CVE-2026-43913 Vaultwarden: Unconfirmed Owner Can Purge Entire Organization Vault

Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.35.5, Vaultwarden allows an unconfirmed organization owner to purge the entire organization vault. The organization invite flow uses a two-step process: accepting an invite transitions membership from Invited to Accepted, an...

CVE-2026-43913 Vaultwarden: Unconfirmed Owner Can Purge Entire Organization Vault

Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.35.5, Vaultwarden allows an unconfirmed organization owner to purge the entire organization vault. The organization invite flow uses a two-step process: accepting an invite transitions membership from Invited to Accepted, an...

MedDream PACS Premium autoPurge reflected cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2253 MedDream PACS Premium autoPurge reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-54817 SUMMARY A reflected cross-site scripting xss vulnerability exists in the autoPurge functionality of MedDream PACS Premium 7.3.6.87...

CVE-2011-1321

The AuthCache purge implementation in the Security component in IBM WebSphere Application Server WAS 6.1.0.x before 6.1.0.37 and 7.x before 7.0.0.15 does not purge a user from the PlatformCredential cache, which might allow remote authenticated users to gain privileges by leveraging a group...