Linux Distros Unpatched Vulnerability : CVE-2026-46626

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - symfony - None Ubuntu Linux - Unknown description CVE-2026-46626 Note that Nessus relies on the presence of the package as reported by the vendor...

Linux Distros Unpatched Vulnerability : CVE-2026-46633

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - php-twig - None Ubuntu Linux - Unknown description CVE-2026-46633 Note that Nessus relies on the presence of the package as reported by the vendo...

Linux Distros Unpatched Vulnerability : CVE-2026-45070

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - symfony - None Ubuntu Linux - Unknown description CVE-2026-45070 Note that Nessus relies on the presence of the package as reported by the vendor...

📄 BookStack 25.12.1 Denial of Service

BookStack version 25.12.1 suffers from a denial of service vulnerability. Exploit Title: BookStack 25.12.1 - Denial of Service Search Terms Resource Exhaustion Date: 2026-04-29 Exploit Author: Gabriel Rodrigues TEXUGO Vendor Homepage: https://www.bookstackapp.com Software Link:...

📄 FUXA 1.2.9 Remote Code Execution

FUXA versions 1.2.9 and below suffers from an unauthenticated path traversal vulnerability that leads to arbitrary file write that enables remote code execution. Exploit Title: FUXA 1.2.9 - RCE Date: 4/24/2026 Exploit Author: Anthony Cihan Hann1bl3L3ct3r Vendor Homepage:...

Langflow Origin Validation Error Vulnerability

Langflow contains an origin validation error vulnerability in which an overly permissive CORS configuration combined with a refresh token cookie configured as SameSite=None allows a malicious webpage to perform cross-origin requests that include credentials and successfully call the refresh...

How a Webmail Log File Became a Root-Level Backdoor

THREAT ANALYSIS May 2026 · Forensic Case Study A forensic breakdown of how an attacker turned CyberPanel's SnappyMail logging into a persistent webshell that survived every WordPress cleanup attempt. A WordPress site owner reported redirect malware on their site. They found that clicking anywhere...

Security Bulletin: IBM Enterprise Build of Quarkus is affected by multiple vulnerabilities

Summary IBM Enterprise Build of Quarkus is affected by vulnerabilities in the PostgreSQL JDBC driver and Apache Neethi Vulnerability Details CVEID:CVE-2026-42402 DESCRIPTION: Apache Neethi is vulnerable to a Denial of Service attack through algorithmic complexity in policy normalization. Speciall...

Exploit for CVE-2026-0265

CVE-2026-0265 Vulnerability Assessment Tool Safely detect whe...

Exploit for CVE-2026-30950

AutoGPT CVE-2026-30950 POC Proof-of-concept demonstration for...

github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object

A flaw was found in Go JOSE, a library for handling JSON Web Encryption JWE objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the...

github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object

A flaw was found in Go JOSE, a library for handling JSON Web Encryption JWE objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the...

github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object

A flaw was found in Go JOSE, a library for handling JSON Web Encryption JWE objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the...

GHSA-W9XH-5F39-VQ89 phpMyFAQ: Missing Password Reset Token Allows Account Takeover via Username/Email Enumeration

Summary An authentication bypass vulnerability in phpMyFAQ allows any unauthenticated attacker to reset the password of any user account, including SuperAdmin accounts. By sending a PUT request with just a valid username and associated email address to /api/user/password/update, an attacker...

phpMyFAQ: Missing Password Reset Token Allows Account Takeover via Username/Email Enumeration

Summary An authentication bypass vulnerability in phpMyFAQ allows any unauthenticated attacker to reset the password of any user account, including SuperAdmin accounts. By sending a PUT request with just a valid username and associated email address to /api/user/password/update, an attacker...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization in the authorization process in UserDeactivateView, UserActivateView, and delete in wger/core/views/user.py due to improper gym-scope checks when both the attacker and victim have gym=None. An attacker with the...

GHSA-MW8F-W6P8-XRF4 wger: cross-tenant account deletion / deactivation / activation by gym.manage_gym + gym=None

Summary GHSA-mhc8-p3jx-84mm CVE-2026-43948 reported that wger's resetuserpassword and gympermissionsuseredit views in wger/gym/views/user.py performed a gym-scope authorization check using Django ORM object comparison if request.user.userprofile.gym != user.userprofile.gym which silently passes...

wger: cross-tenant account deletion / deactivation / activation by gym.manage_gym + gym=None

Summary GHSA-mhc8-p3jx-84mm CVE-2026-43948 reported that wger's resetuserpassword and gympermissionsuseredit views in wger/gym/views/user.py performed a gym-scope authorization check using Django ORM object comparison if request.user.userprofile.gym != user.userprofile.gym which silently passes...

GHSA-HW27-4V2Q-5QFF Algernon: Auto-refresh SSE event server sets Access-Control-Allow-Origin: *

Summary The SSE event server's Access-Control-Allow-Origin response header was hardcoded to the wildcard regardless of the caller's Origin. Because EventSource does not preflight and does not send cookies, the wildcard is sufficient to let any third-party page the developer visits open a...

Algernon: Auto-refresh SSE event server sets Access-Control-Allow-Origin: *

Summary The SSE event server's Access-Control-Allow-Origin response header was hardcoded to the wildcard regardless of the caller's Origin. Because EventSource does not preflight and does not send cookies, the wildcard is sufficient to let any third-party page the developer visits open a...