EUVD-2026-30237

GitLab has remediated an issue in GitLab EE affecting all versions from 15.7 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user to bypass merge request approval requirements due to improper cleanup of orphaned policy records...

CVE-2026-7471

CVE-2026-7471 affects GitLab Enterprise Edition (GitLab EE) prior to patch releases 18.9.7, 18.10.6, and 18.11.3. The issue is a Server-Side Request Forgery (SSRF) vulnerability where an authenticated user who controls a virtual registry upstream could cause requests to internal hosts due to impr...

CVE-2026-7471 Server-Side Request Forgery (SSRF) in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 18.8 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with control of a virtual registry upstream to make requests to internal hosts due to improper validation...

CVE-2026-7525

The CVE pertains to WordPress plugin My Calendar – Accessible Event Manager (versions ≤ 3.7.9). It describes an authorization bypass: authenticated users with custom-level access can tamper with the POST body (e.g., event_approved) to publish events or set statuses (cancelled, private) beyond the...

EUVD-2026-30214

The Unlimited Elements for Elementor plugin for WordPress is vulnerable to SQL Injection via the 'datafiltersearch' parameter in the getcataddons AJAX action in versions up to and including 2.0.7. This is due to insufficient input sanitization and the use of deprecated escaping functions combined...

PT-2026-41181

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.8.9 Description When a non-administrative user logs into the application, a web request to the '/api/models?' endpoint is initiated. The response from this request reveals the system prompts of available models...

PT-2026-40973

Name of the Vulnerable Software and Affected Versions CoreShop versions 5.0.1 through 5.1.0-beta.1 Description The GitHub Actions workflow located at .github/workflows/static.yml uses the pull request target trigger and checks out unverified code from the pull request head using the variable ref:...

MagicMirror 代码问题漏洞

MagicMirror is an open-source modular smart mirror platform developed by MagicMirror. Versions of MagicMirror prior to 2.36.0 had code vulnerabilities. These vulnerabilities stemmed from unauthorized server-side request forgery through the /cors endpoint, which could allow any remote attacker to...

GitLab 安全漏洞

GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD continuous integration and delivery. There were security vulnerabilities in versions prior to GitLab EE...

PT-2026-41196

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.5 Description The validate url function in backend/open webui/retrieval/web/utils.py only validates the initial URL provided by the user. Downstream HTTP clients, including sync requests, async aiohttp, and...

PT-2026-40875

Name of the Vulnerable Software and Affected Versions GitLab EE versions 15.7 through 18.9.6 GitLab EE versions 18.10 through 18.10.5 GitLab EE versions 18.11 through 18.11.2 Description An issue exists where an authenticated user can bypass merge request approval requirements. This occurs due to...

WordPress plugin LatePoint 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

PT-2026-41172

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.0 Description A Server-Side Request Forgery SSRF bypass exists in the validate url function located in backend/open webui/retrieval/web/utils.py. The function calls validators.ipv6ip, private=True, but because...

PT-2026-41202

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.8.12 Description Any verified user can execute arbitrary Python code via Jupyter because the '/api/v1/utils/code/execute' endpoint does not enforce the ENABLE CODE EXECUTION configuration flag. Even when an...

PT-2026-41170

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.3 Description An application-wide Cross-Site Request Forgery CSRF issue exists in the image uploading functionality. An attacker can set an image URL to a malicious endpoint, causing any authenticated user who...

Medium: qemu

Issue Overview: hcd-ohci: infinite loop NOTE: Fixed by: https://gitlab.com/qemu-project/qemu/-/commit/129922c2bc398b656a9180150e667f98fdf0d402 v11.0.0-rc1 CVE-2026-3890 virtio-scsi request size mismatch NOTE: Fixed by:...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: git-lfs (UTSA-2026-021307)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021307 advisory. The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is us...

PT-2026-40970

Summary Fleet contained a denial-of-service DoS issue in the gRPC Launcher PublishLogs endpoint. In affected versions, certain unexpected input values were not handled gracefully, which could cause the Fleet server process to terminate while processing an authenticated request from an enrolled...

PT-2026-41177

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.5.11 Description A blind server side request forgery SSRF exists in the PDF generate function. User inputs are interpreted as HTML and embedded into the PDF. While scripts and certain dangerous tags like iFrame a...

📄 Apache HertzBeat 1.8.0 Remote Command Execution

Apache HertzBeat version 1.8.0 suffers from a remote command execution vulnerability via the scriptCommand parameter in a monitoring template definition. Exploit Title: Apache HertzBeat 1.8.0 - Remote Code Execution Google Dork: N/A Date: 2026-03-09 Exploit Author: Brett Gervasoni Vendor Homepage...