4 matches found
PT-2026-28103
Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.0, the str eval function in notification handler.py implements a sandboxed eval for notification text templates. The sandbox attempts to restrict callable names by inspecting code.co names of the...
PT-2026-28100
Piwigo is an open source photo gallery application for the web. Prior to version 16.3.0, the four date filter parameters f min date available, f max date available, f min date created, f max date created in ws std image sql filter are concatenated directly into SQL without any escaping or type...
PT-2026-28097
What are the limits of AI-assisted vulnerability hunting? I obtained 23 CVEs in one month. BentoML 8.2k CVE-2026-27905 HIGH SillyTavern 24.6k CVE-2026-26286 HIGH Plane 28.2k CVE-2026-27705 MEDIUM NocoDB 46.4k CVE-2026-28399 MEDIUM Mautic 8.4k CVE-2026-3105 HIGH File Browser 27.9k CVE-2026-28492...
CLSA-2025-1741637440 mysql: Fix of 23 CVEs
Update to MySQL 8.0.41 - CVEs fixed: CVE-2024-21101 CVE-2025-21559 CVE-2025-21555 CVE-2025-21546 CVE-2025-21543 CVE-2025-21540 CVE-2025-21531 CVE-2025-21529 CVE-2025-21523 CVE-2025-21522 CVE-2025-21520 CVE-2025-21519 CVE-2025-21518 CVE-2025-21505 CVE-2025-21504 CVE-2025-21503 CVE-2025-21501...