CVE-2026-28511 elabftw has entry title leakage through autocompletion search

eLabFTW is an open source electronic lab notebook. Prior to version 5.4.2, in certain cases, an authenticated user performing a numeric reference/search can return results that include resources the requesting user is not authorized to view. The exposed information is limited only the title...

IaC Inventory: A Unified View Across Code, Deployments, and Cloud

As AI applications introduce a new class of infrastructure resources, visibility into what your IaC creates, where it runs, and whether it has drifted has never been more critical...

EUVD-2025-200734

BlazeMeter Jenkins Plugin is Missing Authorization for Available Resources...

CVE-2025-13472 Missing authorization in BlazeMeter Jenkins Plugin

A fix was made in BlazeMeter Jenkins Plugin version 4.27 to allow users only with certain permissions to see the list of available resources like credential IDs, bzm workspaces and bzm project Ids. Prior to this fix, anyone could see this list as a dropdown on the Jenkins UI...

How to configure "Mandatory" keyword filtering to an App or Desktop resource in a Delivery Group

Administrator adds KEYWORDS "Mandatory" to Applications or Desktops in the Delivery Group and when users log in to Storefront via Browser or Native Store, resource is not displayed...