1291 matches found
CVE-2026-53444
Wekan (open-source Kanban, Meteor-based) prior to v9.32 had missing authorization on OIDC-related Meteor methods (e.g., setCreateOrgFromOidc, setOrgAllFieldsFromOidc, setCreateTeamFromOidc, setTeamAllFieldsFromOidc, boardRoutineOnLogin, groupRoutineOnLogin) in packages/wekan-oidc/oidc_server.js a...
PT-2026-60322
Name of the Vulnerable Software and Affected Versions Wekan versions prior to 9.32 Description A Server-Side Request Forgery SSRF exists where webhook integration URLs in models/integrations.js are stored from user input and subsequently fetched by server/notifications/outgoing.js. The process...
2026-07 Cumulative Update for Windows 10 Version 1607 for x86-based Systems (KB5099535)
2026-07 Cumulative Update for Windows 10 Version 1607 for x86-based Systems KB5099535...
PT-2026-58090
Name of the Vulnerable Software and Affected Versions Pillow versions prior to 12.3.0 Description Public image coordinate APIs in the Pillow Python imaging library can trigger a native heap out-of-bounds write. This occurs when coordinates near the signed 32-bit integer limits are provided to the...
CVE-2026-55187
Mailpit is an email testing tool and API for developers. Prior to 1.30.2, the remediation shipped for CVE-2026-27808 is incomplete because the tools.IsInternalIP deny-list in internal/tools/net.go relies on Go's standard library classification helpers and does not block IPv6 transition mechanisms...
CVE-2026-57156 FreeRDP: Integer overflow leading to heap buffer overflow in Orders Delta Points parsing
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.28.0 on 32-bit builds, FreeRDP clients contain an integer overflow in updatereaddeltapoints in libfreerdp/core/orders.c when multiplying an attacker-controlled point count by sizeofDELTAPOINT, allowing a malicious RDP pee...
FTP Fetch, Windows Executable Download (http,https,ftp) and Execute
Fetch and execute an x86 payload from an FTP server. Download an EXE from an HTTPS/FTP URL and execute it Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...
FTP Fetch, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm)
Fetch and execute an x86 payload from an FTP server. Connect back to the attacker Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include Msf::Payload::Adapter::Fetch::FTP includ...
FTP Fetch, Windows x86 Bind Named Pipe Stager
Fetch and execute an x86 payload from an FTP server. Listen for a pipe connection Windows x86 Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...
FTP Fetch, Windows x86 Bind Named Pipe Stager
Fetch and execute an x86 payload from an FTP server. Listen for a pipe connection Windows x86 Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...
FTP Fetch, Reverse HTTP Stager Proxy
Fetch and execute an x86 payload from an FTP server. Tunnel communication over HTTP Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include Msf::Payload::Adapter::Fetch::FTP...
FTP Fetch, Bind IPv6 TCP Stager with UUID Support (Windows x86)
Fetch and execute an x86 payload from an FTP server. Listen for an IPv6 connection with UUID Support Windows x86 Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...
FTP Fetch, Windows shellcode stage, Hidden Bind TCP Stager
Fetch and execute an x86 payload from an FTP server. Custom shellcode stage. Listen for a connection from a hidden port and spawn a command shell to the allowed host. Module Options This module requires Metasploit: https://metasploit.com/download Current source:...
FTP Fetch, Windows Upload/Execute, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm)
Fetch and execute an x86 payload from an FTP server. Uploads an executable and runs it staged. Connect back to the attacker Module Options...
FTP Fetch, Generic x86 Debug Trap
Fetch and execute an x86 payload from an FTP server. Generate a debug trap in the target process Module Options...
FTP Fetch, Windows Upload/Execute, Reverse TCP Stager (IPv6)
Fetch and execute an x86 payload from an FTP server. Uploads an executable and runs it staged. Connect back to the attacker over IPv6 Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module...
FTP Fetch, Bind IPv6 TCP Stager with UUID Support (Windows x86)
Fetch and execute an x86 payload from an FTP server. Listen for an IPv6 connection with UUID Support Windows x86 Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...
TFTP Fetch, Linux dup2 Command Shell, Bind TCP Stager
Fetch and execute an RISC-V 32-bit payload from a TFTP server. dup2 socket in s1, then execve. Listen for a connection Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...
HTTPS Fetch, Linux dup2 Command Shell, Bind TCP Stager
Fetch and execute an RISC-V 32-bit payload from an HTTPS server. dup2 socket in s1, then execve. Listen for a connection Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...
TFTP Fetch, Linux dup2 Command Shell, Reverse TCP Stager
Fetch and execute an RISC-V 32-bit payload from a TFTP server. dup2 socket in s1, then execve. Connect back to the attacker Module Options...