CVE-2026-1558

The WP Recipe Maker plugin for WordPress is vulnerable to an Insecure Direct Object Reference IDOR in versions up to, and including, 10.3.2. This is due to the /wp-json/wp-recipe-maker/v1/integrations/instacart REST API endpoint's permissioncallback being set to returntrue and a lack of subsequen...

CVE-2026-1558

The WP Recipe Maker plugin for WordPress is vulnerable to an Insecure Direct Object Reference IDOR in versions up to, and including, 10.3.2. This is due to the /wp-json/wp-recipe-maker/v1/integrations/instacart REST API endpoint's permissioncallback being set to returntrue and a lack of subsequen...

PT-2026-22295

The WP Recipe Maker plugin for WordPress is vulnerable to an Insecure Direct Object Reference IDOR in versions up to, and including, 10.3.2. This is due to the /wp-json/wp-recipe-maker/v1/integrations/instacart REST API endpoint's permission callback being set to return true and a lack of...

Backup or Backup Copy Job for SharePoint, OneDrive, or Teams Data Fails With: "Cannot find object"

Challenge After upgrading Veeam Backup for Microsoft 365 to v8 builds 8.0.2.159 or 8.0.2.200, an incremental backup or a backup copy job protecting SharePoint, OneDrive, or Teams data fails with the error: Cannot find object ... Cause In Object Storage Repositories, the metadata saved for the...

Design/Logic Flaw

An issue was discovered in HashiCorp Vault and Vault Enterprise before 1.11.3. A vulnerability in the Identity Engine was found where, in a deployment where an entity has multiple mount accessors with shared alias names, Vault may overwrite metadata to the wrong alias due to an issue with checkin...

CVE-2022-40186

An issue was discovered in HashiCorp Vault and Vault Enterprise before 1.11.3. A vulnerability in the Identity Engine was found where, in a deployment where an entity has multiple mount accessors with shared alias names, Vault may overwrite metadata to the wrong alias due to an issue with checkin...