CVE-2026-27935 Discourse leaks private topic metadata to non-authorized users

Discourse is an open-source discussion platform. Versions prior to 2026.3.0-latest.1, 2026.2.1, and 2026.1.2 have a vulnerability in an API endpoint that discloses private topic metadata of admin users to moderator users even if the moderators do not have access to the private topics. Versions...

Photon OS 4.0: Binutils PHSA-2026-4.0-0981

An update of the binutils package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-4.0-0981. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

free5GC UDM incorrectly returns 500 for empty supi path parameter in DELETE sdm-subscriptions request

Impact This is an Improper Error Handling vulnerability with Information Exposure implications. - Security Impact: The UDM incorrectly converts a downstream 400 Bad Request from UDR into a 500 Internal Server Error when handling DELETE requests with an empty supi path parameter. This leaks intern...

PT-2026-26186

Impact This is a NULL Pointer Dereference vulnerability leading to Denial of Service. - Security Impact: A remote attacker can cause the UDM service to panic and crash by sending a crafted POST request to the /sdm-subscriptions endpoint with a malformed URL path containing path traversal sequence...

EUVD-2026-12498

Chamilo LMS is a learning management system. Prior to version 1.11.36, Chamilo is vulnerable to user enumeration with valid/invalid username. This issue has been patched in version 1.11.36...

SQL Injection Vulnerability in Ally WordPress Plugin Exposes 200K+ Sites

SQL injection flaw in Ally WordPress plugin exposes 200,000+ sites to data theft. Patch released, but most installations remain unpatched and vulnerable...

PT-2026-24411

Name of the Vulnerable Software and Affected Versions Aruba AOS-CX affected versions not specified Description A critical authentication bypass flaw exists in Aruba AOS-CX switches. This flaw allows an unauthenticated remote attacker to reset administrator passwords through the web management...

CVE-2026-30228

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.5 and 9.5.0-alpha.3, the readOnlyMasterKey can be used to create and delete files via the Files API POST /files/:filename, DELETE /files/:filename. This bypasses the...

CVE-2026-28508

CVE-2026-28508 affects Idno: prior to 1.6.4, a logic error in the API authentication flow and missing login requirement on the URL unfurl endpoint results in CSRF protection bypass for unauthenticated requests. An attacker can set X-IDNO-USERNAME and X-IDNO-SIGNATURE headers to trigger is_api_req...

CVE-2026-3616

A vulnerability was detected in DefaultFuction Jeson Customer Relationship Management System 1.0.0. Impacted is an unknown function of the file /modules/customers/edit.php. Performing a manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The exploit is...

CVE-2026-28501 WWBN AVideo: Unauthenticated SQL Injection via JSON Request Bypass in objects/videos.json.php

WWBN AVideo is an open source video platform. Prior to version 24.0, an unauthenticated SQL Injection vulnerability exists in AVideo within the objects/videos.json.php and objects/video.php components. The application fails to properly sanitize the catName parameter when it is supplied via a...

EUVD-2026-9883

Frappe is a full-stack web application framework. Prior to versions 14.100.1 and 15.100.0, an endpoint was vulnerable to SQL injection through specially crafted requests, which would allow a malicious actor to extract sensitive information. This issue has been patched in versions 14.100.1 and...

EUVD-2026-9855

Gogs: DOM-based XSS via milestone selection...

CVE-2026-28410

The Graph (pre-3.0.0) had a flaw in token vesting contracts that could allow users to access tokens still locked by the vesting schedule. The issue is resolved in version 3.0.0. The CVSS metrics indicate NETWORK access with low complexity and no user interaction, resulting in a medium base score....

CVE-2026-25048

CVE-2026-25048 affects xgrammar prior to v0.1.32, where a multi-level nested syntax causes a segmentation fault (core dumped). The issue is fixed in v0.1.32. According to the provided metrics, the exposure is high impact to availability, with no impact on confidentiality or integrity. No exploit ...

CVE-2025-50192 Chamilo: Time-based SQL Injection in /main/webservices/registration.soap.php

Chamilo is a learning management system. Prior to version 1.11.30, there is a time-based SQL Injection in found in /main/webservices/registration.soap.php. This issue has been patched in version 1.11.30...

CVE-2026-20427

The CVE-2026-20427 entry describes a local privilege escalation in a display component due to a missing bounds check. If an attacker already has System privileges, they could escalate without user interaction. The available remediation is patch ALPS10320471 (MSV-5537). Details do not specify affe...

PT-2026-22590

Name of the Vulnerable Software and Affected Versions Chamilo versions prior to 1.11.30 Description Chamilo is a learning management system. A Stored Cross-Site Scripting XSS issue exists within the glossary function. Users with the Teachers role can inject JavaScript malicious code, potentially...

CVE-2026-25741

Zulip is an open-source team collaboration tool. Prior to commit bf28c82dc9b1f630fa8e9106358771b20a0040f7, the API endpoint for creating a card update session during an upgrade flow was accessible to users with only organization member privileges. When the associated Stripe Checkout session is...

CVE-2026-2244

A vulnerability in Google Cloud Vertex AI Workbench from 7/21/2025 to 01/30/2026 allows an attacker to exfiltrate valid Google Cloud access tokens of other users via abuse of a built-in startup script. All instances after January 30th, 2026 have been patched to protect from this vulnerability. No...