4633 matches found
CVE-2026-15085
Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal AI SEO/GEO Analyzer allows Stored XSS. This issue affects AI SEO/GEO Analyzer versions: from 0.0.0 to 1.1.3...
CVE-2026-15079
Improper Restriction of Excessive Authentication Attempts vulnerability in Drupal Login Disable allows Brute Force. This issue affects Login Disable versions: from 0.0.0 to 2.1.4...
CVE-2026-55810
Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Plotly.js Graphing allows Object Injection. This issue affects Plotly.js Graphing versions: from 0.0.0 to 3.0.2...
CVE-2026-10768
Missing Authorization vulnerability in Drupal LocalGov Workflows allows Forceful Browsing. This issue affects LocalGov Workflows versions: from 0.0.0 to 1.6.0...
CVE-2026-55882
Tilt defines dev environments as code for microservice apps on Kubernetes. From 0.19.5 through 0.37.3, the Tilt HUD server mounts Go net/http/pprof handlers under /debug with no access control. When the HUD or apiserver listener is network-exposed, an unauthenticated caller can read process memor...
CVE-2026-13039
The Eventin plugin for WordPress (versions 4.0.26–4.1.15) has an authorization bypass in payment_complete() via REST API due to insufficient verification of user authorization. Unauthenticated attackers can mark unpaid ticket orders as completed by submitting a fabricated SureCart checkout ID or ...
CVE-2026-2398
MobilMen 20T (Adam Retail Automation Ltd) is affected by CVE-2026-2398 due to an Authorization bypass via a User-Controlled key, enabling Privilege Escalation. Affected versions are MobilMen 20T v3 through 10072026. CVSS 3.1 base score 8.8 (Network, Low attack complexity, Privileges Required: Low...
Astro Cloudflare Adapter - Server Side Request Forgery
Astro is a web framework for content-driven websites. Versions 11.0.3 through 12.6.5 are vulnerable to SSRF when using Astro's Cloudflare adapter. When configured with output: 'server' while using the default imageService: 'compile', the generated image optimization endpoint doesn't check the URL...
EUVD-2026-34016
Tesla has CRLF injection in request Content-Type header via addcontenttypeparam...
Important: Red Hat Security Advisory: RHTAS 1.4.2 - Tech Preview Release Of the Model Validation Operator
The Tech Preview release of the RHTAS Model Validation Operator. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.4 The RHTAS Model Validation Operator can be used with OpenShift Container Platform 4.16, 4.17,...
EUVD-2026-42423
IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service...
EUVD-2026-42402
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.7 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user to execute arbitrary scripts in another user's browser session due to improper...
EUVD-2025-210441
OpenVPN Access Server 2.7.2 through 3.1.0 accepts bare line-feed sequences inside HTTP header values, allowing remote attackers to perform HTTP request smuggling when deployed behind a reverse proxy...
CVE-2026-53642
FOSSBilling is a free, open-source billing and client management system. In versions 0.5.6 through 0.7.2, when the "Require Email Confirmation" setting is enabled, a logged-in client with an unverified email address emailapproved = 0 can access all client-area pages e.g. /client/balance,...
CVE-2026-53646
FOSSBilling is a free, open-source billing and client management system. In versions 0.5.6 through 0.7.2, when a ClientPasswordReset record already exists for a client from a previous unexpired reset request, subsequent calls to the resetpassword guest API endpoint reuse the existing token instea...
CVE-2026-53642
FOSSBilling versions 0.5.6–0.7.2 expose a page‑level access control flaw: when Require Email Confirmation is on, a logged‑in client with email_approved = 0 can access any /client/* page and read real account data (wallet balances, transaction history). The API enforces restrictions correctly to p...
CVE-2026-34049
Coolify (open-source self-hosted) versions 4.0.0-beta.451–4.0.0-beta.470 have a command-injection risk in MongoDB backup handling where collection names do not fully validate shell metacharacters. An attacker with the ability to configure backup inputs and high privileges can inject commands into...
CVE-2026-58402 Hugo default code block renderer XSS via unescaped code-fence language
Hugo is a static site generator. From 0.60.0 until 0.163.3, Hugo's default code-block renderer wrote the Markdown code-fence language or info-string into the code class="language-…" data-lang="…" wrapper without HTML escaping. A fence info-string containing a quote and a script payload breaks out...
EUVD-2026-41880
OpenVPN version 2.6.0 through 2.6.20 and 2.7alpha1 through 2.7.4 allows remote attackers to cause a denial of service via a malformed authentication token that triggers a reachable assertion when external-auth is enabled...
CVE-2026-54893 Email-derived URL path injection in the Swoosh Microsoft Graph adapter
URL path injection in the Microsoft Graph adapter of Swoosh. Swoosh.Adapters.MsGraph builds its Microsoft Graph API request URL by interpolating the sender's email address into the URL path /users/from/sendMail without percent-encoding or validation. In applications that derive the from address...