PT-2026-46990

Summary A connected peer can send a compressed RequestDataType HashArrayType direct request that is only 442 bytes on the wire but expands into 200000 decoded hash entries inside the resolver path. On klever-go v1.7.17, this allows remote memory and CPU amplification against nodes that accept P2P...

PT-2026-47075

Name of the Vulnerable Software and Affected Versions LatePoint – Calendar Booking Plugin for Appointments and Events versions prior to 5.6.1 Description The plugin is affected by Cross-Site Request Forgery, a flaw where an attacker tricks a victim into performing actions they did not intend to...

Linqi 安全漏洞

Linqi is an English speaking practice platform developed by the German company Linqi. Linqi has a security vulnerability, which stems from a server-side request forgeing vulnerability in the custom process creation function. This vulnerability allows authenticated attackers to detect internal...

Altium 365和Altium Enterprise Server 安全漏洞

Altium 365 and Altium Enterprise Server are both products of the American company Altium. Altium 365 is a product design and development platform. Altium Enterprise Server is a localized data management server. Both Altium 365 and Altium Enterprise Server have security vulnerabilities. These...

CVE-2026-10586

The Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 6.1.3 via the saveaigeneratedimage function. This makes it possible for authenticated attackers, with Author-level...

CVE-2024-27892

Affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected. This can result in unexpected configuration being applied to the switch...

CVE-2024-27890

Affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected. This can result in unexpected configuration being applied to the switch...

CVE-2026-11179

Inappropriate implementation in ORB in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...

CVE-2024-27892 On affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected (SSL Profiles Enabled).

Affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected. This can result in unexpected configuration being applied to the switch...

CVE-2024-27892

Arista CVE-2024-27892 affects Arista EOS platforms running OpenConfig, where a gNMI Set request can be allowed when it should be rejected, enabling unexpected configuration changes. Impact is elevated integrity/availability risk under network attack vectors; OpenConfig must be enabled with SSL pr...

CVE-2024-27890 On affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected (No SSL Profiles Enabled).

Affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected. This can result in unexpected configuration being applied to the switch...

xorg: xwayland: X.Org X server: Information disclosure or Denial of Service via out-of-bounds read in XKB modifier map handling

A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB X Keyboard Extension modifier map handling. An attacker with access to the X11 server can exploit this by sending a malformed request, which causes the server to read beyond its intended memory...

CVE-2026-41249

CoreShop is a Pimcore enhanced eCommerce solution. In versions 5.0.1 through 5.1.0-beta.1,, the GitHub Actions workflow .github/workflows/static.yml uses the pullrequesttarget trigger but dangerously checks out the unverified code from the pull request head ref: $ github.event.pullrequest.head.re...

Shopware: SSRF in Media External-Link Endpoint Bypasses IP Validation

Summary The /api/action/media/external-link endpoint allows authenticated admin users to make server-side HTTP HEAD requests to arbitrary internal IP addresses. While the parallel uploadFromURL flow validates target IPs against private/reserved ranges via FileUrlValidator, the linkURL flow only...

EUVD-2026-34318

CoreShop is a Pimcore enhanced eCommerce solution. In versions 5.0.1 through 5.1.0-beta.1,, the GitHub Actions workflow .github/workflows/static.yml uses the pullrequesttarget trigger but dangerously checks out the unverified code from the pull request head ref: $ github.event.pullrequest.head.re...

CVE-2026-41249 CoreShop Vulnerable to Remote Code Execution (RCE) via Insecure `pull_request_target` Configuration

CoreShop is a Pimcore enhanced eCommerce solution. In versions 5.0.1 through 5.1.0-beta.1,, the GitHub Actions workflow .github/workflows/static.yml uses the pullrequesttarget trigger but dangerously checks out the unverified code from the pull request head ref: $ github.event.pullrequest.head.re...

CVE-2026-41249

CoreShop is a Pimcore enhanced eCommerce solution. In versions 5.0.1 through 5.1.0-beta.1,, the GitHub Actions workflow .github/workflows/static.yml uses the pullrequesttarget trigger but dangerously checks out the unverified code from the pull request head ref: $ github.event.pullrequest.head.re...

CVE-2026-41249

CoreShop (versions 5.0.1–5.1.0-beta.1) is affected by an RCE in GitHub Actions workflow: the static.yml workflow uses pull_request_target but checks out the PR head ref and executes bin/console from that untrusted checkout, enabling an attacker to run arbitrary code on the runner. The incident is...

CVE-2026-41249 CoreShop Vulnerable to Remote Code Execution (RCE) via Insecure `pull_request_target` Configuration

CoreShop is a Pimcore enhanced eCommerce solution. In versions 5.0.1 through 5.1.0-beta.1,, the GitHub Actions workflow .github/workflows/static.yml uses the pullrequesttarget trigger but dangerously checks out the unverified code from the pull request head ref: $ github.event.pullrequest.head.re...

Hono: IP Restriction bypasses static deny rules for non-canonical IPv6

Summary The ip-restriction middleware hono/ip-restriction compares incoming IP addresses against configured deny and allow rules using string equality after partial normalization. Non-canonical IPv6 representations of an address already listed in a static rule — such as compressed forms,...