BIT-MONGODB-2026-4148 ExpressionContext use-after-free in classic engine $lookup and $graphLookup aggregation operators

A use-after-free vulnerability can be triggered in sharded clusters by an authenticated user with the read role who issues a specially crafted $lookup or $graphLookup aggregation pipeline...

PT-2026-32437

A use-after-free vulnerability can be triggered in sharded clusters by an authenticated user with the read role who issues a specially crafted $lookup or $graphLookup aggregation pipeline...

CVE-2026-4148

A use-after-free vulnerability can be triggered in sharded clusters by an authenticated user with the read role who issues a specially crafted $lookup or $graphLookup aggregation pipeline...

CVE-2026-4147

An authenticated user with the read role may read limited amounts of uninitialized stack memory via specially-crafted issuances of the filemd5 command...

EUVD-2026-12586

An authenticated user with the read role may read limited amounts of uninitialized stack memory via specially-crafted issuances of the filemd5 command...

EUVD-2026-12587

A use-after-free vulnerability can be triggered in sharded clusters by an authenticated user with the read role who issues a specially crafted $lookup or $graphLookup aggregation pipeline...

CVE-2026-4147

An authenticated user with the read role may read limited amounts of uninitialized stack memory via specially-crafted issuances of the filemd5 command...

CVE-2026-4148

A use-after-free vulnerability can be triggered in sharded clusters by an authenticated user with the read role who issues a specially crafted $lookup or $graphLookup aggregation pipeline...

CVE-2026-4147

An authenticated user with the read role may read limited amounts of uninitialized stack memory via specially-crafted issuances of the filemd5 command...

UBUNTU-CVE-2026-4148

A use-after-free vulnerability can be triggered in sharded clusters by an authenticated user with the read role who issues a specially crafted $lookup or $graphLookup aggregation pipeline...

CVE-2026-4148

A use-after-free vulnerability can be triggered in sharded clusters by an authenticated user with the read role who issues a specially crafted $lookup or $graphLookup aggregation pipeline...

CVE-2026-4147

An authenticated user with the read role may read limited amounts of uninitialized stack memory via specially-crafted issuances of the filemd5 command...

CVE-2026-4147 Stack memory disclosure in filemd5 command

An authenticated user with the read role may read limited amounts of uninitialized stack memory via specially-crafted issuances of the filemd5 command...

CVE-2026-4147 Stack memory disclosure in filemd5 command

An authenticated user with the read role may read limited amounts of uninitialized stack memory via specially-crafted issuances of the filemd5 command...

CVE-2026-4147

The CVE-2026-4147 entry describes an issue where an authenticated user with the read role can read limited amounts of uninitialized stack memory through specially crafted issuances of the filemd5 command. Root cause: exposure of uninitialized stack memory during filemd5 handling. Impact: potentia...

PT-2026-25906

Name of the Vulnerable Software and Affected Versions versions prior to 2026-4147 Description An authenticated user with the read role may read limited amounts of uninitialized stack memory via specially-crafted issuances of the filemd5 command. This can occur through invocations of the filemd5...

Wordpress Photo Gallery 1.2.5 Unrestricted File Upload Vulnerability

Exploit for php platform in category web applications Exploit Title: Photo Gallery 1.2.5 Unrestricted File Upload Date: 11-11-2014 Software Link: https://wordpress.org/plugins/photo-gallery/ Exploit Author: Kacper Szurek Contact: http://twitter.com/KacperSzurek Website: http://security.szurek.pl/...