EUVD-2026-8720

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.2 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that under certain circumstances, could have allowed an unauthenticated user to inject arbitrary scripts into the Mermaid sandbox UI...

PT-2026-21993

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 16.2 through 18.7.4 GitLab CE/EE versions 18.8 through 18.8.4 GitLab CE/EE versions 18.9 through 18.9.0 Description A flaw exists in GitLab CE/EE that, under specific conditions, could allow an unauthenticated user to...

CVE-2025-14436

The CVE-2025-14436 entry concerns the Brevo for WooCommerce WordPress plugin (≤ v4.0.49). It enables unauthenticated Stored XSS via the user_connection_id parameter, due to insufficient input sanitization and output escaping. The vulnerability comprises: vulnerable code in woocommerce-sendinblue....

ABB FOX515T Information Disclosure Vulnerability

The FOX515 is a general-purpose communications platform based on TDM technology time division multiplexing. An information disclosure vulnerability in the ABB FOX515T version 1.0 allows a local attacker to supply malicious parameters to unauthenticated scripts for this application, enabling the...