Security update for shadowsocks-v2ray-plugin (moderate)

openSUSE Security Update: Security update for shadowsocks-v2ray-plugin Announcement ID: openSUSE-SU-2025:0366-1 Rating: moderate References: 1243954 Cross-References: CVE-2025-297850 Affected Products: openSUSE Backports SLE-15-SP6 An update that fixes one vulnerability is now available...

EulerOS Virtualization 2.13.1 : vim (EulerOS-SA-2026-2392)

According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Vim is an open source, command line text editor. Prior to version 9.2.0202, a command injection vulnerability exists in Vim's glob...

CVE-2026-42653 WordPress SliceWP plugin <= 1.2.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in iova.Mihai SliceWP allows Stored XSS. This issue affects SliceWP: from n/a through 1.2.6...

CVE-2026-39494 WordPress Product Filter by WBW plugin <= 3.1.2 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WBW Plugins Product Filter by WBW allows Blind SQL Injection. This issue affects Product Filter by WBW: from n/a through 3.1.2...

CVE-2026-42647 WordPress JoomSport plugin <= 5.7.7 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Beardev JoomSport allows Blind SQL Injection. This issue affects JoomSport: from n/a through 5.7.7...

CVE-2026-42647 WordPress JoomSport plugin <= 5.7.7 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Beardev JoomSport allows Blind SQL Injection. This issue affects JoomSport: from n/a through 5.7.7...

CVE-2026-49060

The CVE-2026-49060 entry concerns the WordPress plugin Hippoo Mobile App for WooCommerce. Affected: Hippoo Mobile App for WooCommerce plugin versions up to 1.9.4. Issue: Incorrect Privilege Assignment leading to Privilege Escalation. Impact: high risk across confidentiality, integrity, and availa...

CVE-2026-49060 WordPress Hippoo Mobile App for WooCommerce plugin <= 1.9.4 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in Hippoo Mobile App for WooCommerce allows Privilege Escalation. This issue affects Hippoo Mobile App for WooCommerce: from n/a through 1.9.4...

CVE-2026-49060 WordPress Hippoo Mobile App for WooCommerce plugin <= 1.9.4 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in Hippoo Mobile App for WooCommerce allows Privilege Escalation. This issue affects Hippoo Mobile App for WooCommerce: from n/a through 1.9.4...

EUVD-2026-34901

AWS Advanced Go Wrapper has Privilege Escalation in Aurora PostgreSQL instance...

CVE-2026-53810

OpenClaw is affected by a code execution vulnerability present before version 2026.5.18. The issue arises from marketplace runtime extension metadata that can redirect loading to unscanned package payloads. Attackers with trusted operator access can manipulate extension metadata to load plugin co...

CVE-2026-47162

Vim is an open source, command line text editor. Prior to version 9.2.0495, a Vimscript code injection vulnerability exists in s:NetrwBookHistSave in the netrw plugin runtime/pack/dist/opt/netrw/autoload/netrw.vim when serializing browsed directory paths to the history file /.vim/.netrwhist. A...

CVE-2026-47167

Vim is an open source, command line text editor. Prior to version 9.2.0496, a code injection vulnerability exists in s:stepmatch in the cucumber filetype plugin runtime/ftplugin/cucumber.vim on Vim builds with +ruby support. Step-definition patterns read from .rb files under the repository's...

UBUNTU-CVE-2026-47167

Vim is an open source, command line text editor. Prior to version 9.2.0496, a code injection vulnerability exists in s:stepmatch in the cucumber filetype plugin runtime/ftplugin/cucumber.vim on Vim builds with +ruby support. Step-definition patterns read from .rb files under the repository's...

UBUNTU-CVE-2026-47162

Vim is an open source, command line text editor. Prior to version 9.2.0495, a Vimscript code injection vulnerability exists in s:NetrwBookHistSave in the netrw plugin runtime/pack/dist/opt/netrw/autoload/netrw.vim when serializing browsed directory paths to the history file /.vim/.netrwhist. A...

CVE-2026-47162 Vim: Vimscript Code Injection in netrw NetrwBookHistSave() via crafted directory name

Vim is an open source, command line text editor. Prior to version 9.2.0495, a Vimscript code injection vulnerability exists in s:NetrwBookHistSave in the netrw plugin runtime/pack/dist/opt/netrw/autoload/netrw.vim when serializing browsed directory paths to the history file /.vim/.netrwhist. A...

EUVD-2026-36280

Vim is an open source, command line text editor. Prior to version 9.2.0496, a code injection vulnerability exists in s:stepmatch in the cucumber filetype plugin runtime/ftplugin/cucumber.vim on Vim builds with +ruby support. Step-definition patterns read from .rb files under the repository's...

CVE-2026-47167 Vim: Vimscript Code Injection in cucumber filetype plugin via crafted step-definition regex

Vim is an open source, command line text editor. Prior to version 9.2.0496, a code injection vulnerability exists in s:stepmatch in the cucumber filetype plugin runtime/ftplugin/cucumber.vim on Vim builds with +ruby support. Step-definition patterns read from .rb files under the repository's...

CVE-2026-47167

Vim has a code injection vulnerability in the cucumber filetype plugin (runtime/ftplugin/cucumber.vim) affecting builds with +ruby support prior to version 9.2.0496. A crafted step-definition regex pulled from .rb files under features// or stories/ / directories is embedded into a Ruby Kernel.eva...

CVE-2026-47167 Vim: Vimscript Code Injection in cucumber filetype plugin via crafted step-definition regex

Vim is an open source, command line text editor. Prior to version 9.2.0496, a code injection vulnerability exists in s:stepmatch in the cucumber filetype plugin runtime/ftplugin/cucumber.vim on Vim builds with +ruby support. Step-definition patterns read from .rb files under the repository's...