-lab/lab1024 SmartAdmin up to 3.29. Affected by this issue is the function freemarkerResolverContent of the file sa-base/src/main/java/net/lab1024/sa/base/module/support/mail/MailService.java of the component FreeMarker Template Handler. Executing a manipulation of th...

CVE-2026-3725

A flaw has been found in 1024-lab/lab1024 SmartAdmin up to 3.29. Affected by this issue is the function freemarkerResolverContent of the file sa-base/src/main/java/net/lab1024/sa/base/module/support/mail/MailService.java of the component FreeMarker Template Handler. Executing a manipulation of th...

CVE-2026-3725

A flaw has been found in 1024-lab/lab1024 SmartAdmin up to 3.29. Affected by this issue is the function freemarkerResolverContent of the file sa-base/src/main/java/net/lab1024/sa/base/module/support/mail/MailService.java of the component FreeMarker Template Handler. Executing a manipulation of th...

CVE-2026-3725

CVE-2026-3725 affects 1024-lab/lab1024 SmartAdmin up to version 3.29. The issue resides in the FreeMarker Template Handler, specifically the function freemarkerResolverContent in MailService.java. Manipulating the argument template_content can lead to improper neutralization of special elements u...

CVE-2026-3725 1024-lab/lab1024 SmartAdmin FreeMarker Template MailService.java freemarkerResolverContent special elements used in a template engine

A flaw has been found in 1024-lab/lab1024 SmartAdmin up to 3.29. Affected by this issue is the function freemarkerResolverContent of the file sa-base/src/main/java/net/lab1024/sa/base/module/support/mail/MailService.java of the component FreeMarker Template Handler. Executing a manipulation of th...

CVE-2026-30227

MimeKit is a C library which may be used for the creation and parsing of messages using the Multipurpose Internet Mail Extension MIME, as defined by numerous IETF specifications. Prior to version 4.15.1, a CRLF injection vulnerability in MimeKit allows an attacker to embed \r\n into the SMTP...

smart-admin 安全漏洞

Smart-Admin is a rapid development platform developed by individual developers of 1024-lab. Versions of Smart-Admin prior to 3.29 contained security vulnerabilities. These vulnerabilities stemmed from incorrect handling of the parameter templatecontent in the file...