CVE-2026-34754 MantisBT allows unauthorized users to upload attachments to restricted issues via REST API

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and prior allow an authenticated user to upload attachments to private Issues they are not authorized to access. This issue has been fixed in version 2.28.2...

Missing Authorization

Overview mantisbt/mantisbt is a mantis bug tracker. Affected versions of this package are vulnerable to Missing Authorization in the file visibility process. An attacker can access unauthorized file attachments by sending requests to the REST API or SOAP API endpoints. Remediation Upgrade...

CVE-2026-0548

The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized attachment deletion due to a missing capability check on the deleteexistinguserphoto function in all versions up to, and including, 3.9.4. This makes it possible for authenticated attackers, wi...

USN-7731-1 kmail vulnerabilities

Damian Poddebniak, Christian Dresen, Jens Müller, Fabian Ising, Sebastian Schinzel, Simon Friedberger, Juraj Somorovsky, and Jörg Schwenk discovered that KMail could be made to leak the plaintext of S/MIME encrypted emails when retrieving external content in emails. Under certain configurations, ...

Authorization

A security defect in Foundry's Comments functionality resulted in the retrieval of attachments to comments not being gated by additional authorization checks. This could enable an authenticated user to inject a prior discovered attachment UUID into other arbitrary comments to discover it's conten...

Tangro Business Workflow 授权问题漏洞

Tangro Business Workflow is a German Tangro company's internal control of the contents of SAP documents and the approval process for the visual drawing of the software. A vulnerability exists in Tangro Business Workflow prior to version 1.18.1 due to an authorization issue, which stems from a...

Vulnerability fixed in Microsoft SQL Server Reporting Services

There is a vulnerability in Microsoft SQL Server Reporting Services SSRS. The vulnerability exists in the Reporting Service instance due to incorrect validation of attachments to reports. If successfully exploited, the vulnerability enables an authenticated malicious person able to add unauthoriz...

CVE-2020-11879

An issue was discovered in GNOME Evolution before 3.35.91. By using the proprietary non-RFC6068 "mailto?attach=..." parameter, a website or other source of mailto links can make Evolution attach local files or directories to a composed email message without showing a warning to the user, as...

CVE-2020-11880

An issue was discovered in KDE KMail before 19.12.3. By using the proprietary non-RFC6068 "mailto?attach=..." parameter, a website or other source of mailto links can make KMail attach local files to a composed email message without showing a warning to the user, as demonstrated by an...

CVE-2020-11879

An issue was discovered in GNOME Evolution before 3.35.91. By using the proprietary non-RFC6068 "mailto?attach=..." parameter, a website or other source of mailto links can make Evolution attach local files or directories to a composed email message without showing a warning to the user, as...

CVE-2020-11880

An issue was discovered in KDE KMail before 19.12.3. By using the proprietary non-RFC6068 "mailto?attach=..." parameter, a website or other source of mailto links can make KMail attach local files to a composed email message without showing a warning to the user, as demonstrated by an...

CVE-2008-3745

The Upload module in Drupal 6.x before 6.4 allows remote authenticated users to edit nodes, delete files, and download unauthorized attachments via unspecified vectors...