CVE-2026-7813 pgAdmin 4: Cross-user data access and shared-server privilege escalation in server mode

Authorization vulnerability in pgAdmin 4 server mode affecting Server Groups, Servers, Shared Servers, Background Processes, and Debugger modules. Multiple endpoints fetched user-owned objects without filtering by the requesting user's identity. An authenticated user could access another user's...

CVE-2026-7813 pgAdmin 4: Cross-user data access and shared-server privilege escalation in server mode

Authorization vulnerability in pgAdmin 4 server mode affecting Server Groups, Servers, Shared Servers, Background Processes, and Debugger modules. Multiple endpoints fetched user-owned objects without filtering by the requesting user's identity. An authenticated user could access another user's...

ALPINE-CVE-2026-40706

In NTFS-3G 2022.10.3 before 2026.2.25, a heap buffer overflow exists in ntfsbuildpermissionsposix in acls.c that allows an attacker to corrupt heap memory in the SUID-root ntfs-3g binary by crafting a malicious NTFS image. The overflow is triggered on the READ path stat, readdir, open when...

PT-2026-34185

Name of the Vulnerable Software and Affected Versions NTFS-3G versions 2022.10.3 through 2026.2.24 Description A heap buffer overflow exists in the ntfs build permissions posix function within acls.c. This issue allows an attacker to corrupt heap memory in the SUID-root ntfs-3g binary by using a...

Configure the Scripts Executed by crontab to Be Writable Only by Their Owners

crontab is the configuration file used by the system to execute scheduled tasks. The path of the configuration file is /etc/crontab. With crontab, the OS automatically executes the tasks defined by the administrator based on service requirements. Therefore, the execution scripts or programs...

GHSA-6W8C-6JRG-QWJ2 Radicale regex metacharacters injection in the user name

Radicale before 1.1 allows remote authenticated users to bypass ownerwrite and owneronly limitations via regex metacharacters in the user name, as demonstrated by...

UBUNTU-CVE-2015-8748

Radicale before 1.1 allows remote authenticated users to bypass ownerwrite and owneronly limitations via regex metacharacters in the user name, as demonstrated by "."...