CLEANSTART-2026-JW92679 Security fixes for ghsa-8v2v-wjwg-vx6r applied in versions: 1.16.3-r0

Security vulnerability affects the qdrant package. This issue is resolved in later releases. See references for vulnerability details...

CLEANSTART-2026-RG93397 Security fixes for ghsa-8v2v-wjwg-vx6r applied in versions: 1.16.3-r0

Security vulnerability affects the qdrant package. This issue is resolved in later releases. See references for vulnerability details...

CVE-2026-44196

Pingvin Share X is a secure and easy self-hosted file sharing platform. From 1.14.1 to 1.16.2, a critical authentication bypass vulnerability allows an attacker who has obtained a valid username and password to skip the second-factor authentication TOTP requirement entirely. Although, an attacker...

EUVD-2026-29727

Pingvin Share X is a secure and easy self-hosted file sharing platform. From 1.14.1 to 1.16.2, a critical authentication bypass vulnerability allows an attacker who has obtained a valid username and password to skip the second-factor authentication TOTP requirement entirely. Although, an attacker...

CVE-2026-44196

Pingvin Share X (self-hosted file sharing) from versions 1.14.1–1.16.2 contains a critical authentication bypass that allows an attacker with valid credentials to skip the second-factor (TOTP) requirement. The attacker still needs the user’s password to reach this stage. The issue is fixed in 1.1...

CVE-2026-44196 Pingvin Share X: TOTP Authentication Bypass via Password-only Login

Pingvin Share X is a secure and easy self-hosted file sharing platform. From 1.14.1 to 1.16.2, a critical authentication bypass vulnerability allows an attacker who has obtained a valid username and password to skip the second-factor authentication TOTP requirement entirely. Although, an attacker...

Astra Linux - уязвимость в unbound

A vulnerability called “Non-Responsive Delegation Attack” NRDelegation Attack has been discovered in various DNS resolution software. The NRDelegation Attack operates by creating a malicious delegation with a significant number of non-responsive name servers. The attack begins by querying a...

CLEANSTART-2026-EM40436 Security fixes for ghsa-8v2v-wjwg-vx6r applied in versions: 1.16.3-r0

Security vulnerability affects the qdrant package. This issue is resolved in later releases. See references for vulnerability details...

BIT-KYVERNO-2026-23881 Kyverno Denial of Service via Context Variable Amplification in Policy Engine

Kyverno is a policy engine designed for cloud native platform engineering teams. Versions prior to 1.16.3 and 1.15.3 have unbounded memory consumption in Kyverno's policy engine that allows users with policy creation privileges to cause denial of service by crafting policies that exponentially...

SUSE CVE-2026-23881

Kyverno is a policy engine designed for cloud native platform engineering teams. Versions prior to 1.16.3 and 1.15.3 have unbounded memory consumption in Kyverno's policy engine that allows users with policy creation privileges to cause denial of service by crafting policies that exponentially...

CVE-2026-23881

CVE-2026-23881 affects Kyverno policy engine prior to versions 1.16.3 and 1.15.3, which exhibit unbounded memory consumption that can cause denial of service when policies with context variables are crafted by users with policy-creation privileges. The issue is resolved in 1.16.3 and 1.15.3 by a ...

CVE-2026-23881 Kyverno Denial of Service via Context Variable Amplification in Policy Engine

Kyverno is a policy engine designed for cloud native platform engineering teams. Versions prior to 1.16.3 and 1.15.3 have unbounded memory consumption in Kyverno's policy engine that allows users with policy creation privileges to cause denial of service by crafting policies that exponentially...

CVE-2026-23881 Kyverno Denial of Service via Context Variable Amplification in Policy Engine

Kyverno is a policy engine designed for cloud native platform engineering teams. Versions prior to 1.16.3 and 1.15.3 have unbounded memory consumption in Kyverno's policy engine that allows users with policy creation privileges to cause denial of service by crafting policies that exponentially...

CVE-2026-22039 Kyverno Cross-Namespace Privilege Escalation via Policy apiCall

Kyverno is a policy engine designed for cloud native platform engineering teams. Versions prior to 1.16.3 and 1.15.3 have a critical authorization boundary bypass in namespaced Kyverno Policy apiCall. The resolved urlPath is executed using the Kyverno admission controller ServiceAccount, with no...

PT-2026-4956

Name of the Vulnerable Software and Affected Versions Kyverno versions prior to 1.16.3 Kyverno versions prior to 1.15.3 Description Kyverno is a policy engine for cloud native platform engineering teams. Affected versions experience unbounded memory consumption within the policy engine. Users wit...

EUVD-2018-2921

Malware in sbrugna...

CVE-2025-50058 Extension - rsjoomla.com - Stored XSS vulnerability in RSDirectory! component 1.16.3-1.17.7 for Joomla

A stored XSS vulnerability in the RSDirectory! component 1.0.0-2.2.8 Joomla was discovered. The issue allows remote authenticated attackers to inject arbitrary web script or HTML via the review reply component...

CVE-2024-52422

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Terry Lin WP Githuber MD allows Stored XSS.This issue affects WP Githuber MD: from n/a through 1.16.3...

PT-2024-35262 · Terry Lin · Wp Githuber Md

Name of the Vulnerable Software and Affected Versions: Terry Lin WP Githuber MD versions 1.16.3 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks. Recommendations...

WordPress WP Githuber MD Plugin <= 1.16.3 is vulnerable to Cross Site Scripting (XSS)

Software WP Githuber MD Type Plugin Vulnerable versions = 1.16.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-52422 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 80930d0544eb Credits Fazle Mawla Required privilege Contribut...