PT-2026-48680

Summary The free5GC UDR accepts arbitrary non-3GPP ueId values in the EE subscription creation and query flows because the regular expression used for validation ends with the catch-all alternative |.+. This causes the validation logic to accept any non-empty string rather than restricting input ...

CVE-2026-43890 Outline: IDOR in subscriptions.create allows cross-tenant subscription on private documents (sibling of GHSA-23jj-rp48-w7q7)

Outline is a service that allows for collaborative documentation. From 0.84.0 to 1.7.0, the subscriptions.create API endpoint in server/routes/api/subscriptions/subscriptions.ts exhibits a broken authorization pattern. When both collectionId and documentId are supplied in the request, the route...

CVE-2026-40343

CVE-2026-40343 concerns free5GC UDR (user data repository) in versions up to and including 1.4.2. The issue is a fail‑open handling flaw in the POST handler for /nudr-dr/v2/policy-data/subs-to-notify: after errors reading the request body or deserializing input, the handler does not terminate and...

CVE-2026-40248 free5gc UDR improper path validation allows unauthenticated creation and modification of Traffic Influence Subscriptions

free5GC is an open-source implementation of the 5G core network. In versions 4.2.1 and below of the UDR service, the handler for creating or updating Traffic Influence Subscriptions checks whether the influenceId path segment equals subs-to-notify, but does not return after sending the HTTP 404...

CVE-2025-13110

CVE-2025-13110 affects the HUSKY – Products Filter Professional for WooCommerce (WordPress). It is an Insecure Direct Object Reference via the woof_add_subscr function due to missing validation on a user-controlled key, enabling authenticated attackers with subscriber-level access or higher to cr...

CVE-2025-13110 HUSKY – Products Filter Professional for WooCommerce <= 1.3.7.3 - Authenticated (Subscriber+) Insecure Direct Object Reference via 'woof_add_subscr'

The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.3.7.3 via the "woofaddsubscr" function due to missing validation on a user controlled key. This makes it possible for authenticat...

Missing Authorization

Mattermost Confluence Plugin is vulnerable to Missing Authorization. The vulnerability is due to missing authorization checks due to failure to validate user access to Confluence spaces before allowing subscription creation via the create subscription endpoint...

Unspecified Vulnerability in Mattermost Confluence Plugin (CNVD-2025-21458)

Mattermost Confluence Plugin is a plugin from Mattermost USA. Mattermost Confluence Plugin contains a security vulnerability that can be exploited by attackers to cause the creation of subscriptions...

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization via the create subscription endpoint. An attacker can gain unauthorized access to information by creating a subscription to a resource without proper access rights. Remediation Upgrade...

CVE-2025-53910

Mattermost Confluence Plugin version 1.5.0 fails to check the access of the user to the channel which allows attackers to create a channel subscription without proper access to the channel via API call to the edit channel subscription endpoint...

CVE-2025-44004

Mattermost Confluence Plugin version 1.5.0 fails to check the authorization of the user to the Mattermost instance which allows attackers to create a channel subscription without proper authorization via API call to the create channel subscription endpoint...

CVE-2025-44004 Unauthenticated Channel Subscription Creation in Mattermost Confluence Plugin

Mattermost Confluence Plugin version 1.5.0 fails to check the authorization of the user to the Mattermost instance which allows attackers to create a channel subscription without proper authorization via API call to the create channel subscription endpoint...

Mattermost Confluence Plugin 安全漏洞

Mattermost Confluence Plugin is a plugin from Mattermost USA. Mattermost Confluence Plugin contains a security vulnerability that can be exploited by attackers to cause the creation of subscriptions...

Beware the Hidden Risk in Your Entra Environment

If you invite guest users into your Entra ID tenant, you may be opening yourself up to a surprising risk. A gap in access control in Microsoft Entra's subscription handling is allowing guest users to create and transfer subscriptions into the tenant they are invited into, while maintaining full...

SUSE CVE-2021-3515

A shell injection flaw was found in pglogical in versions before 2.3.4 and before 3.6.26. An attacker with CREATEDB privileges on a PostgreSQL server can craft a database name that allows execution of shell commands as the postgresql user when calling pglogical.createsubscription...

DEBIAN-CVE-2021-3515

A shell injection flaw was found in pglogical in versions before 2.3.4 and before 3.6.26. An attacker with CREATEDB privileges on a PostgreSQL server can craft a database name that allows execution of shell commands as the postgresql user when calling pglogical.createsubscription...

UBUNTU-CVE-2021-3515

A shell injection flaw was found in pglogical in versions before 2.3.4 and before 3.6.26. An attacker with CREATEDB privileges on a PostgreSQL server can craft a database name that allows execution of shell commands as the postgresql user when calling pglogical.createsubscription...