CVE-2026-42367 GeoVision LPC2011/LPC2211 Web Interface / ssi.cgi privilege escalation vulnerability via leak of Administrator credentials

A privilege escalation vulnerability exists in the Web Interface / ssi.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted HTTP request can lead to credentials leak. An attacker can visit a webpage to trigger this vulnerability...

PT-2026-36758

Name of the Vulnerable Software and Affected Versions pixelsock directus-mcp version 1.0.0 Description A flaw in the MCP Interface component allows for server-side request forgery SSRF, a condition where an attacker can induce the server to make requests to an unintended location. This occurs...

PT-2026-36918

Name of the Vulnerable Software and Affected Versions WDR201A WiFi Extender HW V2.1, FW LFMZX28040922V1.02 Description A stack-based buffer overflow exists in the 'firewall.cgi' and 'makeRequest.cgi' binaries. Unauthenticated attackers can overwrite the saved return address by sending a POST...

TOTOLINK WA300 缓冲区错误漏洞

TOTOLINK WA300 is a wireless access point produced by TOTOLINK, a Chinese company. The TOTOLINK WA300 5.2cu.7112B20190227 version contains a buffer overflow vulnerability. This vulnerability stems from the function UploadCustomModule in the POST Request Handler component’s file...

PT-2026-36745

Name of the Vulnerable Software and Affected Versions Totolink WA300 version 5.2cu.7112 B20190227 Description A buffer overflow can be triggered remotely via the POST Request Handler component. The issue exists within the UploadCustomModule function of the '/cgi-bin/cstecgi.cgi' endpoint when the...

PT-2026-37357

Before sq-git checks if a commit can be authenticated, it first looks for hard revocations. Because parsing a policy is expensive and a project's policy rarely changes, sq-git has an optimization to only check a policy if it hasn't checked it before. It does this by maintaining a set of policies...

TOTOLINK N300RH 缓冲区错误漏洞

TOTOLINK N300RH is a long-range wireless router produced by TOTOLINK Corporation. The version TOTOLINK N300RH 3.2.4-B20220812 contains a buffer overflow vulnerability. This vulnerability stems from an operation on the parameterFileName in the setUpgradeFW function of the POST Request Handler...

PT-2026-36735

Name of the Vulnerable Software and Affected Versions GeoVision LPC2011/LPC2211 version 1.10 Description A privilege escalation issue exists in the Web Interface functionality, specifically within the 'ssi.cgi' endpoint. A specially crafted HTTP request can lead to the leak of Administrator...

Apache OpenNLP 代码问题漏洞

Apache OpenNLP is a natural language processing toolkit developed by the Apache Foundation. Versions of Apache OpenNLP prior to 2.5.9 and 3.0.0-M3 contained code vulnerabilities. These vulnerabilities stemmed from the lack of enabling FEATURESECUREPROCESSING or disabling DTD processing during the...

PT-2026-36886

Name of the Vulnerable Software and Affected Versions PlantUML Macro versions prior to 2.4.1 Description PlantUML Macro, used for rendering UML diagrams from textual schemes, contains a Server-Side Request Forgery SSRF flaw. The application fails to validate the URL provided through the server...

PT-2026-36741

Name of the Vulnerable Software and Affected Versions GeoVision GV-VMS V20 version 20.0.2 Description A stack overflow exists in the WebCam Server Login functionality. An unauthenticated attacker can send a specially crafted HTTP request to trigger the issue, potentially leading to arbitrary code...

Directus MCP Server 代码问题漏洞

The Directus MCP Server is a model context protocol server developed by pixelsock’s individual developers, which connects AI with content management systems. Version 1.0.0 of the Directus MCP Server contains code vulnerabilities. These vulnerabilities stem from the function validateUrl in the MCP...

Yeapook WDR201A WiFi Extender 安全漏洞

The Yeapook WDR201A WiFi Extender is a wireless signal extension device produced by the Yeapook company. The Yeapook WDR201A WiFi Extender in the HW V2.1 version and FW LFMZX28040922V1.02 version contain security vulnerabilities. These vulnerabilities stem from stack-based buffer overflows in the...

VulnCheck KEV: CVE-2025-15403

The RegistrationMagic plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 6.0.7.1. This is due to the 'addmenu' function is accessible via the 'rmuserexists' AJAX action and allows arbitrary updates to the 'adminorder' setting. This makes it possible f...

PT-2026-37106

Name of the Vulnerable Software and Affected Versions Gotenberg versions prior to 8.31.0 Description Gotenberg fails to properly validate metadata tags passed to ExifTool, a tool used for reading and writing image, audio, and video metadata. While the software blocks specific tags like FileName a...

Linux Distros Unpatched Vulnerability : CVE-2026-39087

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ntfy before 2.22.0 allows SSRF because of an unanchored regular expression. CVE-2026-39087 Note that Nessus relies on the presence of the package as reported by...

RHCOS 4 : OpenShift Container Platform 4.16.44 (RHSA-2025:10782)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:10782 advisory. - net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 Note that Nessus has not tested for this...

PT-2026-36736

Name of the Vulnerable Software and Affected Versions GeoVision LPC2011/LPC2211 version 1.10 Description A privilege escalation issue exists in the Web Interface functionality. A specially crafted HTTP request allows an attacker to execute privileged operations by visiting a specific webpage...

RHCOS 4 : OpenShift Container Platform 4.18.20 (RHSA-2025:10768)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:10768 advisory. - net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 Note that Nessus has not tested for this...

RHCOS 4 : OpenShift Container Platform 4.19.3 (RHSA-2025:10291)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:10291 advisory. - net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 Note that Nessus has not tested for this...