CVE-2026-45289

CloudburstMC Protocol is a protocol library for Minecraft Bedrock Edition. Prior to version 3.0.0.Beta12-20260420.182526-15, CloudburstMC Protocol is partially missing validation for FULL type authentication tokens Cloudburst/Protocol. This vulnerability impacts publicly accessible software...

CVE-2026-8326 Remote Spark SparkView Path Traversal in RDP Drive Redirection leading to RCE

Path traversal vulnerability in Remote Spark https://www.Remotespark.Com/ SparkView allows reading and writing arbitrary files in all directories as root. This leads to RCE. The affected component is the RDP drive redirection. Depending on implementation, the vulnerability can be exploited by an...

CVE-2026-43898

SandboxJS is a JavaScript sandboxing library. Prior to 0.9.6, sandbox-defined functions expose Function.caller, allowing sandboxed code to recover the internal LispType.Call runtime callback. That callback can then be invoked with attacker-controlled fake context and obj values to extract blocked...

CVE-2026-35676

CVE-2026-35676 affects phpMyFAQ before 4.1.3. An unauthenticated password-reset flow allows changing a user’s password via the PUT /api/index.php/user/password/update endpoint without token validation. Attackers can enumerate valid username/email pairs and force immediate password changes, potent...

CVE-2026-44460

FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operations. Prior to 3.12.0, /api/totpsetup.php is callable from a session that has only passed the password check state pendingloginuser. When the target account already has TOTP configured, the endpoint...

Synology Safe Access 跨站脚本漏洞

Synology Safe Access is a network access control and parental monitoring system developed by Synology, a Chinese company. Versions of Synology Safe Access prior to 1.3.1-0329 contained a cross-site scripting vulnerability. This vulnerability stemmed from the cross-site scripting feature in the...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a resource management vulnerability. This vulnerability stemmed from the reuse of resources after they were released in the network, which could allow remote attackers to execute...

CVE-2026-44443

Lumiverse is a full-featured AI chat application. Prior to 0.9.7, consumeNonce only checks that the module-level variable is set and unexpired. It does not validate any value from the incoming HTTP request or bind the nonce to the admin's session. If the admin's auth.api.signUpEmail call fails...

Avantra 安全漏洞

Avantra is a SAP software developed by the Avantra company. Versions of Avantra prior to 25.3.0 contained security vulnerabilities. These vulnerabilities stemmed from the use of default passwords, which could allow attempts using common or default usernames and passwords...

CVE-2026-48238 Open ISES Tickets < 3.44.2 SQL Injection via ajax/mobile_main.php id Parameter

Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/mobilemain.php where the id GET parameter is concatenated into the WHERE clause of a SELECT statement used as a ticket-existence sanity check without sanitization. Authenticated attackers can craft requests that alter...

PT-2026-42187

Incorrect default permissions vulnerability in Progress Software MOVEit Automation allows Retrieve Embedded Sensitive Data. This issue affects MOVEit Automation: before 2025.0.11, from 2025.1.0 before 2025.1.7...

Summarize 代码问题漏洞

Summarize is a multi-source rapid summarization tool developed by Peter Steinberger. Versions of Summarize prior to 0.15.1 have code vulnerabilities. These vulnerabilities stem from issues with the hover summary feature, which may allow malicious pages to assign synthetic mouse hover events on...

CVE-2026-45315

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.3, the audio transcription upload endpoint takes the file extension from the user-supplied filename and saves the file under CACHEDIR/audio/transcriptions/.. The /cache/path route serve...

CVE-2026-44714 bitcoinj: ScriptExecution P2PKH/P2WPKH Verification Bypass

The bitcoinj library is a Java implementation of the Bitcoin protocol. Prior to 0.17.1, ScriptExecution.correctlySpends contains two fast-path verification bugs for standard P2PKH and native P2WPKH spends in core/src/main/java/org/bitcoinj/script/ScriptExecution.java. In both branches, bitcoinj...

Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI that is open source. Versions of Open WebUI prior to 0.9.0 contained security vulnerabilities. These vulnerabilities stemmed from the /api/generate, /api/embed, /api/embeddings, and /api/show endpoints, which accepted...

Open WebUI 代码问题漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Versions of Open WebUI prior to 0.9.5 had code vulnerabilities. These vulnerabilities stemmed from the validateurl function, which only verified the initial URL without verifying the redirection...

Fleet 安全漏洞

Fleet is an open-source device management platform developed by Fleet Device Management. It supports various operating systems and devices, and helps IT and security teams with device management, vulnerability reporting, MDM operations, etc. Versions of Fleet prior to 4.80.1 contained security...

Northern.tech CFEngine 安全漏洞

Northern.tech CFEngine is an IT infrastructure configuration management and automation framework developed by Northern.tech. There are security vulnerabilities in versions of Northern.tech CFEngine Enterprise and Community prior to 3.21.8, 3.24.3, and 3.27.0. These vulnerabilities stem from...

CVE-2026-42580

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Netty's chunk size parser silently overflows int, enabling request smuggling attacks. This vulnerability is fixed in 4.2.13.Final and 4.1.133.Final...

NPM: sealed-env: TOTP secret embedded in unseal token payload (enterprise mode)

NPM: sealed-env: TOTP secret embedded in unseal token payload enterprise mode vulnerability discovered by ? in WordPress Npm sealed-env versions 0.1.0-alpha.4...