PT-2026-29024

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. affected versions not specified Description A vulnerability exists that allows authorization bypass through a user-controlled key in the 'console-survey/api/v1/answer/EVENTID/TIMESTAMP/' endpoint...

FreeRDP 安全漏洞

FreeRDP is an open-source RDP protocol implementation developed by the FreeRDP team. Versions of FreeRDP prior to 3.24.2 contained security vulnerabilities. These vulnerabilities stemmed from rendering pixel data in adjacent heap memory onto the screen, potentially exposing sensitive data to...

Missing Authorization

Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Missing Authorization in the list.json.php endpoints of multiple plugins, which lack authentication and authorization checks. An attacker can retrieve sensitive...

Duplicate Advisory: OpenClaw session transcript files were created without forced user-only permissions

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-vr7j-g7jv-h5mp. This link is maintained to preserve external references. Original Description OpenClaw before 2026.2.17 creates session transcript JSONL files with overly broad default permissions, allowing loca...

Improper Removal of Sensitive Information Before Storage or Transfer

Overview Affected versions of this package are vulnerable to Improper Removal of Sensitive Information Before Storage or Transfer via /ui/api/query/«queryid» and /v1/query/«queryid» endpoints. An attacker can obtain sensitive credentials by accessing the serialized query JSON after performing wri...

Improper Removal of Sensitive Information Before Storage or Transfer

Overview Affected versions of this package are vulnerable to Improper Removal of Sensitive Information Before Storage or Transfer via /ui/api/query/«queryid» and /v1/query/«queryid» endpoints. An attacker can obtain sensitive credentials by accessing the serialized query JSON after performing wri...

CVE-2026-33572

OpenClaw is affected by CVE-2026-33572 prior to version 2026.2.17, where session transcript JSONL files are created with overly broad default permissions. This allows local attackers with access to read transcript contents and potentially extract sensitive information, including secrets from tool...

WordPress Ninja Forms plugin <= 3.14.1 - Authenticated (Contributor+) Sensitive Information Disclosure via Block Editor Token vulnerability

Authenticated Contributor+ Sensitive Information Disclosure via Block Editor Token vulnerability discovered by Lucas Montes NiRoX in WordPress Plugin Ninja Forms versions = 3.14.1...

Insertion of Sensitive Information Into Sent Data

Overview happy-dom is a Happy DOM is a JavaScript implementation of a web browser without its graphical user interface. It includes many web standards from WHATWG DOM and HTML. Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data via the fetch...

Insertion of Sensitive Information Into Sent Data

Overview org.webjars.npm:happy-dom is a Happy DOM is a JavaScript implementation of a web browser without its graphical user interface. It includes many web standards from WHATWG DOM and HTML. Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data vi...

CVE-2026-33882

Statamic is a Laravel and Git powered content management system CMS. Prior to versions 5.73.16 and 6.7.2, the markdown preview endpoint could be manipulated to return augmented data from arbitrary fieldtypes. With the users fieldtype specifically, an authenticated control panel user could retriev...

CVE-2026-33882 Statamic's Markdown preview endpoint exposes sensitive user data

Statamic is a Laravel and Git powered content management system CMS. Prior to versions 5.73.16 and 6.7.2, the markdown preview endpoint could be manipulated to return augmented data from arbitrary fieldtypes. With the users fieldtype specifically, an authenticated control panel user could retriev...

CVE-2026-33882

Statamic CMS vulnerability CVE-2026-33882 affects Statamic versions prior to 5.73.16 and 6.7.2. The issue lies in the markdown preview endpoint, which could be manipulated to return augmented data from arbitrary fieldtypes. In particular, the users fieldtype could be leveraged by an authenticated...

Exposure of Data Element to Wrong Session

Overview Affected versions of this package are vulnerable to Exposure of Data Element to Wrong Session in the MDM command processing while handling SyncML status code. An attacker can obtain sensitive configuration data belonging to other devices such as WiFi credentials, VPN secrets, and...

Exposure of Data Element to Wrong Session

Overview Affected versions of this package are vulnerable to Exposure of Data Element to Wrong Session in the MDM command processing while handling SyncML status code. An attacker can obtain sensitive configuration data belonging to other devices such as WiFi credentials, VPN secrets, and...

Exposure of Data Element to Wrong Session

Overview Affected versions of this package are vulnerable to Exposure of Data Element to Wrong Session in the MDM command processing while handling SyncML status code. An attacker can obtain sensitive configuration data belonging to other devices such as WiFi credentials, VPN secrets, and...

CVE-2026-34391

Fleet is open source device management software. Prior to 4.81.1, a vulnerability in Fleet's Windows MDM command processing allows a malicious enrolled device to access MDM commands intended for other devices, potentially exposing sensitive configuration data such as WiFi credentials, VPN secrets...

GHSA-58R7-4WR5-HFX8 Changedetection.io Discloses Environment Variables via jq env Builtin in Include Filters

Summary The jq: and jqraw: include filter expressions allow use of the jq env builtin, which reads all process environment variables and stores them as the watch snapshot. An authenticated user or unauthenticated user when no password is set, the default can leak sensitive environment variables...

Exposure of Sensitive System Information to an Unauthorized Control Sphere

Overview mlflow is a platform to streamline machine learning development, including tracking experiments, packaging code into reproducible runs, and sharing and deploying models. Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Contro...

Exposure of Sensitive System Information to an Unauthorized Control Sphere

Overview Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere in the tracing and assessment endpoints. An attacker can access sensitive trace metadata and create unauthorized assessments by authenticating with any user...