PT-2026-27598

A privacy issue was addressed by removing sensitive data. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An app may be able to enumerate a user's installed apps...

PT-2026-27540

This issue was addressed with improved input validation. This issue is fixed in iOS 26.3 and iPadOS 26.3. An app may be able to access sensitive user data...

CVE-2024-51346

An issue in Eufy Homebase 2 version 3.3.4.1h allows a local attacker to obtain sensitive information via the cryptographic scheme...

WordPress plugin Contact Form by WPForms 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

PT-2026-27902

Name of the Vulnerable Software and Affected Versions Contact Form by WPForms versions n/a through 1.9.8.7 Description A flaw exists in Contact Form by WPForms that allows retrieval of embedded sensitive data due to insertion of sensitive information into sent data. This issue impacts the way dat...

IBM InfoSphere Information Server 安全漏洞

IBM InfoSphere Information Server is IBM's enterprise-class data integration platform for integrating, cleansing and transforming data from disparate sources. An information disclosure vulnerability exists in IBM InfoSphere Information Server that stems from insufficient credential protection and...

PT-2026-28052

Insertion of Sensitive Information Into Sent Data vulnerability in Noor Alam SMTP Mailer smtp-mailer allows Retrieve Embedded Sensitive Data.This issue affects SMTP Mailer: from n/a through = 1.1.24...

PT-2026-28109

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow an attacker to obtain sensitive information from the query string of an HTTP GET method to process a request which could be obtained using man in the middle techniques...

Apple macOS 安全漏洞

Apple macOS is a specialized operating system developed by the American company Apple for Mac computers. Versions of Apple macOS Tahoe prior to 26.4 contained a security vulnerability caused by insufficient checks, which could allow applications to access sensitive user data...

Apple macOS 安全漏洞

Apple macOS is a specialized operating system developed by Apple for Mac computers. A security vulnerability exists in Apple macOS, which stems from improper handling of temporary files, and can be exploited by an attacker to cause an application to access sensitive user data...

PT-2026-28158

OpenEMR is a free and open source electronic health records and medical practice management application. A Broken Access Control vulnerability in OpenEMR up to and including version 8.0.0.3 allows low-privilege users to view and download Ensora eRx error logs without proper authorization checks...

WordPress plugin SMTP Mailer 安全漏洞

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin SMTP Mailer, which...

IBM Concert 安全漏洞

IBM Concert is a new tool from International Business Machines IBM Inc. that uses generative AI to help manage complex cloud-native applications. An Access Control Error vulnerability exists in IBM Concert 2.2.0 and prior versions. The vulnerability stems from a lack of functional-level access...

PT-2026-27597

An authorization issue was addressed with improved state management. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Tahoe 26.4, visionOS 26.4, watchOS 26.4. An app may be able to access sensitive user data...

Apple iOS和Apple iPadOS 安全漏洞

Apple iOS and Apple iPadOS are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple iPadOS is an operating system for iPad tablets. Versions of Apple iOS prior to 26.3 and iPadOS prior to 26.3 contained security vulnerabilities. These...

PT-2026-27601

A privacy issue was addressed by moving sensitive data. This issue is fixed in macOS Tahoe 26.4. An app may be able to access sensitive user data...

PT-2026-28120

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to exposure of sensitive information via JSON server response manipulation...

CVE-2024-51346

CVE-2024-51346 affects Eufy Homebase 2 (v3.3.4.1h). The connected exploit document details cryptographic bypasses in P2P and media storage encryption: keys are derived from leaked/observable data (PPCS_ID, Serial Number, random header), enabling real-time decryption of P2P streams and stored medi...

Missing Authentication for Critical Function

Overview parse-server is a version of the Parse backend that can be deployed to any infrastructure that can run Node.js. Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the /users/me endpoint. An authenticated user can access sensitive...

CVE-2026-21783

HCL Traveler is affected by sensitive information disclosure. The application generates some error messages that provide detailed information about errors and failures, such as internal paths, file names, sensitive tokens, credentials, error codes, or stack traces. Attackers could exploit this...