CVE-2026-33318 Actual has Privilege Escalation via 'change-password' Endpoint on OpenID-Migrated Servers

Actual is a local-first personal finance tool. Prior to version 26.4.0, any authenticated user including BASIC role can escalate to ADMIN on servers migrated from password authentication to OpenID Connect. Three weaknesses combine: POST /account/change-password has no authorization check, allowin...

EUVD-2026-25380

Actual is a local-first personal finance tool. Prior to version 26.4.0, any authenticated user including BASIC role can escalate to ADMIN on servers migrated from password authentication to OpenID Connect. Three weaknesses combine: POST /account/change-password has no authorization check, allowin...

CVE-2026-33318

Actual is a local-first personal finance tool. Prior to version 26.4.0, any authenticated user including BASIC role can escalate to ADMIN on servers migrated from password authentication to OpenID Connect. Three weaknesses combine: POST /account/change-password has no authorization check, allowin...

CVE-2026-33318

CVE-2026-33318 affects Actual, a local-first personal finance tool. Prior to version 26.4.0, any authenticated session could escalate to ADMIN on OpenID-migrated servers due to a three‑part chain: 1) missing authorization on POST /account/change-password allows overwriting the password hash; 2) a...

CVE-2026-33318 Actual has Privilege Escalation via 'change-password' Endpoint on OpenID-Migrated Servers

Actual is a local-first personal finance tool. Prior to version 26.4.0, any authenticated user including BASIC role can escalate to ADMIN on servers migrated from password authentication to OpenID Connect. Three weaknesses combine: POST /account/change-password has no authorization check, allowin...

📄 MetInfo CMS 8.1 Shell Upload Mass Exploiter

This Python module is a mass exploitation framework designed to automate the testing and exploitation of multiple MetInfo CMS targets potentially affected by CVE-2026-29014...

📄 OpenClaw 2026.3.13 MEDIA Protocol File Disclosure

This Python script is a security exploitation tool targeting the OpenClaw system integrated with Discord. It attempts to exfiltrate sensitive files from a victim environment by abusing a MEDIA: prompt injection mechanism...

📄 Open WebUI 0.8.11 Information Disclosure

A potential access control issue was identified in Open WebUI where the Tools API and associated “valves” endpoints may expose sensitive configuration data when accessed with valid authentication tokens. The affected endpoints allow retrieval of tool metadata and configuration structures that may...

PT-2026-34899

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix missing runtime PM reference in ccs mode store ccs mode store calls xe gt reset which internally invokes xe pm runtime get noresume. That function requires the caller to already hold an outer runtime PM reference and...

📄 lollms-webui Server-Side Request Forgery

lollms-webui suffers from a server-side request forgery vulnerability. ================================================================================================================================== | Title : lollms-webui SSRF for Cloud Metadata Leakage and Internal Network Pivoting | | Author...

📄 NLTK 3.9.2 Path Traversal / File Disclosure

NLTK version 3.9.2 suffers from a path traversal vulnerability that allows for file disclosure. ================================================================================================================================== | Title : NLTK 3.9.2 Path Traversal - File Disclosure Exploit | | Auth...

📄 Microsoft SQL Server 2022/2025 Privilege Escalation

This Python script demonstrates a privilege escalation technique targeting Microsoft SQL Server, associated with CVE-2025-24999. The exploit abuses improper permission controls on system stored procedures in the msdb database to elevate a low-privileged account to SYSADMIN...

AlmaLinux 10 : java-25-openjdk (ALSA-2026:9693)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:9693 advisory. JDK: Enhance crypto algorithm support CVE-2026-22007 JDK: Improved Arena allocations CVE-2026-22008 JDK: Improve Kerberos credentialing CVE-2026-22013 JD...

qemu-kvm security update

7.2.0-37.el9 - hashing: use mmap/munmap for isal functions Elena Ufimtseva Orabug: 39165991 - multifd: replace allocations/free with mmap/munmap Elena Ufimtseva Orabug: 39165991 - pagecache: use mmap based data pool for cache items Elena Ufimtseva Orabug: 39165991 - pagecache: change cache...

📄 LuaJIT 2.1.1774638290 FFI Remote Code Execution / Lua Injection

This script is a LuaJIT exploitation tool that attempts to abuse the LuaJIT FFI Foreign Function Interface to execute system commands or arbitrary shellcode on a remote Lua runtime exposed over a TCP socket. It connects to a target service, injects Lua code dynamically, and leverages unsafe FFI...

virt:kvm_utils3 bug fix update

hivex 1.3.18-23 - Limit recursion in ri-records CVE-2021-3622 resolves: rhbz1976194 1.3.18-22.el8 - Resolves: bz2000225 Rebase virt:rhel module:stream based on AV-8.6 1.3.18-21 - Bounds check for block exceeding page length CVE-2021-3504 resolves: rhbz1950501 1.3.18 - Resolves: bz1810193 Upgrade...

📄 MetInfo CMS 8.1 PHP Code Injection

This Python script is a full remote code execution exploit suite targeting a vulnerability in MetInfo CMS versions 8.1 and below. The flaw resides in the weixin module handling logic, where improperly sanitized input allows PHP code injection via crafted XML and HTTP parameters/headers...

RHEL 8 / 9 : java-1.8.0-openjdk (RHSA-2026:9683)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:9683 advisory. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security...

Security update for rclone (critical)

openSUSE Security Update: Security update for rclone Announcement ID: openSUSE-SU-2026:0151-1 Rating: critical References: 1140423 1232964 1233422 1262438 1262439 Cross-References: CVE-2023-45286 CVE-2023-45288 CVE-2023-48795 CVE-2024-24786 CVE-2024-45337 CVE-2024-45338 CVE-2024-51744...

Linux Distros Unpatched Vulnerability : CVE-2026-31546

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: bonding: fix NULL deref in bonddebugrlbhashshow rlbclearslave intentionally keeps RLB hash- table entries on the rxhashtblusedhead list with slave set to...