4 matches found
CVE-2026-47386
CVE-2026-47386 affects NocoDB’s OAuth token-exchange flow. Before 2026.05.1, two concurrent token-exchange requests could use the same OAuth authorization code to mint two valid token pairs, breaking PKCE’s single-use guarantee. The issue is mitigated by a fix in 2026.05.1, which introduces atomi...
Wear OS Security Bulletin—May 2026Stay organized with collectionsSave and categorize content based on your preferences.
The Wear OS Security Bulletin contains details of security vulnerabilities affecting the Wear OS platform. The full Wear OS update comprises the security patch level of 2026-05-05 or later from the May 2026 Android Security Bulletin in addition to all issues in this bulletin. We encourage all...
Security update 5.1.3 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2026-31958: Security patch for Salt vendored tornado: Added limits on multipart form data parsing bsc1259554 Added x8664v2 as a possible rpm package architecture Make users with backslash working for salt-ssh...
CVE-2026-35174 Chyrp Lite has a Path Traversal to Remote Code Execution
Chyrp Lite is an ultra-lightweight blogging engine. Prior to 2026.01, a path traversal vulnerability exists in the administration console that allows an administrator or a user with Change Settings permission to change the uploads path to any folder. This vulnerability allows the user to download...