GHSA-6MQ3-XMGP-PJM5 ZITADEL's truncated opaque tokens are still valid

Summary Opaque OIDC access tokens in v2 format, truncated to 80 characters are still considered valid. ZITADEL uses a symmetric AES encryption for opaque tokens. The cleartext payload is a concatenation of a couple of identifiers, such as a token ID and user ID. Internally Zitadel has 2 different...

CVE-2026-3282

A flaw has been found in libvips 8.19.0. This vulnerability affects the function vipsunpremultiplybuild of the file libvips/conversion/unpremultiply.c. Executing a manipulation of the argument alphaband can lead to out-of-bounds read. The attack needs to be launched locally. The exploit has been...

CVE-2026-27838 wger: IDOR via user-unscoped cache keys on routine API actions exposes workout data

wger is a free, open-source workout and fitness manager. Five routine detail action endpoints check a cache before calling self.getobject. In versions up to and including 2.4, ache keys are scoped only by pk — no user ID is included. When a victim has previously accessed their routine via the API...

CVE-2026-25741 Zulip Vulnerable to Modification of Payment Method (Stripe Default Card) by Non-Billing Users

Zulip is an open-source team collaboration tool. Prior to commit bf28c82dc9b1f630fa8e9106358771b20a0040f7, the API endpoint for creating a card update session during an upgrade flow was accessible to users with only organization member privileges. When the associated Stripe Checkout session is...

CVE-2026-25983

CVE-2026-25983 affects ImageMagick prior to 7.1.2-15 and 6.9.13-40. A crafted MSL script can trigger a heap-use-after-free in the MSLStartElement handling (coders/msl.c), where the operation element handler replaces and frees the image while parsing continues, causing a UAF in ReadBlobString. The...

CVE-2026-25971

CVE-2026-25971 affects ImageMagick’s Magick component, specifically the ProcessMSLScript path where circular references between two MSLs could trigger a stack overflow. Affected versions are before 7.1.2-15 and 6.9.13-40; the cited patches are included in those released versions. The vulnerabilit...

DEBIAN-CVE-2026-25795

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, in ReadSFWImage coders/sfw.c, when temporary file creation fails, readinfo is destroyed before its filename member is accessed, causing a NULL pointer dereferen...

EUVD-2026-7445

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the ps coders, responsible for writing PostScript files, fails to sanitize the input before writing it into the PostScript header. An attacker can provide a...

EUVD-2026-7456

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, when a PCD file does not contain a valid Sync marker, the DecodeImage function becomes trapped in an infinite loop while searching for the Sync marker, causing...

PT-2026-21631

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-15 ImageMagick versions prior to 6.9.13-40 Description ImageMagick is software used for editing and manipulating digital images. A flaw exists where the software does not properly check for circular referenc...

PT-2026-21599

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, memory leak exists in coders/msl.c. In the WriteMSLImage function of the msl.c file, resources are allocated. But the function returns early without releasing...

CVE-2026-27469 Isso: Stored XSS via comment website field

Isso is a lightweight commenting server written in Python and JavaScript. In commits before 0afbfe0691ee237963e8fb0b2ee01c9e55ca2144, there is a stored Cross-Site Scripting XSS vulnerability affecting the website and author comment fields. The website field was HTML-escaped using quote=False, whi...

CVE-2026-2274

A SSRF and Arbitrary File Read vulnerability in AppSheet Core in Google AppSheet prior to 2025-11-23 allows an authenticated remote attacker to read sensitive local files and access internal network resources via crafted requests to the production cluster. This vulnerability was patched and no...

CLSA-2026-1771597308 Fix CVE(s): CVE-2025-15366

SECURITY UPDATE: defect in imaplib module, when passed a user-controlled command, commands can be injected using newlines - debian/patches/CVE-2025-15366.patch: Fix command injection by rejecting commands containing control characters - CVE-2025-15366...

SUSE CVE-2026-2240

A vulnerability has been found in janet-lang janet up to 1.40.1. The impacted element is the function janetcpopfuncdef of the file src/core/compile.c. Such manipulation leads to out-of-bounds read. The attack must be carried out locally. The exploit has been disclosed to the public and may be use...

CVE-2026-25049

n8n is an open source workflow automation platform. Prior to versions 1.123.17 and 2.5.2, an authenticated user with permission to create or modify workflows could abuse crafted expressions in workflow parameters to trigger unintended system command execution on the host running n8n. This issue h...

CVE-2026-25117

pwn.college DOJO is an education platform for learning cybersecurity. Prior to commit e33da14449a5abcff507e554f66e2141d6683b0a, missing sandboxing on /workspace/ routes allows challenge authors to inject arbitrary javascript which runs on the same origin as http://dojo.website. This is a sandbox...

CVE-2026-25117 pwn.college DOJO vulnerable to sandbox escape leading to arbitrary javascript execution

pwn.college DOJO is an education platform for learning cybersecurity. Prior to commit e33da14449a5abcff507e554f66e2141d6683b0a, missing sandboxing on /workspace/ routes allows challenge authors to inject arbitrary javascript which runs on the same origin as http://dojo.website. This is a sandbox...

ROOT-OS-DEBIAN-11-CVE-2022-25942 CVE-2022-25942 in rootio-hdf5 - Patched by Root

Root has patched CVE-2022-25942 in the rootio-hdf5 package for Root:Debian:11. Multiple fixed versions available...

CVE-2026-22261

Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, various inefficiencies in xff handling, especially for alerts not triggered in a tx, can lead to severe slowdowns. Versions 8.0.3 and 7.0.14 contain a patch. As a workaround, disable XFF support in the eve...