CVE-2026-40745

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in bdthemes Element Pack Elementor Addons bdthemes-element-pack-lite allows Blind SQL Injection.This issue affects Element Pack Elementor Addons: from n/a through = 8.4.2...

CVE-2026-40745 WordPress Element Pack Elementor Addons plugin <= 8.4.2 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in bdthemes Element Pack Elementor Addons bdthemes-element-pack-lite allows Blind SQL Injection.This issue affects Element Pack Elementor Addons: from n/a through = 8.4.2...

CVE-2026-40745

The CVE-2026-40745 entry describes an SQL Injection vulnerability in the bdthemes Element Pack Elementor Addons (bdthemes-element-pack-lite) for WordPress, affecting versions up to 8.4.2. The root cause is improper neutralization of special elements used in an SQL command, leading to potential bl...

Malicious code in js-logger-pack (npm)

js-logger-pack is a fake npm logger that the attacker developed openly on the registry over 23 versions across two weeks 2026-04-01 to 2026-04-15. Version 1.1.20, published hours after initial detection, is a re-obfuscation of the same payload with a new hash — same C2, same capabilities. Early...

PT-2026-33047

Name of the Vulnerable Software and Affected Versions bdthemes Element Pack Elementor Addons versions prior to 8.4.3 Description Improper neutralization of special elements used in an SQL command allows for Blind SQL Injection. Blind SQL Injection is a technique where an attacker asks the databas...

WordPress plugin Element Pack Elementor Addons 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. There is a...

EUVD-2026-22565

Deserialization of untrusted data in Microsoft High Performance Compute Pack HPC allows an authorized attacker to elevate privileges locally...

CVE-2026-32184

CVE-2026-32184 concerns Microsoft High Performance Compute (HPC) Pack with an Elevation of Privilege vulnerability. The CVSS 3.1 vector (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) yields a base score of 7.8 (HIGH) where the attacker requires local access, low attack complexity and low privileges, with ...

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to an Improper Validation of Integrity Check Value in go-git [CVE-2026-25934]

Summary IBM Watson Speech Services Cartridge is vulnerable to an Improper Validation of Integrity Check Value in go-git, due to an issue where data integrity values for .pack and .idx files were not properly verified CVE-2026-25934. GO-git is used as a component of our ibm-watson-speech-catalog...

Description of the security update for SharePoint Server 2016: April 14, 2026 (KB5002861)

Description of the security update for SharePoint Server 2016: April 14, 2026 KB5002861 Summary Important: If you're currently running SharePoint Workflow Manager, you must install the SharePoint Workflow Manager KB5002799 to your farm before you install this cumulative update. If you're currentl...

Description of the security update for SharePoint Server 2016 Language Pack: April 14, 2026 (KB5002862)

Description of the security update for SharePoint Server 2016 Language Pack: April 14, 2026 KB5002862 Summary Important: If you're running Microsoft SharePoint Server 2013-type workflows, you must install the August 2025 update for SharePoint Workflow Manager to your farm before you install this...

Description of the security update for SharePoint Server 2019 Language Pack: April 14, 2026 (KB5002856)

Description of the security update for SharePoint Server 2019 Language Pack: April 14, 2026 KB5002856 Summary Important: If you're running 2013-type workflows, you mustinstall the August 2025 update for SharePoint Workflow Manager​​​​​​​to your farm before you install this cumulative update. If...

KB5084820 - Description of the security update for SQL Server 2016 SP3 Azure Connect Feature Pack: April 14, 2026

KB5084820 - Description of the security update for SQL Server 2016 SP3 Azure Connect Feature Pack: April 14, 2026 Summary Known issues in this update Improvements and fixes included in this update How to obtain and install the update More information File information Information about protection...

CVE-2026-24032

A vulnerability has been identified in SINEC NMS All versions V4.0 SP3 with UMC. The affected application contains an authentication weakness due to insufficient validation of user identity in the UMC component. This could allow an unauthenticated remote attacker to bypass authentication and gain...

CVE-2026-25654

A vulnerability has been identified in SINEC NMS All versions V4.0 SP3. Affected products do not properly validate user authorization when processing password reset requests. This could allow an authenticated remote attacker to bypass authorization checks, leading to the ability to reset the...

CVE-2026-25654

The CVE describes a vulnerability in SINEC NMS affecting all versions prior to 4.0 SP3, where password-reset requests do not properly validate user authorization. This could allow an authenticated remote attacker to bypass authorization and reset the password of any arbitrary user account. In the...

CVE-2026-24032

A vulnerability has been identified in SINEC NMS All versions V4.0 SP3 with UMC. The affected application contains an authentication weakness due to insufficient validation of user identity in the UMC component. This could allow an unauthenticated remote attacker to bypass authentication and gain...

KLA90984 Multiple vulnerabilities in Microsoft Azure

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to gain privileges, bypass security restrictions, spoof user interface. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Azure Monitor Agent can be...

SUSE SLES15 Security Update : kernel (Live Patch 17 for SUSE Linux Enterprise 15 SP6) (SUSE-SU-2026:1261-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1261-1 advisory. This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.78 fixes various security issues The following security issues were fixed: -...

Microsoft High Performance Compute Pack 代码问题漏洞

Microsoft High Performance Compute Pack is a high-performance computing solution provided by Microsoft Corporation in the United States. It is primarily used for creating and managing high-performance computing clusters. There are code-related vulnerabilities in the Microsoft High Performance...