CVE-2026-23513

FOSSBilling is a free, open-source billing and client management system. In versions 0.7.2 and prior, a query-construction flaw in client list endpoints allowed authenticated clients to bypass tenant scoping and retrieve other clients’ data. Details In ServiceTransaction::getSearchQuery and...

CVE-2026-54322

Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. Prior to 0.185.0, Daytona's organization role update and delete endpoints authorized the caller as an owner of the organization named in the request path, but resolved and mutated the targe...

CVE-2026-55255 Langflow: IDOR Vulnerability in `/api/v1/responses` Endpoint Allows Authenticated Attackers to Access Another User's Flow

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.2, an Insecure Direct Object Reference IDOR vulnerability in /api/v1/responses endpoint allows an authenticated attacker to execute any flow belonging to another user by specifying the victim's flow ID in...

CVE-2026-56222

Capgo before 12.128.2 contains an authorization bypass vulnerability in POST /private/rolebindings that fails to verify appid ownership during app-scoped role binding creation. An attacker with administrative privileges in one organization can create role bindings targeting applications owned by...

CVE-2026-56784

OpenRemote before 1.25.0 contains an insecure direct object reference IDOR vulnerability in the bulk alarm deletion endpoint that allows authenticated users to permanently delete alarms belonging to other tenants by supplying arbitrary alarm IDs. The removeAlarms method in AlarmResourceImpl.java...

EUVD-2026-38427

Capgo before 12.128.2 contains an authorization bypass vulnerability in POST /private/rolebindings that fails to verify appid ownership during app-scoped role binding creation. An attacker with administrative privileges in one organization can create role bindings targeting applications owned by...

EUVD-2026-38262

A Missing Authorization vulnerability in a GraphQL private API operation of the Google App Engine section of the Cloud Console allows an unauthenticated remote attacker to leak sensitive App Engine request logs from other projects using a specially crafted request. This vulnerability was patched ...

Astra Linux – Vulnerability in Zabbix

Currently, the geomap configuration Administration - General - Geographical maps allows the use of HTML in the “Attribution text” field when the “Other” Tile provider is selected...

EUVD-2026-37884

UBB.threads is vulnerable to Reflected XSS. The application improperly handles user input in certain requests, enabling attackers to execute arbitrary JavaScript in the context of a victim's browser by tricking them into clicking a crafted link. Because vendor contact attempts were unsuccessful,...

CVE-2026-54221

UBB.threads is affected by a Reflected XSS vulnerability (CVE-2026-54221). The issue is confirmed in version 7.7.5 and may affect other versions. The vulnerability allows an attacker to execute arbitrary JavaScript in a victim’s browser when the user clicks a crafted link, with user interaction r...

EUVD-2026-37883

uBB.threads is vulnerable to a Cross-Site Request Forgery CSRF due to a lack of protective mechanisms. This allows an attacker to trick an authenticated user into executing unintended actions. Because vendor contact attempts were unsuccessful, the vulnerability has only been confirmed in version...

CVE-2026-55198

Hermes WebUI before 0.51.443 contains an authorization bypass vulnerability in the session export endpoint that allows authenticated users to access sessions from other profiles. The handlesessionexport handler in api/routes.py fails to verify active-profile ownership before serializing session...

CVE-2026-55198

Hermes WebUI prior to 0.51.443 contains an authorization bypass in the session export endpoint. The _handle_session_export handler in api/routes.py fails to verify active-profile ownership before serializing session data, allowing authenticated users to exfiltrate transcripts from other profiles ...

CVE-2026-5149 RTMKit <= 2.0.7 - Authenticated (Contributor+) Missing Authorization to Arbitrary Form Submission Access via 'entries_id' Parameter

The RTMKit plugin for WordPress is vulnerable to Incorrect Authorization in all versions up to, and including, 2.0.7 This is due to the getsubmissioncontent AJAX endpoint lacking a capability check to verify that a user has permission to access the requested form submission data. This makes it...

PT-2026-49613

The RTMKit plugin for WordPress is vulnerable to Incorrect Authorization in all versions up to, and including, 2.0.7 This is due to the get submission content AJAX endpoint lacking a capability check to verify that a user has permission to access the requested form submission data. This makes it...

CVE-2026-45441

CVE-2026-45441 affects the WordPress WpEvently plugin up to version 5.3.3. It is described as unauthenticated, of the “Other Vulnerability Type”, with CVSSv3.1 base score 7.5 (NETWORK, LOW attack complexity, PR/NONE, I/H, UI/NONE). The provided documents do not specify the exact root cause, vulne...

CVE-2026-45441 WordPress WpEvently plugin <= 5.3.3 - Other Vulnerability Type vulnerability

Unauthenticated Other Vulnerability Type in WpEvently = 5.3.3 versions...

Malicious code in intel-ai-safety-explainer (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7561bb0b816a4521b6de43bce01afa55516a7201b6daa7696de4924623557f90 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in gigl-core (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 28903f76bed2e89a18c9c276d62c95bb089a091020f89f35f7d2800ef6a3bce3 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

CVE-2026-34029

The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains a hard-coded cryptographic key in the SafeSystem.Infrastructure.Security.dll component. An attacker with access to the application files can reverse engineer the DLL and recover the hard-coded cryptographic key. This...