Linux Distros Unpatched Vulnerability : CVE-2026-46635

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Twig: Sandbox property allowlist bypass via the column filter arraycolumn on objects CVE-2026-46635 Note that Nessus relies on the presence of the package as...

Linux Distros Unpatched Vulnerability : CVE-2026-8950

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Same-origin policy bypass in the Networking: HTTP component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird...

CVE-2026-46366

phpMyFAQ before 4.1.2 contains an information disclosure vulnerability in the getIdFromSolutionId method that lacks permission filtering, allowing unauthenticated attackers to enumerate restricted FAQ entries and read their titles via the /solutionidid.html endpoint. Attackers can sequentially...

CVE-2026-46366 phpMyFAQ - Unauthenticated Information Disclosure via getIdFromSolutionId Permission Bypass

phpMyFAQ before 4.1.2 contains an information disclosure vulnerability in the getIdFromSolutionId method that lacks permission filtering, allowing unauthenticated attackers to enumerate restricted FAQ entries and read their titles via the /solutionidid.html endpoint. Attackers can sequentially...

EUVD-2026-30602

phpMyFAQ before 4.1.2 contains an information disclosure vulnerability in the getIdFromSolutionId method that lacks permission filtering, allowing unauthenticated attackers to enumerate restricted FAQ entries and read their titles via the /solutionidid.html endpoint. Attackers can sequentially...

CVE-2026-46366 phpMyFAQ - Unauthenticated Information Disclosure via getIdFromSolutionId Permission Bypass

phpMyFAQ before 4.1.2 contains an information disclosure vulnerability in the getIdFromSolutionId method that lacks permission filtering, allowing unauthenticated attackers to enumerate restricted FAQ entries and read their titles via the /solutionidid.html endpoint. Attackers can sequentially...

CVE-2026-46366

phpMyFAQ before 4.1.2 contains an information disclosure vulnerability in the getIdFromSolutionId method that lacks permission filtering, allowing unauthenticated attackers to enumerate restricted FAQ entries and read their titles via the /solutionidid.html endpoint. Attackers can sequentially...

PT-2026-41368

phpMyFAQ before 4.1.2 contains an information disclosure vulnerability in the getIdFromSolutionId method that lacks permission filtering, allowing unauthenticated attackers to enumerate restricted FAQ entries and read their titles via the /solution id id.html endpoint. Attackers can sequentially...

phpMyFAQ 安全漏洞

phpMyFAQ is a multilingual, fully database-driven FAQ system developed by Thorsten Rinne. Versions of phpMyFAQ prior to 4.1.2 contained security vulnerabilities. These vulnerabilities stemmed from a lack of permission filtering in the getIdFromSolutionId method. This allowed unauthorized attacker...

Linux Distros Unpatched Vulnerability : CVE-2026-8391

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Other issue in the JavaScript Engine component. This vulnerability was fixed in Firefox 150.0.3, Firefox ESR 115.36, Firefox ESR 140.11, and Thunderbird 140.11...

Linux Distros Unpatched Vulnerability : CVE-2026-8555

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in GTK in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium...

Important: Red Hat Security Advisory: Network Observability 1.11.2 for OpenShift

Network Observability 1.11 for Red Hat OpenShift. Network flows collector and monitoring solution...

CVE-2026-42645

Cross-Site Request Forgery CSRF vulnerability in Dmitry V. CEO of "UKR Solution" Barcode Scanner with Inventory & Order Manager barcode-scanner-lite-pos-to-manage-products-inventory-and-orders allows Cross Site Request Forgery.This issue affects Barcode Scanner with Inventory & Order Manager: fro...

@uipath/project-packager (>=1.1.10 <=1.1.15), @uipath/solution-packager (>=0.0.30 <=0.0.34) potentially affected by unknown CVE via @uipath/solutionpackager-tool-core (>=0.0.31 <=0.0.33)

@uipath/solutionpackager-tool-core NPM version =0.0.31, =1.1.10, =0.0.30, =0.0.34 Source cves: unknown CVE Source advisory: OSV:MAL-2026-3577...

Malicious code in @uipath/solution-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 54c97ae73d789e83ab3e7d3a4aa60b13004ed8ddfba42a1b2941598b16e6ade5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-3575 Malicious code in @uipath/solution-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 54c97ae73d789e83ab3e7d3a4aa60b13004ed8ddfba42a1b2941598b16e6ade5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-3574 Malicious code in @uipath/solution-packager (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6487ed6520bb356b10f79e676ab8025235c19230de13836f08cf630171420426 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

@uipath/solution-packager (>=0.0.30 <=0.0.34) potentially affected by unknown CVE via @uipath/project-packager (>=1.1.10 <=1.1.15)

@uipath/project-packager NPM version =1.1.10, =0.0.30, =0.0.34 Source cves: unknown CVE Source advisory: OSV:MAL-2026-3567...

Linux Distros Unpatched Vulnerability : CVE-2026-43295

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rapidio: replace riofreenet with kfree in rioscanallocnet When idtab allocation fails, net is not registered with rioaddnet yet, so kfreenet is sufficient to...

Security Bulletin: Multiple vulnerabilities in IBM DevOps Solution Workbench

Summary Multiple vulnerabilities were addressed in IBM DevOps Solution Workbench version 5.1.2 Vulnerability Details CVEID:CVE-2026-6951 DESCRIPTION: Versions of the package simple-git before 3.36.0 are vulnerable to Remote Code Execution RCE due to an incomplete fix for CVE-2022-25912 that block...