CVE-2026-27964

creationtimestamp| type| source ---|---|--- 2026-05-07 14:36:39+00:00| published-proof-of-concept| https://github.com/NeoRazorX/facturascripts/security/advisories/GHSA-gq5c-rw37-g46c...

Apple Silicon Vulnerability Research — A18 Pro (MacBook Neo)

This is systematic security research targeting Apple's A18 Pro chip MacBook Neo / Mac17,5, the first A-series SoC shipped in a Mac laptop. The MacBook Neo is used as an authorized Apple Security Research Device SRD and doubles as a high-visibility proxy for iPhone 16 Pro research, since A18 Pro i...

PT-2026-30328

Name of the Vulnerable Software and Affected Versions Directus versions prior to 11.16.1 Description Directus is susceptible to an open redirect issue through the redirect parameter on the /admin/tfa-setup page. An administrator who has not configured Two-Factor Authentication 2FA may be redirect...

PT-2026-27832

Name of the Vulnerable Software and Affected Versions Elated-Themes NeoBeat versions n/a through 1.2 Description A flaw exists in the handling of filenames used in include/require statements within a PHP program, specifically a PHP Local File Inclusion issue in Elated-Themes NeoBeat. This allows...

Apple Security Update: macOS Tahoe 26.3.2

Apple recommends to install security update macOS Tahoe 26.3.2 on devices MacBook Neo...

CVE-2025-67920

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Neo Ocular neoocular allows PHP Local File Inclusion.This issue affects Neo Ocular: from n/a through 1.2...

CVE-2025-40798

A vulnerability has been identified in SIMATIC PCS neo V4.1 All versions, SIMATIC PCS neo V5.0 All versions, SIMATIC PCS neo V6.0 All versions, User Management Component UMC All versions V2.15.1.3. Affected products contain a out-of-bounds read vulnerability in the integrated UMC component. This...

CVE-2025-40566

A vulnerability has been identified in SIMATIC PCS neo V4.1 All versions V4.1 Update 3, SIMATIC PCS neo V5.0 All versions V5.0 Update 1. Affected products do not correctly invalidate user sessions upon user logout. This could allow a remote unauthenticated attacker, who has obtained the session...

CVE-2025-40795

A vulnerability has been identified in SIMATIC PCS neo V4.1 All versions, SIMATIC PCS neo V5.0 All versions, SIMATIC PCS neo V6.0 All versions, User Management Component UMC All versions V2.15.1.3. Affected products contain a stack-based buffer overflow vulnerability in the integrated UMC...

CVE-2025-67920

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Neo Ocular neoocular allows PHP Local File Inclusion.This issue affects Neo Ocular: from n/a through 1.2...

CVE-2025-67920 WordPress Neo Ocular theme < 1.2 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Neo Ocular neoocular allows PHP Local File Inclusion.This issue affects Neo Ocular: from n/a through 1.2...

CVE-2025-67920 WordPress Neo Ocular theme < 1.2 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Neo Ocular neoocular allows PHP Local File Inclusion.This issue affects Neo Ocular: from n/a through 1.2...

CVE-2025-67920

CVE-2025-67920 concerns an unauthenticated Local File Inclusion in the WordPress theme Neo Ocular (Elated-Themes) via improper filename handling in PHP includes. Affected: Neo Ocular

WordPress plugin Neo Ocular 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, with the ability to host personal blog sites on PHP and MySQL based servers.WordPress...

PT-2026-1897

Name of the Vulnerable Software and Affected Versions Elated-Themes Neo Ocular versions prior to 1.2 Description The software contains an Improper Control of Filename for Include/Require Statement issue, also known as a PHP Local File Inclusion. This allows for the inclusion of local files. The...

CVE-2022-27194

A vulnerability has been identified in SIMATIC PCS neo Administration Console All versions V3.1 SP1, SINETPLAN All versions, TIA Portal V15, V15.1, V16 and V17. The affected system cannot properly process specially crafted packets sent to port 8888/tcp. A remote attacker could exploit this...

WordPress Neo Ocular theme < 1.2 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Neo Ocular versions 1.2...

CVE-2025-54760

Stored cross-site scripting XSS vulnerability in desknet's NEO V9.0R2.0 and earlier allow execution of arbitrary JavaScript in a user’s web browser...

CVE-2025-24833

Stored cross-site scripting XSS vulnerability in desknet's NEO versions V4.0R1.0–V9.0R2.0 allow execution of arbitrary JavaScript in a user’s web browser...

CVE-2025-55072

Stored cross-site scripting XSS vulnerability in desknet's NEO V2.0R1.0 to V9.0R2.0 allow execution of arbitrary JavaScript in a user’s web browser...