EUVD-2026-11134

WordPress core is vulnerable to unauthorized access in versions 6.9 through 6.9.1. The Notes feature block-level collaboration annotations was introduced in WordPress 6.9 to allow editorial comments directly on posts in the block editor. However, the REST API createitempermissionscheck method in...

CVE-2026-32110

creationtimestamp| type| source ---|---|--- 2026-03-11 01:11:29+00:00| published-proof-of-concept| https://github.com/siyuan-note/siyuan/security/advisories/GHSA-56cv-c5p2-j2wg...

Use of Hard-coded Credentials

Overview Affected versions of this package are vulnerable to Use of Hard-coded Credentials in the JWKS resolver, which can be exposed if a fetch operation fails. An attacker can obtain private keys by forcing such a failure. Note: The keys are exposed even if RequestAuthentication is in use...

MINI-3332-25V9-PWV2

Bulletin has no description...

GO-2026-4574 ZITADEL has potential SSRF via Actions in github.com/zitadel/zitadel

ZITADEL has potential SSRF via Actions in github.com/zitadel/zitadel. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability scanners, please suggest...

Malicious code in alinet-w (npm)

Package is malware due to ransomware-like behavior: file encryption, key exfiltration, terminal locking, ransom note, and persistence attempts. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c18fd7e3ffa16f370fa25fcc489c381958d8200bf01cd8bf3627c91301eb397 The...

MAL-2026-1319 Malicious code in alinet-w (npm)

Package is malware due to ransomware-like behavior: file encryption, key exfiltration, terminal locking, ransom note, and persistence attempts. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c18fd7e3ffa16f370fa25fcc489c381958d8200bf01cd8bf3627c91301eb397 The...

CVE-2026-30926 SiYuan Note publish service authorization bypass allows low-privilege users to modify notebook content

SiYuan is a personal knowledge management system. Prior to 3.5.10, a privilege escalation vulnerability exists in the publish service of SiYuan Note that allows low-privilege publish accounts RoleReader to modify notebook content via the /api/block/appendHeadingChildren API endpoint. The endpoint...

CVE-2026-30926 SiYuan Note publish service authorization bypass allows low-privilege users to modify notebook content

SiYuan is a personal knowledge management system. Prior to 3.5.10, a privilege escalation vulnerability exists in the publish service of SiYuan Note that allows low-privilege publish accounts RoleReader to modify notebook content via the /api/block/appendHeadingChildren API endpoint. The endpoint...

CVE-2026-30926

Technical details about CVE-2026-30926 are not provided in the connected documents. The initial description contains specifics, but the connected SUSE/PTSecurity updates do not elaborate on affected products or impact. Monitor for official advisories.

CVE-2026-30926 SiYuan Note publish service authorization bypass allows low-privilege users to modify notebook content

SiYuan is a personal knowledge management system. Prior to 3.5.10, a privilege escalation vulnerability exists in the publish service of SiYuan Note that allows low-privilege publish accounts RoleReader to modify notebook content via the /api/block/appendHeadingChildren API endpoint. The endpoint...

CVE-2026-31809

creationtimestamp| type| source ---|---|--- 2026-03-09 08:40:48+00:00| published-proof-of-concept| https://github.com/siyuan-note/siyuan/security/advisories/GHSA-pmc9-f5qr-2pcr...

Fedora: Security Advisory (FEDORA-2026-e67a6f9c45)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2026-30926

creationtimestamp| type| source ---|---|--- 2026-03-07 02:16:33+00:00| published-proof-of-concept| https://github.com/siyuan-note/siyuan/security/advisories/GHSA-f9cq-v43p-v523...

MINI-4V93-6PC3-29CJ

Bulletin has no description...

Vim < 9.2.0074 Heap-based Buffer Overflow (GHSA-h4mf-vg97-hj8j)

The version of Vim installed on the remote host is prior to 9.2.0074. It is, therefore, affected by a vulnerability as referenced in the GHSA-h4mf-vg97-hj8j advisory. - Vim is an open source, command line text editor. Prior to version 9.2.0074, a heap-based buffer overflow out-of-bounds read exis...

Exploit for CVE-2011-1473

CVE-2011-1473-POC CVE-20...

Important: Red Hat Security Advisory: kpatch-patch-5_14_0-570_17_1, kpatch-patch-5_14_0-570_39_1, and kpatch-patch-5_14_0-570_66_1 security update

An update for multiple packages is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

CVE-2026-27802

A flaw was found in Vaultwarden. A manager, an authorized user, can exploit this vulnerability by performing a bulk permission update to collections they are not authorized to access. This can lead to privilege escalation, allowing the manager to gain unauthorized access and control over these...

MINI-V3PC-W34J-VG5W

Bulletin has no description...