CVE-2026-34397

Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From versions 2.0.0-alpha to before 2.3.9 and 3.0.0-alpha to before 3.1.1, there is a conditional local privilege escalation vulnerability in an edge-case naming collision. Only authenticated himmelblau users whose...

WordPress Global DNS Plugin <= 3.1.0 - Remote Code Execution (RCE) Vulnerability

Remote Code Execution RCE Vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Global DNS versions = 3.1.0...

WordPress Gutenverse plugin <= 3.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Animated Text and Fun Fact Blocks vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Animated Text and Fun Fact Blocks vulnerability discovered by zer0gh0st in WordPress Plugin Gutenverse versions = 3.1.0...

UBUNTU-CVE-2021-29469

Node-redis is a Node.js Redis client. Before version 3.1.1, when a client is in monitoring mode, the regex begin used to detected monitor messages could cause exponential backtracking on some strings. This issue could lead to a denial of service. The issue is patched in version 3.1.1...

CVE-2021-29469

Node-redis (Node.js Redis client) is vulnerable prior to version 3.1.1 due to a regex used to detect monitor messages that can backtrack exponentially, potentially causing a denial of service when a client is in monitoring mode. The issue is fixed in version 3.1.1. Affected context includes IBM a...