CasaOS < 0.4.4 - Authentication Bypass via Random JWT Token

CasaOS is an open-source Personal Cloud system. Unauthenticated attackers can craft arbitrary JWTs and access features that usually require authentication and execute arbitrary commands as root on CasaOS instances. This problem was addressed by improving the validation of JWTs in commit 705bf1f...

CVE-2026-0272 PAN-OS: Privilege Escalation (PE) Vulnerability in the Command Line Interface (CLI)

A privilege escalation vulnerability in Palo Alto Networks PAN-OS® software allows an authenticated administrator with access to the Command Line Interface CLI to perform actions on the device with root privileges. The security risk posed by this issue is significantly minimized when CLI access i...

CVE-2026-0261

Multiple command injection vulnerabilities in Palo Alto Networks PAN-OS® software enable an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI or Web UI. The security ri...

CVE-2026-10854

A visibility control issue in the event template creation workflow allowed non-site-admin users to access private galaxies belonging to other organisations. The event template builder loaded all enabled galaxies without applying organisation or distribution-based access restrictions, potentially...

CVE-2026-49386

CVE-2026-49386 affects JetBrains YouTrack prior to 2026.1.13570, where an improper access control allows enumeration of restricted issues and articles on Planning Canvas. The issue’s impact is limited to information exposure (enumeration) without indicating broader code execution or data modifica...

CVE-2025-46307

The CVE-2025-46307 issue affects macOS, with the logic flaw limited to the system’s access control restrictions. The vulnerability is described as a logic issue that could allow an app to access sensitive user data. The impact is tied to local access (AV:L, PR:L) with high confidentiality impact,...

UNIX Symbolic Link (Symlink) Following

Overview Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following during docker cp mount setup due to the switching from GetResourcePath and to createIfNotExists method that has no absolute path checks. An attacker can create empty files or directories at arbitrary...

CVE-2026-33570

The CVE affects the PowerSYSTEM Center REST API endpoint for devices. A low-privilege authenticated user can access information normally restricted by operational permissions, exposing confidential data (high impact on confidentiality per ICSCERT CVSS 3.1/4.0 metrics). Root cause described as ins...

CVE-2026-44200 Wagtail: Improper permission handling when copying pages

Wagtail is an open source content management system built on Django. Prior to 7.0.7, 7.3.2, and 7.4, a CMS user with limited access to pages could copy a page they don't have access to to an area of the site they do. Once coped, they'd be able to view its contents, and potentially publish it...

PT-2026-39234

Name of the Vulnerable Software and Affected Versions Wagtail versions prior to 7.0.7 Wagtail versions prior to 7.3.2 Description A CMS user with limited access to form pages can delete submissions for pages they are not authorized to access. This is achieved by crafting a form submission to dele...

EUVD-2026-26065

UNSUPPORTED WHEN ASSIGNED Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in Pony Mail leading to admin account takeover. This issue affects all versions of the Lua implementation of Pony Mail. There is a Python implementation under development under t...

Missing Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Missing Authorization via the policy enforcement process. An attacker can gain unauthorized access to restricted tools by leveraging bundled MCP or LSP tools that bypass configured tool...

Mythos: An AI tool too powerful for public release

Anthropic’s most capable model to date, Claude Mythos Preview aka Mythos, has been described as a “step change” in AI performance, especially on cybersecurity tasks. Anthropic tried to keep Mythos a secret until a few weeks ago, when a data leak revealed the existence of what the company said was...

Mythos and Cybersecurity

Last week, Anthropic pulled back the curtain on Claude Mythos Preview, an AI model so capable at finding and exploiting software vulnerabilities that the company decided it was too dangerous to release to the public. Instead, access has been restricted to roughly 50 organizations--Microsoft, Appl...

GHSA-R4V4-5MWR-2FWR Improper restriction of the scope of accessible objects in Thymeleaf expressions

Impact A security bypass vulnerability exists in the expression execution mechanisms of Thymeleaf up to and including 3.1.3.RELEASE. Although the library provides mechanisms to prevent expression injection, it fails to properly restrict the scope of accessible objects, allowing specific potential...

SUSE CVE-2026-27447

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, CUPS daemon cupsd contains an authorization bypass vulnerability due to case-insensitive username comparison during authorization checks. The vulnerability allows an...

CVE-2026-34739

WWBN AVideo is an open source video platform. In versions 26.0 and prior, the UserLocation plugin's testIP.php page reflects the ip request parameter directly into an HTML input element without applying htmlspecialchars or any other output encoding. This allows an attacker to inject arbitrary HTM...

CVE-2026-33415

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, an authenticated moderator-level user could retrieve post content, topic titles, and usernames from categories they were n...

ALPINE-CVE-2026-21715

A flaw in Node.js Permission Model filesystem enforcement leaves fs.realpathSync.native without the required read permission checks, while all comparable filesystem functions correctly enforce them. As a result, code running under --permission with restricted --allow-fs-read can still use...

PT-2026-28672

Name of the Vulnerable Software and Affected Versions code-projects Exam Form Submission version 1.0 Description A cross-site scripting issue exists due to the manipulation of the sname argument in the file '/admin/update s7.php'. The issue impacts an unknown function. The exploit has been public...