CVE-2026-1782

The MetForm Pro plugin for WordPress is vulnerable to Improper Input Validation in all versions up to, and including, 3.9.7 This is due to the payment integrations Stripe/PayPal trusting a user-submitted calculation field value without recomputing or validating it against the configured form pric...

Malicious Package

Overview utils-mf is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

haiku-rag (>=0.27.0 <=0.44.0), haiku-rag-slim (>=0.27.0 <=0.44.0) +3 more potentially affected by CVE-2026-44019 via docling-core (>=2.60.1 <=2.74.0)

docling-core PYPI version =2.60.1, =0.27.0, =0.27.0, =0.2.0, =0.42.0, =0.65.0 Source cves: CVE-2026-44019 Source advisory: SNYK:PYTHON-DOCLINGCORE-17151737...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mm/hwpoison: Clearing MFCOUNTINCREASED before retrying getanypage Hulk Robot reported a panic in putpagetestzero when testing madvice with MADVSOFTOFFLINE. The bug is triggered when retrying getanypage. This occurs because the...

SUSE CVE-2023-47268

In libslic3r/GCode/PostProcessor.cpp in Prusa PrusaSlicer through 2.6.1, a crafted 3mf project file can execute arbitrary code on a host where the project is sliced and G-code exported...

CVE-2023-47268

In libslic3r/GCode/PostProcessor.cpp in Prusa PrusaSlicer through 2.6.1, a crafted 3mf project file can execute arbitrary code on a host where the project is sliced and G-code exported...

CVE-2023-47268

In libslic3r/GCode/PostProcessor.cpp in Prusa PrusaSlicer through 2.6.1, a crafted 3mf project file can execute arbitrary code on a host where the project is sliced and G-code exported...

EUVD-2026-27233

An issue was discovered in the Shared Account Synchronization component of PaperCut MF version 25.0.4. The application allows administrative users to configure a source path for account data synchronization. Due to a lack of proper path validation and sanitization, an authenticated user with...

EUVD-2026-27231

A race condition exists in PaperCut MF when processing badge-swipe data from certain HP multifunction devices. Under specific network conditions involving dropped packets and out-of-order sequence counters, the server may incorrectly process fragmented data chunks. If a sequence reset notificatio...

CVE-2026-6180

A race condition exists in PaperCut MF when processing badge-swipe data from certain HP multifunction devices. Under specific network conditions involving dropped packets and out-of-order sequence counters, the server may incorrectly process fragmented data chunks. If a sequence reset notificatio...

CVE-2026-6418 PaperCut NG/MF: Path Traversal in Shared Account Synchronization

An issue was discovered in the Shared Account Synchronization component of PaperCut MF version 25.0.4. The application allows administrative users to configure a source path for account data synchronization. Due to a lack of proper path validation and sanitization, an authenticated user with...

CVE-2026-6180

PaperCut MF/NG suffers a race condition in processing badge-swipe data from certain HP devices, under dropped/out-of-order packet conditions. The issue can cause a truncated badge ID to be registered, and in environments with custom badge-ID post-processing scripts, the truncated value may map to...

PaperCut MF 输入验证错误漏洞

PaperCut MF is a multi-functional printer control software developed by the Australian company PaperCut. There is an input validation vulnerability in PaperCut MF, which stems from race conditions when processing card data from certain HP multifunctional devices. Under specific network conditions...

PaperCut MF 安全漏洞

PaperCut MF is a multi-functional printer control software developed by the Australian company PaperCut. Version 25.0.4 of PaperCut MF contains a security vulnerability. This vulnerability stems from insufficient path validation and cleanup measures, which may allow authenticated administrators t...

PT-2026-36982

Name of the Vulnerable Software and Affected Versions PaperCut MF affected versions not specified Description A race condition occurs when processing badge-swipe data from specific HP multifunction devices. Under certain network conditions involving dropped packets and out-of-order sequence...

PT-2026-36983

Name of the Vulnerable Software and Affected Versions PaperCut MF version 25.0.4 Description An issue in the Shared Account Synchronization component allows authenticated administrative users to specify arbitrary file paths on the local file system due to insufficient path validation and...

PaperCut MF < 25.0.5 Session Hijacking (CVE-2026-5115)

The version of PaperCut MF installed on the remote Windows host is prior to 25.0.5. It is, therefore, affected by a vulnerability: - The PaperCut MF embedded application for Konica Minolta devices is vulnerable to session hijacking. The communication channel between the embedded application and t...

EUVD-2026-22851

The MetForm Pro plugin for WordPress is vulnerable to Improper Input Validation in all versions up to, and including, 3.9.7 This is due to the payment integrations Stripe/PayPal trusting a user-submitted calculation field value without recomputing or validating it against the configured form pric...

CVE-2026-1782 MetForm Pro <= 3.9.7 - Unauthenticated Payment Amount Manipulation via 'mf-calculation'

The MetForm Pro plugin for WordPress is vulnerable to Improper Input Validation in all versions up to, and including, 3.9.7 This is due to the payment integrations Stripe/PayPal trusting a user-submitted calculation field value without recomputing or validating it against the configured form pric...

CVE-2026-1782 MetForm Pro <= 3.9.7 - Unauthenticated Payment Amount Manipulation via 'mf-calculation'

The MetForm Pro plugin for WordPress is vulnerable to Improper Input Validation in all versions up to, and including, 3.9.7 This is due to the payment integrations Stripe/PayPal trusting a user-submitted calculation field value without recomputing or validating it against the configured form pric...