CVE-2026-6762 Spoofing issue in the DOM: Core & HTML component

Spoofing issue in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

CVE-2026-6762

Spoofing issue in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

CVE-2026-6755 Mitigation bypass in the DOM: postMessage component

Mitigation bypass in the DOM: postMessage component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

CVE-2026-6755

Mitigation bypass in the DOM: postMessage component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

CVE-2026-6755

Mitigation bypass in the DOM: postMessage component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

CVE-2026-6755 Mitigation bypass in the DOM: postMessage component

Mitigation bypass in the DOM: postMessage component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

CVE-2026-6755

Mitigation bypass in the DOM: postMessage component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

CVE-2026-6746 Use-after-free in the DOM: Core & HTML component

Use-after-free in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

EUVD-2026-24075

Deserialization of Untrusted Data vulnerability in MetaSlider Responsive Slider by MetaSlider allows Object Injection.This issue affects Responsive Slider by MetaSlider: from n/a through 3.106.0...

BIT-GRAFANA-PYROSCOPE-2025-41118 Sensitive COS `SecretKey` exposed in plaintext via configuration API due to missing type protection

Pyroscope is an open-source continuous profiling database. The database supports various storage backends, including Tencent Cloud Object Storage COS. If the database is configured to use Tencent COS as the storage backend, an attacker could extract the secretkey configuration value from the...

CVE-2026-39467

Deserialization of Untrusted Data vulnerability in MetaSlider Responsive Slider by MetaSlider allows Object Injection.This issue affects Responsive Slider by MetaSlider: from n/a through 3.106.0...

WordPress Salon booking system plugin <= 10.30.24 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Lubin Regnault in WordPress Plugin Salon booking system versions = 10.30.24...

CVE-2026-39467

Deserialization of Untrusted Data vulnerability in MetaSlider Responsive Slider by MetaSlider allows Object Injection.This issue affects Responsive Slider by MetaSlider: from n/a through 3.106.0...

CVE-2026-39467 WordPress Responsive Slider by MetaSlider plugin <= 3.106.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in MetaSlider Responsive Slider by MetaSlider allows Object Injection.This issue affects Responsive Slider by MetaSlider: from n/a through 3.106.0...

CVE-2026-39467

CVE-2026-39467 affects the MetaSlider Responsive Slider plugin by MetaSlider (WordPress). It is a Deserialization of Untrusted Data vulnerability, allowing Object Injection in versions from n/a through 3.106.0. According to the CVSS 3.1 metrics, the exploit requires no user interaction and is exp...

CVE-2026-39467 WordPress Responsive Slider by MetaSlider plugin <= 3.106.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in MetaSlider Responsive Slider by MetaSlider allows Object Injection.This issue affects Responsive Slider by MetaSlider: from n/a through 3.106.0...

WordPress plugin Slider, Gallery, and Carousel by MetaSlider – Image Slider, Video Slider 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Issues...

Horilla 安全漏洞

Horilla is a free open-source human resources software developed by Horilla Company. Version 1.5.0 of Horilla contains a security vulnerability. This vulnerability stems from an insecure direct object reference in the employee document upload endpoint, which could allow any authenticated user to...

FreeScout 安全漏洞

FreeScout is a lightweight and powerful free open-source help desk and shared inbox built using PHP Laravel framework by FreeScout Inc. Versions of FreeScout prior to 1.8.214 contained security vulnerabilities. These vulnerabilities stemmed from the fact that, under limited visibility, the...

PT-2026-33924

Deserialization of Untrusted Data vulnerability in MetaSlider Responsive Slider by MetaSlider allows Object Injection.This issue affects Responsive Slider by MetaSlider: from n/a through 3.106.0...