PT-2026-34426

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The module loader fails to verify the bounds of the ELF section index within the simplify symbols function. A symbol containing an out-of-bounds st shndx value, such as those defined as...

Red Hat Enterprise Linux 安全漏洞

Red Hat Enterprise Linux is a Linux operating system for enterprise users developed by Red Hat, Inc. Red Hat Enterprise Linux 10 contains a security vulnerability. This vulnerability stems from improper handling of special XCOFF object files during linking. A local attacker can trick users into...

Augmentt 安全漏洞

Augmentt is a SaaS management and automation platform developed by Augmentt Inc. in Canada. There is a security vulnerability in Augmentt, which stems from insecure direct object references in web applications. This vulnerability could allow unauthorized users to access and manipulate sensitive...

pypdf 安全漏洞

pypdf is an open-source, free Python library developed by py-pdf. It allows for splitting, merging, cropping, and converting pages within PDF files. Prior to version 6.10.1, pypdf had security vulnerabilities. These vulnerabilities stemmed from the ability of attackers to create PDFs with incorre...

PT-2026-34465

ICEWARP 11.0.0.0 contains a cross-site scripting vulnerability that allows attackers to inject malicious HTML elements into emails by embedding base64-encoded payloads in object and embed tags. Attackers can craft emails containing data URIs with embedded scripts that execute in the client when t...

PT-2026-34334

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An insecure direct object reference allows unauthorized users to access and manipulate sensitive data across different tenants. This can result in unauthorized...

PT-2026-34615

Name of the Vulnerable Software and Affected Versions @xmldom/xmldom versions prior to 0.8.13 @xmldom/xmldom versions prior to 0.9.10 xmldom versions prior to 0.6.0 Description The software allows attacker-controlled comment content to be serialized into XML without validating or neutralizing...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013697)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013697 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/virtio: Check whether transferred 2D BO is shmem Transferred 2D BO always must be a shmem BO...

IceWarp 跨站脚本漏洞

IceWarp is an integrated enterprise communication and collaboration platform developed by the Czech company IceWarp. It aims to provide organizations with various tools and features to support internal and external communication, collaboration, and business processes. Version IceWarp 11.0.0.0...

CVE-2026-40926 WWBN AVideo Vulnerable to CSRF in Admin JSON Endpoints (Category CRUD, Plugin Update Script)

WWBN AVideo is an open source video platform. In versions 29.0 and prior, three admin-only JSON endpoints — objects/categoryAddNew.json.php, objects/categoryDelete.json.php, and objects/pluginRunUpdateScript.json.php — enforce only a role check Category::canCreateCategory / User::isAdmin and...

CVE-2026-40907

WWBN AVideo is an open source video platform. In versions 29.0 and prior, the endpoint plugin/Live/view/Liverestreams/list.json.php contains an Insecure Direct Object Reference IDOR vulnerability that allows any authenticated user with streaming permission to retrieve other users' live restream...

CVE-2026-40907

Summary: WWBN AVideo 29.0 and earlier contains an Insecure Direct Object Reference (IDOR) in the endpoint plugin/Live/view/Live_restreams/list.json.php. This allows any authenticated user with streaming permission to view other users’ live restream configurations, exposing third‑party platform st...

CVE-2026-40907 WWBN AVideo has IDOR in Live Restreams list.json.php that Exposes Other Users' Stream Keys and OAuth Tokens

WWBN AVideo is an open source video platform. In versions 29.0 and prior, the endpoint plugin/Live/view/Liverestreams/list.json.php contains an Insecure Direct Object Reference IDOR vulnerability that allows any authenticated user with streaming permission to retrieve other users' live restream...

CVE-2026-40865

Horilla is a free and open source Human Resource Management System HRMS. In 1.5.0, an insecure direct object reference in the employee document viewer allows any authenticated user to access other employees’ uploaded documents by changing the document ID in the request. This exposes sensitive HR...

CVE-2026-40866

Horilla is a free and open source Human Resource Management System HRMS. In 1.5.0, an insecure direct object reference in the employee document upload endpoint allows any authenticated user to overwrite or replace or corrupt another employee’s document by changing the document ID in the upload...

EUVD-2026-24199

An insecure direct object reference vulnerability in the Users API component of Crafty Controller allows a remote, authenticated attacker to perform user modification actions via improper API permissions validation...

CVE-2026-40866 Horilla: Unauthorized Document Overwrite via File Upload Endpoint

Horilla is a free and open source Human Resource Management System HRMS. In 1.5.0, an insecure direct object reference in the employee document upload endpoint allows any authenticated user to overwrite or replace or corrupt another employee’s document by changing the document ID in the upload...

CVE-2026-40866

Horilla HRMS (version 1.5.0) contains an insecure direct object reference vulnerability in the employee document upload endpoint. An authenticated user can overwrite, replace, or corrupt another employee’s document by altering the document ID in the upload request, leading to unauthorized modific...

EUVD-2026-24234

Horilla is a free and open source Human Resource Management System HRMS. In 1.5.0, an insecure direct object reference in the employee document upload endpoint allows any authenticated user to overwrite or replace or corrupt another employee’s document by changing the document ID in the upload...

CVE-2026-40865

Horilla HRMS 1.5.0 contains an insecure direct object reference in the employee document viewer. An authenticated user can access other employees’ uploaded documents by altering the document ID parameter, exposing identity documents, contracts, certificates, and other private records. The PT-2026...