WordPress Easy Student Results <=2.2.8 - Improper Authorization

WordPress Easy Student Results plugin through 2.2.8 is susceptible to information disclosure. The plugin lacks authorization in its REST API, which can allow an attacker to retrieve sensitive information related to courses, exams, and departments, as well as student grades and information such as...

WordPress JoomSport <5.2.8 - SQL Injection

WordPress JoomSport plugin before 5.2.8 contains a SQL injection vulnerability. The plugin does not properly sanitize and escape a parameter before using it in a SQL statement. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operation...

CVE-2026-28511

CVE-2026-28511 affects eLabFTW. Before version 5.4.2, an authenticated user performing a numeric reference/search could receive results that include resources the user is not authorized to view. The exposed data is limited to resource titles; attempts to access the underlying protected content re...

Nezha's authenticated agents can forge service-monitor results for other users' services

Summary Nezha accepts service-monitor TaskResult messages from an authenticated agent based only on whether the reported service ID exists. The dashboard authenticates the agent and derives the reporter server ID from the gRPC stream, but the service-monitor result worker does not verify that the...

GHSA-4G6J-G789-RGHM Nezha's authenticated agents can forge service-monitor results for other users' services

Summary Nezha accepts service-monitor TaskResult messages from an authenticated agent based only on whether the reported service ID exists. The dashboard authenticates the agent and derives the reporter server ID from the gRPC stream, but the service-monitor result worker does not verify that the...

amazon-redshift-python-driver vulnerable to Remote Code Execution via eval() Injection

Summary amazon-redshift-python-driver is the official Python connector for Amazon Redshift. In versions 2.1.13 and earlier, the driver insufficiently validates data received from the server during query result processing. A rogue server or man-in-the-middle could leverage this to execute arbitrar...

EUVD-2026-33397

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, SillyTavern exposes /api/search/searxng, which accepts attacker-controlled baseUrl and uses it...

SUSE CVE-2026-46119

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix slab-out-of-bounds access in auth message processing If a potentially corrupted message of type CEPHMSGAUTHREPLY contains a positive value in its result field, it is treated as an error code by cephhandleauthreply an...

Stochastic Analysis of Cybersecurity Defense Strategies under Single Attack Scenario

This research presents a novel stochastic framework for proactive cybersecurity defense timing under a single attack scenario. The approach models the defense process as a continuous observation mechanism in which the defense instant and the subsequent observation slot follow independent...

CVE-2026-45090

Dalfox is a powerful open-source XSS scanner and utility focused on automation. Prior to 2.13.0, ParameterAnalysis in pkg/scanning/parameterAnalysis.go runs two sequential worker stages that both write to the same results channel. The channel is correctly closed after the first stage completes...

CVE-2026-46119

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix slab-out-of-bounds access in auth message processing If a potentially corrupted message of type CEPHMSGAUTHREPLY contains a positive value in its result field, it is treated as an error code by cephhandleauthreply an...

EUVD-2026-32878

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix slab-out-of-bounds access in auth message processing If a potentially corrupted message of type CEPHMSGAUTHREPLY contains a positive value in its result field, it is treated as an error code by cephhandleauthreply an...

CVE-2026-46119

CVE-2026-46119 affects the Linux kernel libceph component. The flaw is a slab-out-of-bounds access in auth message processing: if CEPH_MSG_AUTH_REPLY carries a positive result, it is misinterpreted as an error code and later as the size of the front segment, causing out-of-bounds reads. The fix t...

How Reliable Are AI Attackers against a Fixed Vulnerable Target? A 400-Run Empirical Study of LLM Penetration Testing Consistency

Large language models LLMs can autonomously conduct multi-stage cyber attacks, but the consistency of their offensive behavior under repeated trials remains unstudied. This work presents the first large-scale empirical measurement of LLM attack consistency: 400 autonomous penetration testing runs...

PT-2026-44242

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix slab-out-of-bounds access in auth message processing If a potentially corrupted message of type CEPH MSG AUTH REPLY contains a positive value in its result field, it is treated as an error code by ceph handle auth...

PT-2026-44425

Name of the Vulnerable Software and Affected Versions Casdoor versions prior to 2.363.0 Description Casdoor fails to enforce SAML assertion time bounds. The gosaml2 library calculates time-validation results, such as NotOnOrAfter and NotBefore, and reports them in the assertionInfo.WarningInfo...

CVE-2026-46544

Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO accepts client-supplied sessionid values in WebSocket task messages and reuses an existing in-memory session object if that sessionid already exists. If a prior session...

CVE-2026-46538 Microsoft UFO accepts cross-device TASK_END messages by session_id only, allowing peer task-result injection

Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO's constellation client tracks pending task responses by sessionid only and does not verify that a TASKEND message came from the device that originally received the task...

EUVD-2026-32673

Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO accepts client-supplied sessionid values in WebSocket task messages and reuses an existing in-memory session object if that sessionid already exists. If a prior session...

CVE-2026-46544

Technical details beyond the provided CVE description are not publicly available in the supplied documents. Monitor for updates from the referenced UFO advisory and CVE entry.