CVE-2026-39864 Kamailio Auth: Processing Vulnerability For Additional Authenticated User Identity Checks

Kamailio is an open source implementation of a SIP Signaling Server. Prior to 6.0.5 and 5.8.7, an out-of-bounds read in the auth module of Kamailio formerly OpenSER and SER allows remote attackers to cause a denial of service process crash via a specially crafted SIP packet if a successful user...

EUVD-2022-29766

Malicious code in bioql PyPI...

CVE-2025-57811 Craft Potential Remote Code Execution via Twig SSTI

Craft is a platform for creating digital experiences. From versions 4.0.0-RC1 to 4.16.5 and 5.0.0-RC1 to 5.8.6, there is a potential remote code execution vulnerability via Twig SSTI Server-Side Template Injection. This is a follow-up to CVE-2024-52293. This vulnerability has been patched in...

WordPress ProfileGrid Plugin <= 5.8.7 is vulnerable to Broken Access Control

Software ProfileGrid Type Plugin Vulnerable versions = 5.8.7 Fixed in 5.8.8 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-37453 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID a60b5a00ba24 Credits Manab Jyoti Dowarah Required...

PT-2020-16024 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 5.7.x through 5.8.6 Description: The issue is related to incorrect reference counting of the struct page that backs the vsyscall page, caused by gate page mishandling in the get gate page function in mm/gup.c. This resul...