Description of the security update for SharePoint Server 2019 Language Pack: March 10, 2026 (KB5002847)

Description of the security update for SharePoint Server 2019 Language Pack: March 10, 2026 KB5002847 Summary Important: If you're running 2013-type workflows, you mustinstall the August 2025 update for SharePoint Workflow Manager to your farm before you install this cumulative update.​​​​​​​ If...

KB5077473 - Description of the security update for SQL Server 2016 SP3 Azure Connect Feature Pack: March 10, 2026

KB5077473 - Description of the security update for SQL Server 2016 SP3 Azure Connect Feature Pack: March 10, 2026 Summary Improvements and fixes included in this update How to obtain and install the update More information File information Information about protection and security Summary This...

Description of the security update for SharePoint Server 2016: March 10, 2026 (KB5002850)

Description of the security update for SharePoint Server 2016: March 10, 2026 KB5002850 Summary Important: If you're currently running SharePoint Workflow Manager, you must install the SharePoint Workflow Manager KB5002799 to your farm before you install this cumulative update. If you're currentl...

CVE-2026-29778

pyLoad is a free and open-source download manager written in Python. From version 0.5.0b3.dev13 to 0.5.0b3.dev96, the editpackage function implements insufficient sanitization for the packfolder parameter. The current protection relies on a single-pass string replacement of "../", which can be...

Relative Path Traversal

Overview pyload-ng is a The free and open-source Download Manager written in pure Python Affected versions of this package are vulnerable to Relative Path Traversal via the editpackage function when processing the packfolder parameter. An attacker can overwrite arbitrary files on the system by...

CVE-2026-29778

pyLoad is a free and open-source download manager written in Python. From version 0.5.0b3.dev13 to 0.5.0b3.dev96, the editpackage function implements insufficient sanitization for the packfolder parameter. The current protection relies on a single-pass string replacement of "../", which can be...

CVE-2026-29778

pyLoad is a free and open-source download manager written in Python. From version 0.5.0b3.dev13 to 0.5.0b3.dev96, the editpackage function implements insufficient sanitization for the packfolder parameter. The current protection relies on a single-pass string replacement of "../", which can be...

pyLoad 安全漏洞

pyLoad is an open-source download manager written in Python. Versions of pyLoad from 0.5.0b3.dev13 to 0.5.0b3.dev96 contain security vulnerabilities. These vulnerabilities stem from insufficient cleanup of the packfolder parameter in the editpackage function, which may lead to path traversal...

CVE-2026-2899

The Fluent Forms Pro Add On Pack plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 6.1.17. This is due to the deleteFile method in the Uploader class lacking nonce verification and capability checks. The AJAX action is registered via...

Malicious Package

Overview houdinitestpack1 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Deserialization of Untrusted Data

Overview langgraph is a Building stateful, multi-actor applications with LLMs Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the msgpack-encoded checkpoints. An attacker can execute arbitrary code by supplying a crafted msgpack-encoded payload to the...

Deserialization of Untrusted Data

Overview langgraph-checkpoint is a library with base interfaces for LangGraph checkpoint savers. Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the msgpack-encoded checkpoints. An attacker can execute arbitrary code by supplying a crafted msgpack-encoded...

EUVD-2026-9860

LangGraph checkpoint loading has unsafe msgpack deserialization...

EUVD-2026-9793

A Improper Access Control vulnerability in the kernel of SUSE SUSE Linux Enterprise Server 12 SP5 breaks nftables, causing firewall rules applied via nftables to not be effective.This issue affects SUSE Linux Enterprise Server: from 9e6d9d4601768c75fdb0bad3fbbe636e748939c2 before...

WordPress Fluent Forms Pro Add On Pack plugin <= 6.1.17 - Missing Authorization to Unauthenticated Arbitrary Attachment Deletion vulnerability

Missing Authorization to Unauthenticated Arbitrary Attachment Deletion vulnerability discovered by Prickly Cactus in WordPress Plugin Fluent Forms Pro Add On Pack versions = 6.1.17...

UBUNTU-CVE-2026-25702

A Improper Access Control vulnerability in the kernel of SUSE SUSE Linux Enterprise Server 12 SP5 breaks nftables, causing firewall rules applied via nftables to not be effective.This issue affects SUSE Linux Enterprise Server: from 9e6d9d4601768c75fdb0bad3fbbe636e748939c2 before...

CVE-2026-25702

CVE-2026-25702 describes an ImRo pper Access Control issue in the kernel of SUSE Linux Enterprise Server 12 SP5 that breaks nftables, rendering firewall rules applied via nftables ineffective. Affected range: SLES 12 SP5 builds before 9c294edb7085fb91650bc12233495a8974c5ff2d, starting from commit...

CVE-2026-25702 nftables disabled due to incorrect kernel backport

A Improper Access Control vulnerability in the kernel of SUSE SUSE Linux Enterprise Server 12 SP5 breaks nftables, causing firewall rules applied via nftables to not be effective.This issue affects SUSE Linux Enterprise Server: from 9e6d9d4601768c75fdb0bad3fbbe636e748939c2 before...

EUVD-2026-9526

The Fluent Forms Pro Add On Pack plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 6.1.17. This is due to the deleteFile method in the Uploader class lacking nonce verification and capability checks. The AJAX action is registered via...

org.webjars.npm:canvas (>=2.5.0 <=2.6.0), org.webjars.npm:color-thief (=2.2.5) +12 more potentially affected by CVE-2026-29786 via org.webjars.npm:tar (>=0.1.20 <=4.4.19)

org.webjars.npm:tar MAVEN version =0.1.20, =2.5.0, =0.97.5, =0.2.0, =3.4.0, =0.6.19, =2.0.0, =3.1.4, =3.4.1 - org.webjars.npm:tar.gz =1.0.7 Source cves: CVE-2026-29786 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15416076...