PT-2026-45471

Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.7 and 33.0.0 to before 33.0.1, a missing access check on API level allowed to add unknown circles by their ID directly to other circles. Since circle IDs have 62^15 complexity by...

Information Exposure

Overview parse-server is a version of the Parse backend that can be deployed to any infrastructure that can run Node.js. Affected versions of this package are vulnerable to Information Exposure via the Did you mean ...? suggestions in GraphQL validation-error messages. An attacker can enumerate...

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization in the POST /wikis/wikiName endpoint. An attacker can create or update documents in the target wiki by sending unauthenticated requests to the affected REST endpoint. Remediation Upgrade...

Astra Linux - уязвимость в apache2

The Apache HTTP Server versions 2.4.6 to 2.4.46, with the modproxywstunnel module configured, were used to handle a URL. The origin server did not necessarily upgrade this connection. This setup allowed subsequent requests on the same connection to be processed without any HTTP validation,...

Empty Password in Configuration File

Overview org.springframework.cloud:spring-cloud-config-server is a library that provides an HTTP resource-based API for external configuration. Affected versions of this package are vulnerable to Empty Password in Configuration File through the GoogleSecretManagerV1AccessStrategy in the...

Insufficient Session Expiration

Overview Affected versions of this package are vulnerable to Insufficient Session Expiration due to jupytercookiesecret never being automatically rotated or cleared. An attacker can keep or reuse authenticated session cookies after a password change by presenting a cookie signed with a secret tha...

Regular Expression without Anchors

Overview Affected versions of this package are vulnerable to Regular Expression without Anchors through the alloworiginpat checks in websocket.py, login.py. An attacker can bypass CORS, WebSocket origin checks, and login redirect validation by supplying an Origin or Referer value that matches the...

Insufficient Verification of Data Authenticity

Overview Affected versions of this package are vulnerable to Insufficient Verification of Data Authenticity via the decidedByUserId field in approval-related endpoints. An attacker can forge decision attribution by supplying an arbitrary user identifier in the request body, causing the system to...

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection via the cleanupCommand field in the PATCH /api/execution-workspaces/:id endpoint, which is stored and later executed by the server without input validation or sanitization. An attacker can execute arbitrary system...

Always-Incorrect Control Flow Implementation

Overview Affected versions of this package are vulnerable to Always-Incorrect Control Flow Implementation due to an inverted time comparison in the OIDC JWKS and token cache processes. An attacker can cause expired tokens to be reused or force repeated network requests to the OIDC provider by...

CVE-2026-29522

ZwickRoell Test Data Management versions prior to 3.0.8 contain a local file inclusion LFI vulnerability in the /server/nodeupgradesrv.js endpoint. An unauthenticated attacker can supply directory traversal sequences via the firmware parameter to access arbitrary files on the server, leading to...

User Impersonation

Overview github.com/nats-io/nats-server/v2/server is an A simple, secure and performant communications system for digital systems, services and devices. Affected versions of this package are vulnerable to User Impersonation through the createOrRestoreSession function in the MQTT session manager. ...

Improper Validation of Syntactic Correctness of Input

Overview parse-server is a version of the Parse backend that can be deployed to any infrastructure that can run Node.js. Affected versions of this package are vulnerable to Improper Validation of Syntactic Correctness of Input in the LiveQuery subscription when an invalid regular expression patte...

PYSEC-2026-162

Improper Protection of Alternate Path exists in the no-access and workdir feature of the AWS API MCP Server versions = 0.2.14 and 1.3.9 on all platforms may allow the bypass of intended file access restriction and expose arbitrary local file contents in the MCP client application context.To...

Improper Input Validation

Overview Affected versions of this package are vulnerable to Improper Input Validation when processing arbitrary Spark configuration values in requests. An attacker can gain unauthorized access to files by sending specially crafted requests to the REST or JDBC interface. Note: This is only...

Missing Authentication for Critical Function

Overview parse-server is a version of the Parse backend that can be deployed to any infrastructure that can run Node.js. Affected versions of this package are vulnerable to Missing Authentication for Critical Function in the createSubscriptions process. An attacker can execute unauthorized GraphQ...

Information Exposure

Overview parse-server is a version of the Parse backend that can be deployed to any infrastructure that can run Node.js. Affected versions of this package are vulnerable to Information Exposure in the LiveQuery subscription process. An attacker can infer the values of protected fields by crafting...

Incorrect Authorization

Overview parse-server is a version of the Parse backend that can be deployed to any infrastructure that can run Node.js. Affected versions of this package are vulnerable to Incorrect Authorization via the /loginAs endpoint when using the readOnlyMasterKey credential. An attacker can impersonate...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization via the GetConfig and RefreshResource API endpoints. An attacker can access sensitive configuration data or trigger excessive reconciliations by sending requests with any non-empty Bearer token in the Authorizati...

Improper Verification of Cryptographic Signature

Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature via the JWT verification process. An attacker can gain unauthorized enrollment of rogue devices by submitting a forged JWT with arbitrary identity claims, as the system fails to verify th...