CVE-2026-56256

CVE-2026-56256 affects Capgo prior to 12.128.2, where 2FA is enforced only at the UI level. The backend ORG management API endpoints (e.g., editing organization details, inviting users) do not require 2FA, allowing an authenticated admin without 2FA to replay/modify a captured ORG API request to ...

EUVD-2026-38738

Capgo before 12.128.2 contains a broken object level authorization BOLA vulnerability in the POST /build/start/:jobId and POST /build/cancel/:jobId endpoints. The handlers authorize the request based only on the attacker-controlled appid supplied in the request body and never verify that the jobI...

CVE-2026-9539

An out-of-bounds heap read and integer underflow in the TCP urgent data handling sosendoob in freedesktop.org libslirp version before v4.9.2 on hypervisor host environments e.g., QEMU allows a privileged guest VM attacker root or CAPNETRAW to leak gigabytes of sensitive host-process heap memory v...

CVE-2026-9539

CVE-2026-9539 affects freedesktop.org libslirp (prior to v4.9.2) used on hypervisor host environments (e.g., QEMU). A vulnerability in the TCP urgent data handling (sosendoob) can cause an out-of-bounds heap read and integer underflow, enabling a privileged guest VM attacker (root or CAP_NET_RAW)...

EUVD-2026-38654

An out-of-bounds heap read and integer underflow in the TCP urgent data handling sosendoob in freedesktop.org libslirp version before v4.9.2 on hypervisor host environments e.g., QEMU allows a privileged guest VM attacker root or CAPNETRAW to leak gigabytes of sensitive host-process heap memory v...

W&B Weave Server - Remote Arbitrary File Leak

The Weave server API allows remote users to fetch files from a specific directory, but due to a lack of input validation, it is possible to traverse and leak arbitrary files remotely. In various common scenarios, this allows a low-privileged user to assume the role of the server admin. id:...

CVE-2026-12163

Fortra File Integrity Monitoring FIM, formerly Tripwire Enterprise, versions prior to 9.4.0.1 contain a stored cross-site scripting XSS vulnerability in the Asset View UI component. An authenticated user with sufficient privileges to create or modify affected node or database configuration fields...

CVE-2026-12163 Stored XSS in Fortra File Integrity Monitoring (FIM)

Fortra File Integrity Monitoring FIM, formerly Tripwire Enterprise, versions prior to 9.4.0.1 contain a stored cross-site scripting XSS vulnerability in the Asset View UI component. An authenticated user with sufficient privileges to create or modify affected node or database configuration fields...

CVE-2026-56815

pwnlift before d7a9544, in a privileged deployment, contains a symlink following vulnerability in the upload handler in Components/Pages/Home.razor...

CVE-2026-27604 FOSSBilling: Improper API Role Validation (system) Enables Unauthenticated Access to Privileged Admin Functions

FOSSBilling is a free, open-source billing and client management system. Starting in version 0.5.4 and prior to version 0.8.0, an authorization bypass in the API role handling allows unauthenticated access to privileged /api/system/ endpoints. Because system resolves to the cron admin identity,...

CVE-2026-56815

pwnlift before d7a9544, in a privileged deployment, contains a symlink following vulnerability in the upload handler in Components/Pages/Home.razor...

CVE-2026-56815

The CVE-2026-56815 entry concerns the pwnlift project, specifically a symlink following vulnerability in the upload handler located at Components/Pages/Home.razor, exploitable in a privileged deployment. Root cause is described as a symlink following issue within the upload handler. The CVSS 3.1 ...

EUVD-2026-38422

An high privileged remote attacker can access a hidden configuration method, that should not be accessible by any user, to modify critical program parameters. This can result in a total loss of confidentiality, integrity and availability...

PT-2026-51524

Name of the Vulnerable Software and Affected Versions pwnlift versions prior to d7a9544 Description In a privileged deployment, the upload handler in 'Components/Pages/Home.razor' contains a symlink following issue. This occurs when the application follows symbolic links files that point to anoth...

CVE-2026-44272

Dell Wyse Management Suite WMS, versions prior to WMS 2605, contain an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access...

CVE-2026-44273

Dell Wyse Management Suite WMS, versions prior to WMS 2605, contain a Use of Default Credentials vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information Disclosure...

CVE-2026-44273

Dell Wyse Management Suite WMS, versions prior to WMS 2605, contain a Use of Default Credentials vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information Disclosure...

CVE-2026-41049

Incorrect caching of authentication between different users of the qSnapper dbus service before version 1.3.3 allowed any local attacker to use dbus functions after a privileged users has authenticated for them...

EUVD-2026-38275

Incorrect caching of authentication between different users of the qSnapper dbus service before version 1.3.3 allowed any local attacker to use dbus functions after a privileged users has authenticated for them...

CVE-2026-41049 Caching of Authentication allows Authentication Bypass between users in qSnapper

Incorrect caching of authentication between different users of the qSnapper dbus service before version 1.3.3 allowed any local attacker to use dbus functions after a privileged users has authenticated for them...