CVE-2026-5961 code-projects Simple IT Discussion Forum topic-details.php sql injection

A security vulnerability has been detected in code-projects Simple IT Discussion Forum 1.0. This vulnerability affects unknown code of the file /topic-details.php. The manipulation of the argument postid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed...

CVE-2026-5961

A security vulnerability has been detected in code-projects Simple IT Discussion Forum 1.0. This vulnerability affects unknown code of the file /topic-details.php. The manipulation of the argument postid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed...

CVE-2026-5961

CVE-2026-5961 affects code-projects Simple IT Discussion Forum 1.0. The vulnerability is in /topic-details.php via the post_id parameter, leading to SQL injection. Exploitation is remote and has been publicly disclosed; exploit code maturity is PROOF-OF-CONCEPT. No remediation details are provide...

Code-Projects Simple IT Discussion Forum SQL注入漏洞

Code-Projects Simple IT Discussion Forum is a simple forum developed by Code-Projects as open source. Version 1.0 of the code-projects Simple IT Discussion Forum has a SQL injection vulnerability. This vulnerability stems from incorrect handling of the parameter postid in the...

PT-2026-31657

oma is a package manager for AOSC OS. Prior to 1.25.2, oma-topics is responsible for fetching metadata for testing repositories topics named "Topic Manifests" mirror/debs/manifest/topics.json from remote repository servers, registering them as APT source entries. However, the name field in said...

PT-2026-31652

A security vulnerability has been detected in code-projects Simple IT Discussion Forum 1.0. This vulnerability affects unknown code of the file /topic-details.php. The manipulation of the argument post id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed...

GHSA-HWR4-MQ23-WCV5 mercure has Topic Selector Cache Key Collision

Impact A cache key collision vulnerability in TopicSelectorStore allows an attacker to poison the match result cache, potentially causing private updates to be delivered to unauthorized subscribers or blocking delivery to authorized ones. The cache key was constructed by concatenating the topic...

EUVD-2026-19631

A race condition in the Apache Kafka Java producer client’s buffer pool management can cause messages to be silently delivered to incorrect topics. When a produce batch expires due to delivery.timeout.ms while a network request containing that batch is still in flight, the batch’s ByteBuffer is...

GHSA-5QCV-4RPC-JP93 Apache Kafka Clients: Kafka Producer Message Corruption and Misrouting via Buffer Pool Race Condition

A race condition in the Apache Kafka Java producer client’s buffer pool management can cause messages to be silently delivered to incorrect topics. When a produce batch expires due to delivery.timeout.ms while a network request containing that batch is still in flight, the batch’s ByteBuffer is...

CVE-2026-35554

A race condition in the Apache Kafka Java producer client’s buffer pool management can cause messages to be silently delivered to incorrect topics. When a produce batch expires due to delivery.timeout.ms while a network request containing that batch is still in flight, the batch’s ByteBuffer is...

CVE-2026-35554

Summary of CVE-2026-35554 : A race condition in the Apache Kafka Java producer client’s buffer pool management can cause message corruption and misrouting. When a produce batch expires due to delivery timeout while its network request is in flight, the batch ByteBuffer may be deallocated early an...

CVE-2026-35554 Apache Kafka Clients: Kafka Producer Message Corruption and Misrouting via Buffer Pool Race Condition

A race condition in the Apache Kafka Java producer client’s buffer pool management can cause messages to be silently delivered to incorrect topics. When a produce batch expires due to delivery.timeout.ms while a network request containing that batch is still in flight, the batch’s ByteBuffer is...

BIT-DISCOURSE-2026-32615 Discourse: Category group moderators can perform actions on topics in restricted categories without read access

Discourse is an open-source discussion platform. From versions 2026.1.0 to before 2026.1.3, and 2026.2.0 to before 2026.2.2, category group moderators could perform privileged actions on topics inside private categories they did not have read access to. This issue has been patched in versions...

BIT-DISCOURSE-2026-32607 Discourse: Stored XSS via unescaped assignee name

Discourse is an open-source discussion platform. From versions 2026.1.0 to before 2026.1.3, and 2026.2.0 to before 2026.2.2, when the hidden prioritizefullnameinux site setting is enabled defaults to false, requires console access to change, user and group display names are rendered without HTML...

PT-2026-30827

Name of the Vulnerable Software and Affected Versions Apache Kafka versions 3.9.1 and earlier, 4.0.1 and earlier, and 4.1.1 and earlier Description A race condition in the Apache Kafka Java producer client’s buffer pool management can cause messages to be silently delivered to incorrect topics...

Apache Kafka 安全漏洞

Apache Kafka is an open-source distributed streaming platform developed by the Apache Foundation in the United States. This platform enables the acquisition of real-time data, allowing for the creation of applications that can respond in real time to changes in data streams. There are security...

MyBB Like Plugin 跨站脚本漏洞

MyBB Like Plugin is an extension for forums developed by MyBB Corporation. Version 3.0.0 of MyBB Like Plugin contains a cross-site scripting vulnerability. This vulnerability arises from the lack of validation of topic content when posts or topics are created, which may allow attackers to inject...

EUVD-2026-18235

CocoaMQTT: Denial of Service via Reachable Assertion in PUBLISH Packet Parsing...

GHSA-R3FR-7M74-Q7G2 CocoaMQTT: Denial of Service via Reachable Assertion in `PUBLISH` Packet Parsing

A vulnerability exists in the packet parsing logic of CocoaMQTT that allows an attacker or a compromised/malicious MQTT broker to remotely crash the host iOS/macOS/tvOS application. The vulnerability is located in Source/FramePublish.swift during the extraction of the Topic string from the incomi...

CocoaMQTT: Denial of Service via Reachable Assertion in `PUBLISH` Packet Parsing

A vulnerability exists in the packet parsing logic of CocoaMQTT that allows an attacker or a compromised/malicious MQTT broker to remotely crash the host iOS/macOS/tvOS application. The vulnerability is located in Source/FramePublish.swift during the extraction of the Topic string from the incomi...