PT-2026-47080

Name of the Vulnerable Software and Affected Versions NocoDB versions prior to 2026.05.1 Description The 'connection-test' endpoint opens a raw TCP socket to a user-supplied database host without resolving or range-checking the destination. This allows private and link-local addresses, including...

PT-2026-47075

Name of the Vulnerable Software and Affected Versions LatePoint – Calendar Booking Plugin for Appointments and Events versions prior to 5.6.1 Description The plugin is affected by Cross-Site Request Forgery, a flaw where an attacker tricks a victim into performing actions they did not intend to...

PT-2026-46911

Name of the Vulnerable Software and Affected Versions Product Slider Pro for WooCommerce versions prior to 3.5.4 Description Improper validation of input parameters related to specified quantities allows unauthenticated remote attackers to implant malicious software and execute arbitrary commands...

PT-2026-47046

Name of the Vulnerable Software and Affected Versions Arista Edge Threat Management - Arista Next Generation Firewall NGFW version 17.4.0 Description An infrastructure issue in the Reports application is caused by insecure input validation, which occurs when a program does not properly verify the...

PT-2026-47040

Name of the Vulnerable Software and Affected Versions HAX CMS versions 11.0.6 through 24.x Description The file upload functionality in HAXCMS PHP validates file extensions using a regex pattern but fails to verify the actual file content or MIME type Multipurpose Internet Mail Extensions, a...

PT-2026-46927

Improper input validation in Samsung Members prior to version 5.8.01.5 allows local attackers to access arbitrary URL and launch arbitrary activity with Samsung Members privilege...

PT-2026-46925

Improper input validation in Samsung Plus TV prior to version 1.0.28.6 allows remote attackers to access sensitive information...

PT-2026-46928

Improper input validation in Samsung Android USB Driver for Windows prior to version 1.9.5.0 allows local attacker to access out-of-bounds memory...

Linux Distros Unpatched Vulnerability : CVE-2026-10969

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer...

Linux Distros Unpatched Vulnerability : CVE-2026-11272

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Reading List in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who convinced a user to enga...

Linux Distros Unpatched Vulnerability : CVE-2026-11244

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in WebAuthentication in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the render...

Linux Distros Unpatched Vulnerability : CVE-2026-11220

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Navigation in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer...

Linux Distros Unpatched Vulnerability : CVE-2026-11237

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process t...

Linux Distros Unpatched Vulnerability : CVE-2026-11213

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Reading Mode in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer...

Linux Distros Unpatched Vulnerability : CVE-2026-11223

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process...

Linux Distros Unpatched Vulnerability : CVE-2026-11016

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process...

Linux Distros Unpatched Vulnerability : CVE-2026-11241

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Cast in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to perform privilege...

PT-2026-46996

Name of the Vulnerable Software and Affected Versions NocoDB versions prior to 2026.04.1 Description Public shared-view endpoints expose values from columns that the view owner had hidden through three independent paths. First, the groupBy function returns raw values for any column named in the...

PT-2026-47048

Name of the Vulnerable Software and Affected Versions Arista Edge Threat Management - Arista Next Generation Firewall NGFW affected versions not specified Description An input validation issue in the browser management pipeline allows authenticated administrators to execute terminal script code o...

Security update for perl-HTTP-Tiny (moderate)

openSUSE Security Update: Security update for perl-HTTP-Tiny Announcement ID: openSUSE-SU-2026:0191-1 Rating: moderate References: 1264992 Cross-References: CVE-2026-7010 Affected Products: openSUSE Backports SLE-15-SP7 An update that fixes one vulnerability is now available. Description:This...