CVE-2026-40133 Missing Authorization check in SAP S/4HANA Condition Maintenance

Due to missing authorization check in SAP S/4HANA Condition Maintenance, an authenticated attacker could gain unauthorized access to view and modify condition table records, resulting in low impact on the confidentiality and integrity of the data. Additionally, this vulnerability may prevent the...

CVE-2026-31243

The CVE-2026-31243 entry concerns the mem0 1.0.0 server, where the DELETE /memories endpoint lacks authentication/authorization controls. An unauthenticated attacker can trigger a memory reset that executes a CREATE TABLE SQL statement, potentially re-creating or altering schemas, causing data lo...

CVE-2026-31242

CVE-2026-31242 affects the mem0 v1.0.0 server. The issue is an unauthenticated access gap in the memory-reset function exposed via DELETE /memories, allowing an attacker to trigger a reset that executes a DROP TABLE SQL statement. This results in deletion of the entire memory database table, caus...

SAP Incentive and Commission Management 安全漏洞

SAP Incentive and Commission Management is a business management platform developed by German company SAP, dedicated to sales incentives, commission calculations, and performance management. There is a security vulnerability in SAP Incentive and Commission Management. This vulnerability stems fro...

WordPress plugin Quick Table 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

mem0 安全漏洞

mem0 is an open-source benchmark tool for efficient memory algorithms developed by Mem0. Version 1.0.0 of mem0 contains a security vulnerability. This vulnerability stems from the lack of authentication and authorization controls in the memory reset function. Unauthorized attackers could exploit...

mem0 安全漏洞

mem0 is an open-source benchmark testing tool for efficient memory algorithms developed by Mem0. Version 1.0.0 of mem0 contains a security vulnerability. This vulnerability stems from the lack of authentication and authorization controls in memory reset and table reconstruction functions...

PT-2026-39927

Due to insufficient authorization checks in the SAP Incentive and Commission Management application, authenticated users could invoke a remote-enabled function module to perform table update operations. This vulnerability has a low impact on integrity with no impact on confidentiality and...

PT-2026-39956

The Quick Table plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'style' attribute of the 'qtbl' shortcode in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2026-31242

The mem0 v1.0.0 server lacks authentication and authorization controls for its memory reset functionality accessible via the DELETE /memories endpoint. An unauthenticated attacker can send a DELETE request that triggers a reset operation, leading to the execution of a DROP TABLE SQL statement. Th...

CVE-2026-31243

The mem0 1.0.0 server lacks authentication and authorization controls for its memory reset and table re-creation functionality accessible via the DELETE /memories endpoint. An unauthenticated attacker can send a DELETE request that triggers a reset operation, leading to the execution of a CREATE...

CVE-2026-31243

The mem0 1.0.0 server lacks authentication and authorization controls for its memory reset and table re-creation functionality accessible via the DELETE /memories endpoint. An unauthenticated attacker can send a DELETE request that triggers a reset operation, leading to the execution of a CREATE...

PT-2026-40129

The mem0 v1.0.0 server lacks authentication and authorization controls for its memory reset functionality accessible via the DELETE /memories endpoint. An unauthenticated attacker can send a DELETE request that triggers a reset operation, leading to the execution of a DROP TABLE SQL statement. Th...

CVE-2026-31242

The mem0 v1.0.0 server lacks authentication and authorization controls for its memory reset functionality accessible via the DELETE /memories endpoint. An unauthenticated attacker can send a DELETE request that triggers a reset operation, leading to the execution of a DROP TABLE SQL statement. Th...

PT-2026-40320

The mem0 1.0.0 server lacks authentication and authorization controls for its memory reset and table re-creation functionality accessible via the DELETE /memories endpoint. An unauthenticated attacker can send a DELETE request that triggers a reset operation, leading to the execution of a CREATE...

CVE-2026-31243

The mem0 1.0.0 server lacks authentication and authorization controls for its memory reset and table re-creation functionality accessible via the DELETE /memories endpoint. An unauthenticated attacker can send a DELETE request that triggers a reset operation, leading to the execution of a CREATE...

EUVD-2026-29201

A security flaw has been discovered in VectifyAI PageIndex up to f50e52975313c6716c02b20a119577a1929decba. Affected by this vulnerability is the function toctransformer of the file pageindex/pageindex.py of the component PDF Table of Contents Handler. The manipulation results in infinite loop. Th...

WordPress Quick Table plugin <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by MAJidox in WordPress Plugin Quick Table versions = 1.0.0...

freerdp: FreeRDP: Denial of Service via double free vulnerability during disconnect

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. This double free vulnerability occurs during the cleanup process when a remote desktop session disconnects. Specifically, if a title allocation fails, a pointer to an application window is freed but not removed fro...

PT-2026-39732

A security flaw has been discovered in VectifyAI PageIndex up to f50e52975313c6716c02b20a119577a1929decba. Affected by this vulnerability is the function toc transformer of the file pageindex/page index.py of the component PDF Table of Contents Handler. The manipulation results in infinite loop...