CVE-2026-40592

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.214, the undo-send route GET /conversation/undo-reply/threadid checks only whether the current user can view the parent conversation. It does not verify that the current user created the reply being undone. In a...

GHSA-G8RR-7RJ2-F627 praisonai-platform: Any workspace member can delete the entire workspace via DELETE /workspaces/{id}

Summary Type: Authorization bypass enabling destructive action. The DELETE /workspaces/workspaceid endpoint is gated only by requireworkspacememberworkspaceid default minrole="member". Any member of the workspace can issue a single DELETE to wipe the entire workspace, including every project,...

PT-2026-45485

Summary Type: Authorization bypass enabling destructive action. The DELETE /workspaces/workspace id endpoint is gated only by require workspace memberworkspace id default min role="member". Any member of the workspace can issue a single DELETE to wipe the entire workspace, including every project...

CVE-2026-45342

LinkAce prior to version 2.5.6 is affected by an Insecure Direct Object Reference (IDOR) in the authorization policy layer. The root cause is in update() policy methods (LinkPolicy, LinkListPolicy, TagPolicy, NotePolicy) where access checks delegate to userCanAccessX(), which returns true for any...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: xfs: fixed a UAF Use-after-Free in xchkbtreecheckblockowner. We cannot dereference bs-cur when trying to determine whether bs-cur aliases bs-sc-sa.bno,rmapcur after the latter has been freed. This issue was fixed by introducing a...

CVE-2026-23223 xfs: fix UAF in xchk_btree_check_block_owner

In the Linux kernel, the following vulnerability has been resolved: xfs: fix UAF in xchkbtreecheckblockowner We cannot dereference bs-cur when trying to determine if bs-cur aliases bs-sc-sa.bno,rmapcur after the latter has been freed. Fix this by sampling before type before any freeing could...

CVE-2026-23223

CVE-2026-23223 relates to the Linux kernel where the XFS filesystem code exhibits a use-after-free in xchk_btree_check_block_owner. The issue arises from dereferencing bs->cur after it (or related pointers) may have been freed, leading to incorrect aliasing checks for bs->sc->sa.{bno,rma...

Gogs has authorization bypass in repository deletion API

Summary The DELETE /api/v1/repos/:owner/:repo endpoint lacks necessary permission validation middleware. Consequently, any user with read access including read-only collaborators can delete the entire repository. This vulnerability stems from the API route configuration only utilizing the...

GHSA-G268-72P7-9J6J Spree API has Authenticated Insecure Direct Object Reference (IDOR) via Order Modification

Summary An Authenticated Insecure Direct Object Reference IDOR vulnerability was identified that allows an authenticated user to retrieve other users’ address information by modifying an existing order. By editing an order they legitimately own and manipulating address identifiers in the request,...

CVE-2026-22246 Local Mastodon users can enumerate and access severed relationships of every other local user

Mastodon is a free, open-source social network server based on ActivityPub. Mastodon 4.3 added notifications of severed relationships, allowing end-users to inspect the relationships they lost as the result of a moderation action. The code allowing users to download lists of severed relationships...

EUVD-2026-1675

Mastodon is a free, open-source social network server based on ActivityPub. Mastodon 4.3 added notifications of severed relationships, allowing end-users to inspect the relationships they lost as the result of a moderation action. The code allowing users to download lists of severed relationships...

sui_vulnerable_vault

I will update this project in the future. Now, we have to co...

CVE-2025-68242 NFS: Fix LTP test failures when timestamps are delegated

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix LTP test failures when timestamps are delegated The utimes01 and utime06 tests fail when delegated timestamps are enabled, specifically in subtests that modify the atime and mtime fields using the 'nobody' user ID. The...

CVE-2025-65033

Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an authorization flaw in the poll management feature allows any authenticated user to pause or resume any poll, regardless of ownership. The system only uses the public pollId to identify polls, and it does not...

CVE-2023-21389

In Settings, there is a possible bypass of profile owner restrictions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

DOS for collections displaying is possible

Lines of code Vulnerability details The ability to add any number of any NFT to a collection allows for the griefing attack on any collections UI. Bob the attacker can create bogus NFT, with an enormous number of ids and gobble all of them, making getCopiesOfArtGobbledByGobbler mapping huge. Bob'...

Arbitrary access to reset any _tokenId

Lines of code Vulnerability details Impact The poke function is currently missing check to see if user calling poke with tokenId is actually owner of it. Since this function will reset the token and vote so the actual owner will not be able to make withdraw on this tokenId as votedtokenId will be...

GSD-2022-1000954 vhost/vsock: don't check owner in vhost_vsock_stop() while releasing

vhost/vsock: don't check owner in vhostvsockstop while releasing This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.304 by commit...

GSD-2022-1000935 vhost/vsock: don't check owner in vhost_vsock_stop() while releasing

vhost/vsock: don't check owner in vhostvsockstop while releasing This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.269 by commit...

GSD-2022-1000893 vhost/vsock: don't check owner in vhost_vsock_stop() while releasing

vhost/vsock: don't check owner in vhostvsockstop while releasing This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.182 by commit...