4583 matches found
CVE-2026-48761
CVE-2026-48761 affects the Symfony HtmlSanitizer: UrlAttributeSanitizer misses URL-bearing attributes on , , , and also URLs inside content. Affects Symfony versions 6.1.0 through 6.4.41, 7.4.13, and 8.0.13. Root cause: UrlAttributeSanitizer omits certain URL attributes and multi-field URLs, en...
User Meta WP Plugin < 3.1 - Sensitive Information Exposure
The User Meta is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.0 via the /views/debug.php file. This makes it possible for unauthenticated attackers, with to extract sensitive configuration data. id: CVE-2024-33575 info: name: User Meta WP Plugin 3.1 -...
Ultimate Member < 2.1.12 - Unauthenticated Privilege Escalation via User Meta
An issue was discovered in the Ultimate Member plugin before 2.1.12 for WordPress, aka Unauthenticated Privilege Escalation via User Meta. An attacker could supply an array parameter for sensitive metadata, such as the wpcapabilities user meta that defines a user's role. During the registration...
WordPress Meta SEO <= 4.5.2 - Open Redirect
The WP Meta SEO WordPress plugin before 4.5.3 did not authorize several AJAX actions, which allowed low-privilege users to update certain data and resulted in an arbitrary redirect vulnerability. id: CVE-2023-0876 info: name: WordPress Meta SEO = 4.5.2 - Open Redirect author: Khalid6468 severity:...
EUVD-2026-43280
A vulnerability was determined in AkariAsai self-rag up to 1fcdc420e48f50a7d7ab1ece5494221b93252e99. Affected by this issue is the function Indexer.deserializefrom of the file retrievallm/src/index.py of the component retrievallm. Executing a manipulation of the argument indexmeta.faiss can lead ...
CVE-2026-56366
A flaw was found in ImageMagick. This vulnerability, categorized as a memory leak CWE-401, occurs in the META reader when processing APP1JPEG input paths. A remote attacker could exploit this by providing specially crafted APP1JPEG image files. Successful exploitation leads to resource exhaustion...
CVE-2026-13756
The WP Grid Builder plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.3.3. This is due to missing authorization and meta key validation in the update handler for the /wp-json/wpgb/v2/metadata REST endpoint. This makes it possible for authenticated...
[SECURITY] Fedora 44 Update: sssd-2.13.1-2.fc44
Provides a set of daemons to manage access to remote directories and authentication mechanisms. It provides an NSS and PAM interface toward the system and a pluggable back end system to connect to multiple different account sources. It is also the basis to provide client auditing and policy...
EUVD-2026-43089
vulnerability in Drupal Raw Formatter Meta Tag Formatter allows . This issue affects Raw Formatter Meta Tag Formatter versions:...
CVE-2026-15086
vulnerability in Drupal Raw Formatter Meta Tag Formatter allows . This issue affects Raw Formatter Meta Tag Formatter versions:...
CVE-2026-15086
Technical details about CVE-2026-15086 are not publicly available in the provided documents. Monitor for updates from official advisories and vulnerability feeds.
CVE-2026-15086 Raw Formatter [Meta Tag Formatter] - Critical - Unsupported - SA-CONTRIB-2026-077
vulnerability in Drupal Raw Formatter Meta Tag Formatter allows . This issue affects Raw Formatter Meta Tag Formatter versions:...
DEBIAN-CVE-2026-56366
ImageMagick before 7.1.2-18 contains a memory leak vulnerability in the META reader when processing APP1JPEG input paths. Attackers can trigger this memory leak by providing specially crafted APP1JPEG image files, causing denial of service through resource exhaustion...
CVE-2026-56366
ImageMagick before 7.1.2-18 contains a memory leak vulnerability in the META reader when processing APP1JPEG input paths. Attackers can trigger this memory leak by providing specially crafted APP1JPEG image files, causing denial of service through resource exhaustion...
EUVD-2026-42888
ImageMagick before 7.1.2-18 contains a memory leak vulnerability in the META reader when processing APP1JPEG input paths. Attackers can trigger this memory leak by providing specially crafted APP1JPEG image files, causing denial of service through resource exhaustion...
CVE-2026-56366
CVE-2026-56366 affects ImageMagick before 7.1.2-18. The vulnerability is a memory leak in the META reader when processing APP1JPEG input paths, which can be triggered by specially crafted APP1JPEG images and may lead to denial of service via resource exhaustion. Connected sources confirm the affe...
CVE-2026-56366 ImageMagick - Memory Leak in META Reader APP1JPEG Error Path
ImageMagick before 7.1.2-18 contains a memory leak vulnerability in the META reader when processing APP1JPEG input paths. Attackers can trigger this memory leak by providing specially crafted APP1JPEG image files, causing denial of service through resource exhaustion...
CVE-2026-56366 ImageMagick - Memory Leak in META Reader APP1JPEG Error Path
ImageMagick before 7.1.2-18 contains a memory leak vulnerability in the META reader when processing APP1JPEG input paths. Attackers can trigger this memory leak by providing specially crafted APP1JPEG image files, causing denial of service through resource exhaustion...
CVE-2026-12123
CVE-2026-12123 describes a Server-Side Request Forgery in the WordPress plugin All-in-One Video Gallery (versions
EUVD-2026-42806
The Animation Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'weatherstyle' and 'movedirection' parameters of the Weather widget in all versions up to, and including, 2.6.3. This is due to insufficient output escaping in the Weather widget's render...