CVE-2026-42336

MaxKB is an open-source AI assistant for enterprise. MaxKB 2.8.0 and prior are vulnerable to a server-side request forgery SSRF bypass in the OSS file service URL fetch functionality due to inconsistent DNS resolution between validation and actual request execution, allowing attackers to access...

CVE-2026-42336 MaxKB: SSRF Bypass via DNS Rebinding in MaxKB OSS URL Fetch

MaxKB is an open-source AI assistant for enterprise. MaxKB 2.8.0 and prior are vulnerable to a server-side request forgery SSRF bypass in the OSS file service URL fetch functionality due to inconsistent DNS resolution between validation and actual request execution, allowing attackers to access...

CVE-2026-42337 MaxKB: Broken Access Control in MaxKB OSS URL Fetch API

MaxKB is an open-source AI assistant for enterprise. MaxKB 2.8.0 and prior are vulnerable to a broken access control vulnerability in the OSS file service URL fetch API chat/api/oss/geturl. The endpoint uses applicationid from the URL path without validating ownership, allowing attackers to perfo...

EUVD-2026-31988

MaxKB is an open-source AI assistant for enterprise. MaxKB 2.8.0 and prior are vulnerable to a broken access control vulnerability in the OSS file service URL fetch API chat/api/oss/geturl. The endpoint uses applicationid from the URL path without validating ownership, allowing attackers to perfo...

CVE-2026-42337

CVE-2026-42337 : MaxKB (open-source AI assistant) versions 2.8.0 and earlier are affected by a broken access control in the OSS file service URL fetch API (chat/api/oss/get_url). The endpoint uses the application_id from the URL path without validating ownership, allowing operations under other a...

PT-2026-43396

Name of the Vulnerable Software and Affected Versions MaxKB versions prior to 2.8.1 Description An issue exists in the OSS file service URL fetch endpoint "chat/api/oss/get url" where inconsistent URL parsing between the urlparse validation function and the requests HTTP client allows for a...

PT-2026-43397

Name of the Vulnerable Software and Affected Versions MaxKB versions prior to 2.8.1 Description An issue exists in the OSS file service URL fetch functionality where inconsistent DNS resolution occurs between the validation phase and the actual request execution. This allows for a server-side...

WordPress Slider by Soliloquy – Responsive Image Slider for WordPress plugin <= 2.8.1 - Authenticated (Subscriber+) Information Disclosure vulnerability

Authenticated Subscriber+ Information Disclosure vulnerability discovered by Kitch - KitchGlobal in WordPress Plugin Slider by Soliloquy versions = 2.8.1...

[SECURITY] Fedora 43 Update: mingw-expat-2.8.1-1.fc43

This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parse...

Astra Linux - уязвимость в freerdp2

FreeRDP is a free remote desktop protocol library and clients. Clients based on FreeRDP on Unix systems that use the /parallel command-line switch may read uninitialized data and send it to the server to which the client is currently connected. Server implementations based on FreeRDP are not...

Fedora 44 : expat (2026-4ef690dc30)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-4ef690dc30 advisory. Rebase to version 2.8.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...

CVE-2026-3604

The WP SEO Structured Data Schema plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the kcseoativetab parameter in all versions up to, and including, 2.8.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

PT-2026-39946

The WP SEO Structured Data Schema plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the kcseo ative tab parameter in all versions up to, and including, 2.8.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

Slackware Linux 15.0 / current expat Vulnerability (SSA:2026-132-01)

The version of expat installed on the remote host is prior to 2.7.5 / 2.8.1. It is, therefore, affected by a vulnerability as referenced in the SSA:2026-132-01 advisory. New expat packages are available for Slackware 15.0 and -current to fix a security issue. Tenable has extracted the preceding...

libexpat 安全漏洞

libexpat is a streaming XML parser written in C language by the libexpat team. Versions of libexpat prior to 2.8.1 had security vulnerabilities, which stemmed from the computational complexity of attribute name conflict checks. These vulnerabilities could potentially lead to denial-of-service...

PT-2026-39462

Name of the Vulnerable Software and Affected Versions libexpat versions prior to 2.8.1 Description The computational complexity of attribute name collision checks allows a denial of service when processing moderately sized crafted XML input. Recommendations Update to version 2.8.1 or later...

CVE-2026-39847

Emmett is a full-stack Python web framework designed with simplicity. From 2.5.0 to before 2.8.1, the RSGI static handler for Emmett's internal assets /emmett paths is vulnerable to path traversal attacks. An attacker can use ../ sequences eg /emmett/../rsgi/handlers.py to read arbitrary files...

PYSEC-2026-59

Emmett is a full-stack Python web framework designed with simplicity. From 2.5.0 to before 2.8.1, the RSGI static handler for Emmett's internal assets /emmett paths is vulnerable to path traversal attacks. An attacker can use ../ sequences eg /emmett/../rsgi/handlers.py to read arbitrary files...

PT-2026-31032

Name of the Vulnerable Software and Affected Versions Emmett versions 2.5.0 through 2.8.0 Description Emmett, a full-stack Python web framework, contains a path traversal flaw in its RSGI static handler for internal assets / emmett paths. An attacker can use '../' sequences in requests, such as '...

CVE-2026-32702

Cleanuparr is a tool for automating the cleanup of unwanted or blocked files in Sonarr, Radarr, and supported download clients like qBittorrent. From 2.7.0 to 2.8.0, the /api/auth/login endpoint contains a logic flaw that allows unauthenticated remote attackers to enumerate valid usernames by...