516 matches found
CVE-2026-55670
ZITADEL is an open source identity management platform. Prior to 4.15.1, ZITADEL's event store validation can retain the original resource owner for a deleted user identifier, causing a later user recreated with the same identifier in another organization to be provisioned under the original...
CVE-2026-50644
SOPlanning is vulnerable to SQL injection in the audit retention configuration. An attacker holding parametersall rights can inject SQL commands into the audit configuration form which is then saved. The execution is triggered when the audit functionality is accessed by the attacker or another...
CVE-2026-50644
CVE-2026-50644 affects SOPlanning. The vulnerability is an SQL injection in the audit retention configuration, exploitable by an attacker with high privileges (parameters_all rights) who can inject SQL through the audit configuration form; execution occurs when the audit functionality is accessed...
EUVD-2026-42576
SOPlanning is vulnerable to SQL injection in the audit retention configuration. An attacker holding parametersall rights can inject SQL commands into the audit configuration form which is then saved. The execution is triggered when the audit functionality is accessed by the attacker or another...
CVE-2026-50644 SQL Injection in SOPlanning Audit Retention Configuration
SOPlanning is vulnerable to SQL injection in the audit retention configuration. An attacker holding parametersall rights can inject SQL commands into the audit configuration form which is then saved. The execution is triggered when the audit functionality is accessed by the attacker or another...
CVE-2026-50644
SOPlanning is vulnerable to SQL injection in the audit retention configuration. An attacker holding parametersall rights can inject SQL commands into the audit configuration form which is then saved. The execution is triggered when the audit functionality is accessed by the attacker or another...
CVE-2026-14471
Improper Neutralization of Special Elements in the metrics-service retention policy management component in Amazon mcp-gateway-registry before 1.0.13 might allow an authenticated remote user to execute arbitrary SQL queries via a crafted tablename value that is interpolated into SQL statements in...
CVE-2026-14471
Improper Neutralization of Special Elements in the metrics-service retention policy management component in Amazon mcp-gateway-registry before 1.0.13 might allow an authenticated remote user to execute arbitrary SQL queries via a crafted tablename value that is interpolated into SQL statements in...
CVE-2026-14471 Authenticated SQL injection in the metrics-service retention policy subsystem of mcp-gateway-registry
Improper Neutralization of Special Elements in the metrics-service retention policy management component in Amazon mcp-gateway-registry before 1.0.13 might allow an authenticated remote user to execute arbitrary SQL queries via a crafted tablename value that is interpolated into SQL statements in...
CVE-2026-14471 Authenticated SQL injection in the metrics-service retention policy subsystem of mcp-gateway-registry
Improper Neutralization of Special Elements in the metrics-service retention policy management component in Amazon mcp-gateway-registry before 1.0.13 might allow an authenticated remote user to execute arbitrary SQL queries via a crafted tablename value that is interpolated into SQL statements in...
CVE-2026-14471
The CVE affects Amazon mcp-gateway-registry’s metrics-service retention policy management component (pre-1.0.13). An authenticated remote user can exploit an SQL injection via a crafted table_name value interpolated into SQL statements in the identifier position, potentially impacting confidentia...
CVE-2026-56842
A malicious actor with access to the network and under certain conditions could exploit an Incorrect Authorization vulnerability found in UniFi Network Application to persist privileges within UniFi Network Application after such access had been removed...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: hugetlbfs: Do not delete the error page from the page cache. This change is very similar to the change made for shmem 1. It addresses the same issue, but for the HugeTLBFS mechanism instead. Currently, when a poisoned HugeTLB pag...
protobufjs: Memory amplification from preserved unknown fields in binary decode
Summary protobufjs 8.2.0 added support for preserving unknown fields encountered during binary decode. Affected versions preserved unknown wire elements in message.$unknowns and did not provide a decode-time option to discard unknown fields before retaining them. A crafted protobuf payload...
GHSA-X4VX-RJVF-J5P4 DOMPurify: `IN_PLACE` mode trusts attacker-controlled `nodeName` on live non-form nodes, allowing script retention and XSS via attacker-supplied DOM objects
Summary When DOMPurify.sanitizeroot, INPLACE: true is called on an attacker-supplied live DOM node, DOMPurify still trusts currentNode.nodeName for non-form nodes in the main sanitizeElements pipeline. A real child node whose observable nodeName is attacker-controlled can therefore be misclassifi...
PT-2026-49585
Name of the Vulnerable Software and Affected Versions protobufjs versions 8.2.0 through 8.4.2 Description protobufjs preserves unknown wire elements in message.$unknowns during binary decode but lacks a decode-time option to discard these fields before retention. A crafted protobuf payload...
CVE-2026-53867 Capgo < 12.128.2 - Orphaned File Retention via Profile Image Replacement
Capgo before 12.128.2 fails to delete previously uploaded profile images from backend storage when users replace or remove them. Attackers can access orphaned image files through previously generated URLs, allowing unauthorized retrieval of user-uploaded content...
CVE-2026-53867
Capgo before 12.128.2 does not delete previously uploaded profile images, leaving orphaned files accessible via previously generated URLs, enabling unauthorized retrieval of user-uploaded content. This affects Capgo's backend storage handling when users replace or remove images. The CVE notes MED...
Governing Claude Enterprise in Environments Where Inline Controls Can't Go
TrendAI™ integrates the Claude Compliance API into TrendAI Vision One™ through two collectors that bring AI-aware visibility and detection to Claude Enterprise usage: one keeps all data inside the environment, while the other feeds TrendAI Vision One™ for deeper correlation and compliance...
GHSA-X4GW-5CX5-PGMH Netty: SNI handler pre-allocates up to 16 MiB from nine attacker bytes
SslClientHelloHandler.decode reads the 24-bit TLS handshake length and, when the ClientHello does not fit in the first record, eagerly allocates ctx.alloc.bufferhandshakeLength line 161. The guard at line 140 is handshakeLength maxClientHelloLength && maxClientHelloLength != 0, and the...