PT-2026-38611

Name of the Vulnerable Software and Affected Versions FacturaScripts versions prior to 2026 Description A sensitive information disclosure issue exists in the Library module of FacturaScripts. The application stores and serves uploaded images byte-for-byte without stripping EXIF, XMP, or IPTC...

Google Go 安全漏洞

Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which stems from a flaw in the verification module’s checksum. Malicious modules can bypass the...

PT-2026-38615

Summary A stored Cross-Site Scripting XSS vulnerability exists in the product search modal of sales and purchases documents. An authenticated user with access to the warehouse module can create a product with a malicious reference that executes arbitrary JavaScript in the browser of any other use...

Unity Linux 20.1050e / 20.1070e Security Update: perl-Module-ScanDeps (UTSA-2026-016505)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016505 advisory. Qualys discovered that if unsanitized input was used with the library Modules::ScanDeps, before version 1.36 a local attacker could possibly execute arbitrary shell...

RHEL 9 : nginx (RHSA-2026:14836)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:14836 advisory. nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage...

Backstage: Catalog unprocessed read endpoints allow authenticated cross-owner data access without permission checks

Impact The unprocessed entities read endpoints in @backstage/plugin-catalog-backend-module-unprocessed do not enforce permission authorization checks. Any authenticated user can access unprocessed entity records regardless of ownership. This is an information disclosure vulnerability affecting...

CLSA-2026-1778107205 Fix CVE(s): CVE-2026-23918

SECURITY UPDATE: double free / possible RCE in modhttp2 stream purge - debian/patches/CVE-2026-23918.patch: deduplicate inserts into the spurge array in modules/http2/h2mplx.c via a new addforpurge helper to prevent the same h2stream from being freed twice. - CVE-2026-23918...

Server-side Request Forgery (SSRF)

Overview misp-modules is a MISP modules are autonomous modules that can be used for expansion and other services in MISP Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the htmltomarkdown and qrcode modules when handling remote resource fetching. An attacke...

EUVD-2025-209704

HCL BigFix Service Management SM is vulnerable to information exposure due to improper error handling within its reporting module. It was observed that supplying an invalid or out-of-range value to the consumercompany parameter during a report-viewing request causes the application to trigger an...

Directory Traversal

Overview org.openmrs.web:openmrs-web is a patient-based medical record system focusing on giving providers a free customizable electronic medical record system EMR. Affected versions of this package are vulnerable to Directory Traversal via the WebModuleUtil.startModule function in POST...

kernel: crypto: algif_aead - Fix minimum RX size check for decryption

A flaw was found in the Linux kernel, specifically within the algifaead module. The vulnerability involves an incorrect check for the minimum receive buffer size during decryption, which did not properly account for the tag size. This could potentially lead to issues with data integrity or...

CVE-2026-43185

A flaw was found in ksmbd within the Linux kernel. A remote attacker can exploit a signedness bug in the smbdirectpreparenegotiation function by sending a specially crafted preferredsendsize value during SMB direct negotiation. This manipulation leads to an incorrect size calculation, allowing a...

CVE-2026-40076

OpenMRS Core is an open source electronic medical record system platform. In versions 2.7.8 and earlier and versions 2.8.0 through 2.8.5, the module upload endpoint at POST /openmrs/ws/rest/v1/module is vulnerable to a Zip Slip path traversal attack. During automatic extraction of uploaded .omod...

USN-8239-1: Apache HTTP Server vulnerabilities

Bartlomiej Dmitruk and Stanislaw Strzalkowski discovered that Apache HTTP Server incorrectly handled certain memory operations when using the HTTP/2 protocol. A remote attacker could use this issue to cause Apache HTTP Server to crash, resulting in a denial of service, or possibly execute arbitra...

CVE-2026-40076

OpenMRS Core (CVE-2026-40076) is vulnerable to Zip Slip via the module upload REST endpoint (POST /openmrs/ws/rest/v1/module). The flaw is in WebModuleUtil.startModule(): ZIP entries under web/module/ are written without normalizing paths, allowing traversal like web/module/foo/../../../../evil.j...

CVE-2026-40076 OpenMRS Core arbitrary file write and code execution via Zip Slip in module upload

OpenMRS Core is an open source electronic medical record system platform. In versions 2.7.8 and earlier and versions 2.8.0 through 2.8.5, the module upload endpoint at POST /openmrs/ws/rest/v1/module is vulnerable to a Zip Slip path traversal attack. During automatic extraction of uploaded .omod...

CVE-2026-40076 OpenMRS Core arbitrary file write and code execution via Zip Slip in module upload

OpenMRS Core is an open source electronic medical record system platform. In versions 2.7.8 and earlier and versions 2.8.0 through 2.8.5, the module upload endpoint at POST /openmrs/ws/rest/v1/module is vulnerable to a Zip Slip path traversal attack. During automatic extraction of uploaded .omod...

CVE-2026-40076

OpenMRS Core is an open source electronic medical record system platform. In versions 2.7.8 and earlier and versions 2.8.0 through 2.8.5, the module upload endpoint at POST /openmrs/ws/rest/v1/module is vulnerable to a Zip Slip path traversal attack. During automatic extraction of uploaded .omod...

CVE-2026-43152

A flaw was found in the Linux kernel's Human Interface Device HID subsystem, specifically within the hid-pl module. This vulnerability arises from improper error handling during device initialization. An attacker could potentially trigger a NULL pointer dereference by interacting with a device th...

kernel: crypto: algif_aead - Fix minimum RX size check for decryption

A flaw was found in the Linux kernel, specifically within the algifaead module. The vulnerability involves an incorrect check for the minimum receive buffer size during decryption, which did not properly account for the tag size. This could potentially lead to issues with data integrity or...