Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011299)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011299 advisory. In the Linux kernel, the following vulnerability has been resolved: thermal: intelpowerclamp: Use getcpu instead of smpprocessorid to avoid crash When CPU 0 is offli...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-006968)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006968 advisory. In the Linux kernel, the following vulnerability has been resolved: thermal: intelpowerclamp: Use getcpu instead of smpprocessorid to avoid crash When CPU 0 is offli...

GuardPhish: Securing Open-Source LLMs from Phishing Abuse

The rapid adoption of open-source Large Language Models LLMs in offline and enterprise environments has introduced a largely unexamined security risk like susceptibility to adversarial phishing prompts under static safety configurations. In this work, we systematically investigate this...

curl: Digest Auth State Leak on Cross-Origin Redirect via Netrc - Username and Password Hash Sent to Wrong Host

Summary When curl follows an HTTP redirect from hostA to hostB using --netrc --digest -L, Digest authentication state nonce, realm from hostA persists and is combined with hostB's netrc credentials to generate an unsolicited Digest Authorization header sent to hostB. This leaks hostB's username i...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007460)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007460 advisory. In the Linux kernel, the following vulnerability has been resolved: mm/hwpoison: clear MFCOUNTINCREASED before retrying getanypage Hulk Robot reported a panic in...

CVE-2026-40163

Saltcorn is an extensible, open source, no-code database application builder. Prior to 1.4.5, 1.5.5, and 1.6.0-beta.4, the POST /sync/offlinechanges endpoint allows an unauthenticated attacker to create arbitrary directories and write a changes.json file with attacker-controlled JSON content...

EUVD-2026-22188

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Versions 0.7.2 and below contain a Blind Server Side Request Forgery in the functionality that allows editing an image via a prompt. The affected function performs a GET request to a user-provided U...

CVE-2026-40164

jq is a command-line JSON processor. Before commit 0c7d133c3c7e37c00b6d46b658a02244fdd3c784, jq used MurmurHash3 with a hardcoded, publicly visible seed 0x432A9843 for all JSON object hash table operations, which allowed an attacker to precompute key collisions offline. By supplying a crafted JSO...

Automatic Teller Machines for Offline E-Cash

Electronic cash e-cash is a digital alternative to physical currency that allows anonymous transactions between users and merchants. Typically, coins in an e-cash scheme are only dispensed through a central bank. A drawback of this approach is that the bank is always on the critical path during...

Directory Traversal

Overview @saltcorn/server is a Server app for Saltcorn, open-source no-code platform Affected versions of this package are vulnerable to Directory Traversal via the POST /sync/offlinechanges and GET /sync/uploadfinished endpoints, which improperly handle user-supplied input in path construction. ...

CVE-2026-40163 Saltcorn has an Unauthenticated Path Traversal in sync endpoints allows arbitrary file write and directory read

Saltcorn is an extensible, open source, no-code database application builder. Prior to 1.4.5, 1.5.5, and 1.6.0-beta.4, the POST /sync/offlinechanges endpoint allows an unauthenticated attacker to create arbitrary directories and write a changes.json file with attacker-controlled JSON content...

CVE-2026-40163

Saltcorn is affected by an unauthenticated path traversal vulnerability in the sync endpoints. Before versions 1.4.5, 1.5.5, and 1.6.0-beta.4, POST /sync/offline_changes allows an attacker to create arbitrary directories and write a changes.json file with attacker-controlled JSON anywhere on the ...

Saltcorn 路径遍历漏洞

Saltcorn is an open-source, scalable, code-free database application builder developed by Saltcorn. Versions of Saltcorn prior to 1.4.5, 1.5.5, and 1.6.0-beta.4 contained a path traversal vulnerability. This vulnerability stemmed from the POST /sync/offlinechanges endpoint, which allowed...

How A Simple Misconfiguration Can Fuel Offline Attacker Tools

How A Simple Misconfiguration Can Fuel Offline Attacker Tools By Grant McDonald · April 9, 2026 It’s no secret that misconfigurations are a gateway for attackers. But that doesn’t mean misconfigurations won’t happen or that attackers won’t attempt to exploit them. In the latest research from our...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006665)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006665 advisory. In the Linux kernel, the following vulnerability has been resolved: block: Fix handling of offline queues in blkmqallocrequesthctx This patch prevents that test...

WordPress Backup Migration plugin <= 2.0.0 - Missing Authorization to Unauthenticated Backup Upload to Offline Storage vulnerability

Missing Authorization to Unauthenticated Backup Upload to Offline Storage vulnerability discovered by 0N0ise - cert.pl in WordPress Plugin Backup Migration versions = 2.0.0...

CVE-2025-14944

The CVE concerns the WordPress Backup Migration plugin and affects all versions up to 2.0.0. Root cause: missing capability check in initializeOfflineAjax and insufficient nonce verification, with hardcoded tokens exposed in the plugin’s JavaScript. This allows unauthenticated attackers to trigge...

CVE-2025-14944 Backup Migration <= 2.0.0 - Missing Authorization to Unauthenticated Backup Upload to Offline Storage

The Backup Migration plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 2.0.0. This is due to a missing capability check on the 'initializeOfflineAjax' function and lack of proper nonce verification. The endpoint only validates against hardcoded toke...

CVE-2025-14944 Backup Migration <= 2.0.0 - Missing Authorization to Unauthenticated Backup Upload to Offline Storage

The Backup Migration plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 2.0.0. This is due to a missing capability check on the 'initializeOfflineAjax' function and lack of proper nonce verification. The endpoint only validates against hardcoded toke...

EUVD-2026-19574

In parisneo/lollms version 2.1.0, the application's session management is vulnerable to improper access control due to the use of a weak secret key for signing JSON Web Tokens JWT. This vulnerability allows an attacker to perform an offline brute-force attack to recover the secret key. Once the...