WordPress AudioIgniter Music Player plugin <= 2.0.2 - Unauthenticated Insecure Direct Object Reference to 'audioigniter_playlist_id' Parameter vulnerability

Unauthenticated Insecure Direct Object Reference to 'audioigniterplaylistid' Parameter vulnerability discovered by ? in WordPress Plugin AudioIgniter Music Player versions = 2.0.2...

Chromium: CVE-2026-9126 Use after free in DOM

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

EUVD-2026-31355

Concrete CMS 9.5.0 and below is subject to Insecure Direct Object Reference IDOR in the Express Entry Detail block via the exEntryID parameter. This IDOR leads to unauthorized access to all Express form submissions. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 6.3...

EUVD-2026-31354

Concrete CMS 9.5.0 and below is vulnerable to IDOR. The '/ccm/frontend/conversations/messagepage' endpoint returns the full content of any conversation message. An unauthenticated attacker can enumerate all conversation messages, including messages from restricted pages, member-only areas, and th...

EUVD-2026-31352

Concrete CMS 9.5.0 and below is vulnerable to IDOR. The /ccm/frontend/conversations/messagedetail endpoint returns the full content of any conversation message. An unauthenticated attacker can enumerate all conversation messages, including messages from restricted pages, member-only areas, and th...

PT-2026-42773

Concrete CMS 9.5.0 and below is vulnerable to IDOR + wrong-authorization-level in the Express association Reorder dialog. This can cause Cross-entity state tampering with view-only permission on one entry. To be affected, a website has to be using express and relying on express entity...

PT-2026-42797

Typebot is a chatbot builder tool. In versions 3.15.2 and prior, the getResultLogs API endpoint authorizes the caller against the provided typebotId but fetches logs solely by resultId without verifying that the result belongs to the authorized typebot, leading to IDOR. An authenticated attacker...

Typebot 安全漏洞

Typebot is an open-source chat bot builder developed by Baptiste Arnaud. Version 3.15.2 of Typebot contains a security vulnerability. This vulnerability arises from the use of Array.filter with asynchronous callbacks in the getLinkedTypebots API endpoint, causing the authorization check to always...

Concrete CMS 安全漏洞

Concrete CMS is an open-source content management system developed by Concrete CMS. Versions of Concrete CMS 9.5.0 and earlier contain security vulnerabilities. These vulnerabilities stem from insecure direct object references in the Express-associated reorder dialog boxes, as well as incorrect...

Linux Distros Unpatched Vulnerability : CVE-2026-8965

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Information disclosure in the DOM: Security component. This vulnerability was fixed in Firefox 151 and Thunderbird 151. CVE-2026-8965 Note that Nessus relies on...

Unity Linux 20.1060e / 20.1070e Security Update: nodejs-minimist (UTSA-2026-016649)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016649 advisory. minimist before 1.2.2 could be tricked into adding or modifying properties of Object.prototype using a constructor or proto payload. Tenable has extracted the...

Unity Linux 20.1070e Security Update: aspell (UTSA-2026-016693)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016693 advisory. objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::duptop called from acommon::StringMap::add and acommon::Config::lookuplist...

CVE-2026-7881

Concrete CMS 9.5.0 and below is subject to Insecure Direct Object Reference IDOR in the Express Entry Detail block via the exEntryID parameter. This IDOR leads to unauthorized access to all Express form submissions. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 6.3...

Off-by-one Error

Overview Magick.NET-Q8-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package ar...

Twig: Sandbox property and method bypass via object-destructuring assignment

Description The object-destructuring assignment syntax introduced in Twig 3.24.0 generates a call to CoreExtension::getAttribute with the $sandboxed argument hardcoded to false, regardless of whether a SandboxExtension is active. This permanently disables the sandbox's property and method policy...

Twig: Sandbox property allowlist bypass via the `column` filter (array_column on objects)

Description The column filter passes its input straight to PHP's native arraycolumn. When the array elements are objects, arraycolumn reads $obj-$name and $obj-$index directly, including invoking get/isset. Because this property read happens entirely in PHP native code and never reaches...

GHSA-VCC8-PHRV-43WJ Twig: Sandbox property allowlist bypass via the `column` filter (array_column on objects)

Description The column filter passes its input straight to PHP's native arraycolumn. When the array elements are objects, arraycolumn reads $obj-$name and $obj-$index directly, including invoking get/isset. Because this property read happens entirely in PHP native code and never reaches...

CVE-2026-7886 Concrete CMS 9.5.0 and below is vulnerable to IDOR in AddMessage/UpdateMessage via attachments[] parameter

Concrete CMS 9.5.0 and below is vulnerable to IDOR in AddMessage/UpdateMessage via attachments parameter which can lead to file permission bypass. The AddMessage and UpdateMessage conversation controllers accept user-supplied file attachment IDs and load files directly via $em-findFile::class,...

CVE-2026-7886 Concrete CMS 9.5.0 and below is vulnerable to IDOR in AddMessage/UpdateMessage via attachments[] parameter

Concrete CMS 9.5.0 and below is vulnerable to IDOR in AddMessage/UpdateMessage via attachments parameter which can lead to file permission bypass. The AddMessage and UpdateMessage conversation controllers accept user-supplied file attachment IDs and load files directly via $em-findFile::class,...

CVE-2026-8337

Concrete CMS 9.5.0 and below is vulnerable to IDOR in surveys. To be vulnerable, a site would have to be configured in such a way that both public and private surveys are present on the site. An unauthenticated attacker can vote in the restricted survey by submitting the restricted optionID throu...