CVE-2026-56212 Capgo - Improper 2FA Enforcement Logic via Team Security Settings

Capgo before 12.128.2 contains an authentication logic flaw: a user with permission to manage team or organization security settings can enable mandatory two-factor authentication for all team members without first enabling 2FA on their own account. The application fails to verify the initiator's...

CVE-2026-56212

Capgo has a authentication logic flaw where a user who can manage team/organization security settings can enable mandatory 2FA for all members without validating their own 2FA status. This may lead to inconsistent security enforcement, administrative misuse, and potential lockout risk for team me...

BIT-GITLAB-2026-6277 Incorrect Authorization in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 13.9 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user with Security Manager-role permissions to manage project security configuration even whe...

Vulnerabilities managed in GitLab Enterprise Edition

GitLab has identified several vulnerabilities in the GitLab Community Edition and Enterprise Edition versions, ranging from 12.0 to 19.0.2, including important releases such as 17.x, 18.10.8, 18.11.5, and 19.0.2. These vulnerabilities affect various components of GitLab CE & EE. Authorized users...

CVE-2026-6277 Incorrect Authorization in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 13.9 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user with Security Manager-role permissions to manage project security configuration even whe...

CVE-2026-44849

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, Portainer enforces seven EndpointSecuritySettings restrictions that...

CVE-2026-44849 Portainer: Endpoint security bypass via Swarm service create/update

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, Portainer enforces seven EndpointSecuritySettings restrictions that...

EUVD-2026-33063

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, Portainer enforces seven EndpointSecuritySettings restrictions that...

ROS-20260524-73-0040

Vulnerability in mariadb11.8 related to bugs in security settings. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260524-73-0042

Vulnerability in mariadb10.6 related to bugs in security settings. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260524-73-0041

Vulnerability in mariadb11.4 related to bugs in security settings. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Portainer has an endpoint security bypass via Swarm service create/update

Summary Portainer enforces seven EndpointSecuritySettings restrictions that administrators configure to restrict the container configurations non-admin users can launch: privileged mode, host PID namespace, device mapping, capabilities, sysctls, security-opt Seccomp / AppArmor, and bind mounts. T...

GHSA-5FXQ-QCF3-244W Portainer has an endpoint security bypass via Swarm service create/update

Summary Portainer enforces seven EndpointSecuritySettings restrictions that administrators configure to restrict the container configurations non-admin users can launch: privileged mode, host PID namespace, device mapping, capabilities, sysctls, security-opt Seccomp / AppArmor, and bind mounts. T...

Security Bulletin: Multiple security vulnerabilities may affect IBM WebSphere Liberty that is shipped with TXSeries for Multiplatforms (CVE-2025-14915, CVE-2025-14917, CVE-2025-14923, CVE-2026-1561, CVE-2026-29063).

Summary Multiple security vulnerabilities may affect IBM WebSphere Liberty that is shipped with TXSeries for Multiplatforms CVE-2025-14915, CVE-2025-14917, CVE-2025-14923, CVE-2026-1561, CVE-2026-29063. IBM WebSphere Liberty has been updated within TXSeries for Multiplatforms to address these...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization in the JoinWorkflowSpec process. An attacker can gain unauthorized access to host networking, override service account assignments, modify pod security contexts, add tolerations, or enable service account token...

JLSEC-2026-427 When doing multi-threaded LDAPS transfers (LDAP over TLS) with libcurl, changing TLS options in...

When doing multi-threaded LDAPS transfers LDAP over TLS with libcurl, changing TLS options in one thread would inadvertently change them globally and therefore possibly also affect other concurrently setup transfers. Disabling certificate verification for a specific transfer could unintentionally...

Grafana 安全漏洞

Grafana is a set of open-source monitoring tools developed by Grafana Open Source, which provide a visual monitoring interface. This tool is primarily used for monitoring and analyzing systems such as Graphite, InfluxDB, and Prometheus. Grafana has a security vulnerability that stems from users...

Security Bulletin: IBM WebSphere Application Server Liberty could provide weaker than expected security (CVE-2025-14917)

Summary IBM WebSphere Application Server Liberty could provide weaker than expected security administering security settings when the appSecurity-1.0, appSecurity-2.0, appSecurity-3.0, appSecurity-4.0 or appSecurity-5.0 feature is enabled. Vulnerability Details CVEID:CVE-2025-14917 DESCRIPTION: I...

CVE-2025-14917

IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty could provide weaker than expected security when administering security settings...

CVE-2025-14917

IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty could provide weaker than expected security when administering security settings...