EUVD-2026-34100

RockRMS v16.13 and before v.17.7.0 is vulnerable to Cross Site Scripting XSS via Social Media links in user profile...

PT-2026-45923

The ugw-logread method allows a remote attacker with user privileges to access arbitrary local files due to insufficient validation of user-supplied input...

PT-2026-46043

Name of the Vulnerable Software and Affected Versions ERPNext version 16.16.0 Description An authenticated user with permissions to edit Item records can inject arbitrary HTML or JavaScript into the item name, description, or image fields of an Item. This leads to unescaped rendering in the Point...

PT-2026-45924

A remote attacker with user privileges can exploit a stack buffer overflow to gain full system access as root...

PT-2026-46093

Summary Jupyter Enterprise Gateway has a prohibited UID and GID feature that by default prevents launching kernels with UID or GID 0 root. This can be bypassed. It is possible to launch kernels with a prohibited UID and/or GID by using a specially crafted KERNEL UID or KERNEL GID value. The featu...

PT-2026-46124

Summary Jupyter Enterprise Gateway has a prohibited UID and GID feature that by default prevents launching kernels with UID or GID 0 root. This can be bypassed. It is possible to launch kernels with a prohibited UID and/or GID by using a specially crafted KERNEL UID or KERNEL GID value. The featu...

Linux Distros Unpatched Vulnerability : CVE-2026-47333

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which can potentially incorrectly compute the size of an internal buffer, leading to a heap memory...

CVE-2026-36748

RockRMS v16.13 and before v.17.7.0 is vulnerable to Cross Site Scripting XSS via Social Media links in user profile...

Linux Distros Unpatched Vulnerability : CVE-2026-47328

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly attempt to free a pointer which was not previously kmallocd, while at the same...

RockyLinux 10 : systemd (RLSA-2026:18153)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:18153 advisory. systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump CVE-2025-4598 Tenable has...

CVE-2026-31942

LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. In versions up to and including 0.7.6, an Insecure Direct Object Reference IDOR vulnerability exists in the API keys management endpoint PUT /api/keys. Due to the use of the JavaScript object spread operator after setting...

CVE-2026-32625

LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. In versions up to and including 0.8.3, the Model Context Protocol MCP server integration resolves $VAR placeholders against the server's process.env during Zod schema validation of user-supplied MCP server URLs. Any...

CVE-2026-31942

LibreChat (up to version 0.7.6) is affected by an Insecure Direct Object Reference (IDOR) in the API keys management endpoint (PUT /api/keys). After setting the authenticated user’s ID, an attacker can inject a userId parameter in the request body to overwrite other users’ API keys (e.g., OpenAI,...

CVE-2026-31942 LibreChat has IDOR in API Keys Management that allows any authenticated user to overwrite other users' API keys

LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. In versions up to and including 0.7.6, an Insecure Direct Object Reference IDOR vulnerability exists in the API keys management endpoint PUT /api/keys. Due to the use of the JavaScript object spread operator after setting...

OpenSSH: OpenSSH: Low integrity impact from unconfirmed proxy-mode multiplexing sessions

A flaw was found in OpenSSH. This vulnerability allows for a low integrity impact due to the omission of connection multiplexing confirmation for proxy-mode multiplexing sessions. A local user, under specific and complex conditions requiring user interaction, could potentially establish a...

OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode

A flaw was found in OpenSSH. When the scp command is used by a root user to download a file with the legacy protocol option -O and without preserving original file permissions -p, the downloaded file can be installed with elevated privileges setuid or setgid. This unexpected behavior could allow ...

CVE-2026-0046

In InputInterceptor of Letterbox.java, there is a possible way to trick a user into accepting a permission due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-5515

IBM App Connect Enterprise 13.0.1.0 through 13.0.7.0 stores potentially sensitive information in log files that could be read by a local user...

CVE-2025-48595

In multiple locations, there is a possible way to achieve code execution due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2022-4991

Tychon includes an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory that may be controllable by an unprivileged user on Windows. Tychon contains a privileged service that uses this OpenSSL component. A user who can place a specially-crafted openssl.cnf file at an...