34877 matches found
CVE-2026-55542 Snipe-IT's S3 signature image retrieval lacks authorization before temporary URL
Snipe-IT is an IT asset/license management system. Prior to version 8.6.1, Snipe-IT S3 signature image retrieval lacks authorization before temporary URL. On S3-backed deployments, authenticated users who know a signature filename can obtain a 5-minute signed S3 URL because the S3 branch returns...
CVE-2026-58213
NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.1 and 2.12.9, an MQTT client could include protocol control characters in subscription filters that were later forwarded as NATS protocol data to route or leafnode connections, corrupti...
CVE-2026-59936
Technical details about CVE-2026-59936 are not publicly available in the provided documents. Monitor for updates from official advisories to learn affected versions, impact, and fixes.
httpd: mod_proxy_ajp: off-by-one out-of-bounds reads in AJP getter functions
A flaw was found in the modproxyajp module of httpd. When processing AJP Apache JServ Protocol messages, the AJP getter functions attempt to read data beyond the allocated buffer size, allowing an attacker or a malformed request to cause an out-of-bounds read. This issue leads to a denial of...
CVE-2026-59926 Mistune: XSS via unescaped class option in Admonition directive
Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, renderadmonition in src/mistune/directives/admonition.py concatenates the Admonition directive :class: option into the HTML class attribute without escaping, allowing attribute injection and cross-site scripting even...
CVE-2026-59897 Hono: API Gateway v1 adapter can drop a distinct repeated request header value during de-duplication
Hono is a Web application framework that provides support for any JavaScript runtime. From 4.3.3 before 4.12.27, the AWS API Gateway v1 adapter can drop a distinct repeated request header value because it de-duplicates values using a substring comparison instead of an exact match, so middleware o...
CVE-2026-3144
CVE-2026-3144 affects IBM API Connect 12.1.0.0 through 12.1.0.3. The issue is the use of default credentials, which could allow an attacker to gain unauthorized access to the application before the system enforces a credential update. Exploitation details or a remediation/fix are not provided in ...
CVE-2026-59870
js-yaml is a JavaScript YAML parser and dumper. From 5.0.0 before 5.2.1, YAML11SCHEMA support for the !!omap tag in src/tag/sequence/omap.ts uses omapTag.addItem to perform a linear duplicate-key scan on every insertion, causing On^2 CPU consumption when yaml.load parses a crafted ordered-map...
CVE-2026-22927
Omnissa Workspace ONE® Tunnel for Windows addresses a Local Privilege Escalation Vulnerability...
CVE-2026-10706 Exposure of Sensitive Information to an Unauthorized attacker
In Adalo’s no-code app builder, Versions 1 and 2 the attackers may extract full user records and correlate user behavior across multiple applications via dbId enumeration. The platform does not implement data minimization, privacy by design, or implement appropriate technical safeguards, allowing...
CVE-2026-59257 n8n - SQL Injection in MySQL v1 executeQuery Operation via Expression Interpolation
n8n before 1.123.61, 2.x before 2.27.4, and 2.28.x before 2.28.1 contains a SQL injection vulnerability in the legacy MySQL v1 node's executeQuery operation. The operation substitutes evaluated ... expression values directly into the raw SQL string without parameterization. When a workflow uses...
EUVD-2026-42249
Capgo before 12.128.2 contains a broken access control vulnerability in the organization management API where a scoped API key limitedtoorgs inherits its owner-user's permissions, allowing destructive cross-organization actions. When a user is an admin in two organizations and creates a write-mod...
WordPress Author Box WP Lens plugin <= 2.1.5 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by ParkHyunWoo in WordPress Plugin Author Box WP Lens versions = 2.1.5...
CVE-2026-22927
Technical details about CVE-2026-22927 are not publicly available in the provided documents. Monitor for updates from Omnissa and CVE databases.
CVE-2026-22927
Omnissa Workspace ONE® Tunnel for Windows addresses a Local Privilege Escalation Vulnerability...
EUVD-2026-42242
Omnissa Workspace ONE® Tunnel for Windows addresses a Local Privilege Escalation Vulnerability...
CVE-2026-22927
Omnissa Workspace ONE® Tunnel for Windows addresses a Local Privilege Escalation Vulnerability...
WordPress Active Products Tables for WooCommerce plugin <= 1.1.0 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by hhhai in WordPress Plugin Active Products Tables for WooCommerce versions = 1.1.0...
RHSA-2026:36206 Red Hat Security Advisory: 389-ds:1.4 security update
Bulletin has no description...
CVE-2026-14500
The Bulk Order Update for WooCommerce plugin for WordPress is vulnerable to Arbitrary File Read in versions up to, and including, 1.6. This is due to the bouwfetchcsvdata AJAX handler being registered on the wpajaxnopriv hook with no capability or nonce check, and passing the attacker-supplied...