427 matches found
CVE-2026-12274
The Tutor LMS WordPress plugin before 3.9.13 does not verify that the requesting user is allowed to edit a target post before overwriting it in one of its content-builder save handlers, authorizing the request only against an unrelated identifier, allowing authenticated users with instructor-leve...
CVE-2026-61441 PraisonAI Platform before 0.1.9 Authorization Bypass via Dependencies
PraisonAI Platform praisonai-platform before 0.1.9 improperly authorizes deletion of issue dependencies. The DELETE dependency route accepts either endpoint of a dependency edge and checks delete permission only against the caller-selected URL issue. A workspace member who cannot delete a...
EUVD-2026-42901
PraisonAI Platform praisonai-platform before 0.1.9 improperly authorizes deletion of issue dependencies. The DELETE dependency route accepts either endpoint of a dependency edge and checks delete permission only against the caller-selected URL issue. A workspace member who cannot delete a...
CVE-2026-54601 FastGPT: reTrainingCollection allows server-owned datasetId override causing cross-tenant authorization confusion
FastGPT is an open source AI knowledge base platform. From 4.14.17 to before 4.15.0-beta4, FastGPT allows an authenticated tenant user to call POST /api/core/dataset/collection/create/reTrainingCollection in a way that persists a server-owned datasetId value from another tenant. This creates mixe...
PYSEC-2026-452 pgAdmin 4 server mode has an authorization vulnerability affecting Server Groups, Servers, Shared Servers, Background Processes, and Debugger modules
Authorization vulnerability in pgAdmin 4 server mode affecting Server Groups, Servers, Shared Servers, Background Processes, and Debugger modules. Multiple endpoints fetched user-owned objects without filtering by the requesting user's identity. An authenticated user could access another user's...
CVE-2026-53166
A flaw was found in the Linux kernel's futex Fast Userspace Mutex requeue mechanism. When a non-top waiter attempts to requeue a Priority Inheritance PI futex it already owns, a NULL pointer dereference can occur. This issue, specifically within the removewaiter function during a self-deadlock...
CVE-2026-53215
CVE-2026-53215 affects the Linux kernel mvpp2 driver: the RX path could return a descriptor buffer to the hardware Buffer Manager after it had been handed to XDP or an skb, allowing DMA into memory no longer owned by the RX ring. Root cause is improper handling of RX buffers in mvpp2_rx_refill() ...
CVE-2026-54228
A time-of-check time-of-use TOCTOU race condition was found in the abrt-dbus D-Bus service's SetElement method. Between dump directory creation and post-create event execution, any local user can call SetElement to write arbitrary text files into the root-owned dump directory, bypassing package...
CVE-2026-49482 ClipBucket: SQL Wildcard Injection in Subtitle Edit Endpoint Allows Mass Subtitle Overwrite
ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - 141, ClipBucket v5 contains an improper neutralization of SQL wildcard characters in the subtitle editing endpoint. An authenticated user can send a % character as the number parameter to overwrite all subtitle title...
CVE-2026-33377
An Editor can overwrite a dashboard not owned by them to acquire admin on that specific dashboard. The user must have write access to the dashboard to escalate privilege...
kernel: Read root-owned files as an unprivileged user
A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully...
Important: Red Hat Security Advisory: kpatch-patch-4_18_0-553_109_1, kpatch-patch-4_18_0-553_40_1, kpatch-patch-4_18_0-553_53_1, kpatch-patch-4_18_0-553_72_1, and kpatch-patch-4_18_0-553_85_1 security update
An update for multiple packages is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
kernel: Read root-owned files as an unprivileged user
A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully...
EUVD-2026-34257
A visibility control issue in the event template creation workflow allowed non-site-admin users to access private galaxies belonging to other organisations. The event template builder loaded all enabled galaxies without applying organisation or distribution-based access restrictions, potentially...
CVE-2026-10854
A visibility control issue in the event template creation workflow allowed non-site-admin users to access private galaxies belonging to other organisations. The event template builder loaded all enabled galaxies without applying organisation or distribution-based access restrictions, potentially...
kernel: Read root-owned files as an unprivileged user
A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully...
GHSA-6X26-5727-RRM9 Nezha's authenticated DDNS webhook configuration allows blind SSRF from the dashboard host
Summary An authenticated Nezha dashboard user can create or update a DDNS profile with provider webhook and configure an arbitrary webhookurl, HTTP method, request body, and headers. When DDNS is triggered for a server that uses that profile, the dashboard process sends the configured request wit...
wpsecscan
WPSecScan !testshttps://github.com/bryanflowers/wpsecscan...
kernel-rt security update
An update is available for kernel-rt. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel-rt packages provide the Real Time Linux Kernel, which enables...
RLSA-2026:19666 Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation LPE vulnerability in the Linux kernel CVE-2026-46300 kernel: Read root-owned fil...