CVE-2026-1522 Open5GS SGWC s5c-handler.c sgwc_s5c_handle_modify_bearer_response denial of service

A weakness has been identified in Open5GS up to 2.7.6. This vulnerability affects the function sgwcs5chandlemodifybearerresponse of the file src/sgwc/s5c-handler.c of the component SGWC. Executing a manipulation can lead to denial of service. The attack can be launched remotely. The exploit has...

CVE-2026-1522 Open5GS SGWC s5c-handler.c sgwc_s5c_handle_modify_bearer_response denial of service

A weakness has been identified in Open5GS up to 2.7.6. This vulnerability affects the function sgwcs5chandlemodifybearerresponse of the file src/sgwc/s5c-handler.c of the component SGWC. Executing a manipulation can lead to denial of service. The attack can be launched remotely. The exploit has...

CVE-2026-1522

A weakness has been identified in Open5GS up to 2.7.6. This vulnerability affects the function sgwcs5chandlemodifybearerresponse of the file src/sgwc/s5c-handler.c of the component SGWC. Executing a manipulation can lead to denial of service. The attack can be launched remotely. The exploit has...

CVE-2026-1522

CVE-2026-1522 affects Open5GS SGWC (sgwc_s5c_handle_modify_bearer_response in src/sgwc/s5c-handler.c) up to version 2.7.6. The issue allows remote manipulation that can cause denial of service. Public exploits and a patch identified as b19cf6a are noted in the records, with the issue report marke...

CVE-2026-1389

The Document Embedder – Embed PDFs, Word, Excel, and Other Files plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.4. This is due to the plugin not verifying that a user has permission to access the requested resource in the...

CVE-2026-1389

The Document Embedder – Embed PDFs, Word, Excel, and Other Files plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.4. This is due to the plugin not verifying that a user has permission to access the requested resource in the...

EUVD-2026-4916

The Document Embedder – Embed PDFs, Word, Excel, and Other Files plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.4. This is due to the plugin not verifying that a user has permission to access the requested resource in the...

CVE-2026-1389 Document Embedder <= 2.0.4 - Insecure Direct Object Reference to Authenticated (Author+) Arbitrary Document Library Entry Deletion

The Document Embedder – Embed PDFs, Word, Excel, and Other Files plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.4. This is due to the plugin not verifying that a user has permission to access the requested resource in the...

CVE-2026-1389

CVE-2026-1389 affects the WordPress plugin Document Embedder (

CVE-2026-1514

Official Document Management System developed by 2100 Technology has a Incorrect Authorization vulnerability, allowing authenticated remote attackers to modify front-end code to read all official documents...

PT-2026-5141

Name of the Vulnerable Software and Affected Versions Open5GS versions prior to 2.7.7 Description A flaw exists in Open5GS up to version 2.7.6 that can lead to a denial of service. The issue is located in the sgwc s5c handle modify bearer response function within the src/sgwc/s5c-handler.c file o...

PT-2026-5079

The Document Embedder – Embed PDFs, Word, Excel, and Other Files plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.4. This is due to the plugin not verifying that a user has permission to access the requested resource in the 'bplde sa...

CVE-2020-36938

WinAVR version 20100110 contains an insecure permissions vulnerability that allows authenticated users to modify system files and executables. Attackers can leverage the overly permissive access controls to potentially modify critical DLLs and executable files in the WinAVR installation directory...

CVE-2020-36938

Technical details (affected components, root cause, impact, and fixes) are not provided in the supplied documents. Monitor for updates from NVD and linked advisories to obtain concrete information.

CVE-2026-21721

The dashboard permissions API does not verify the target dashboard scope and only checks the dashboards.permissions: action. As a result, a user who has permission management rights on one dashboard can read and modify permissions on other dashboards. This is an organization‑internal privilege...

CVE-2026-21721

The dashboard permissions API does not verify the target dashboard scope and only checks the dashboards.permissions: action. As a result, a user who has permission management rights on one dashboard can read and modify permissions on other dashboards. This is an organization‑internal privilege...

UBUNTU-CVE-2026-21721

The dashboard permissions API does not verify the target dashboard scope and only checks the dashboards.permissions: action. As a result, a user who has permission management rights on one dashboard can read and modify permissions on other dashboards. This is an organization‑internal privilege...

CVE-2026-21721

The dashboard permissions API does not verify the target dashboard scope and only checks the dashboards.permissions: action. As a result, a user who has permission management rights on one dashboard can read and modify permissions on other dashboards. This is an organization‑internal privilege...

PT-2026-4920

WinAVR version 20100110 contains an insecure permissions vulnerability that allows authenticated users to modify system files and executables. Attackers can leverage the overly permissive access controls to potentially modify critical DLLs and executable files in the WinAVR installation directory...

MedDream PACS Premium Cross-Site Scripting Vulnerability (CNVD-2026-11737)

MedDream PACS Premium is an enterprise-class image storage and management server suite from MedDream. MedDream PACS Premium suffers from a cross-site scripting vulnerability that is caused by improper validation of user-supplied input by the modifyUser feature. An attacker could exploit the...