5 matches found
CVE-2026-29072
Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, users who do not belong to the allowed policy creation groups can create functional policy acceptance widgets in posts under the right conditions. Versions 2026.3.0-latest.1, 2026.2.1, an...
EUVD-2026-13245
Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, users who do not belong to the allowed policy creation groups can create functional policy acceptance widgets in posts under the right conditions. Versions 2026.3.0-latest.1, 2026.2.1, an...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization via the deprecated host-callback APIs kubernetes/ingresses, kubernetes/namespaces, and kubernetes/services. An attacker can gain unauthorized read access to Ingresses, Namespaces, and Services resources across al...
China-Linked APT41 Hackers Target U.S. Trade Officials Amid 2025 Negotiations
The House Select Committee on China has formally issued an advisory warning of an "ongoing" series of highly targeted cyber espionage campaigns linked to the People's Republic of China PRC amid contentious U.S.–China trade talks. "These campaigns seek to compromise organizations and individuals...
Apple’s Photo-Scanning Plan Sparks Outcry From Policy Groups
Civil rights activists say creating a system to scan for images of sexual abuse could threaten free speech and actually harm some children...