EulerOS Virtualization 2.12.1 : libpng (EulerOS-SA-2026-2079)

According to the versions of the libpng package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via pngcreatereadstruct...

PT-2026-47155

cursor CVE-2026-50549 + 50548 is the agent sandbox escape story of the week. symlink canonicalization failure + a writable working directory = the agent walks itself out of the box and runs as you. anyone on an older cursor build right now is a bug bounty program's easiest p1...

PT-2026-47153

Name of the Vulnerable Software and Affected Versions JingDong JD Cloud Box AX6600 version 4.5.3.r4546 Description A stack-based buffer overflow can be triggered remotely via the set macfilter function located in the /sbin/jdcweb rpc file. A stack-based buffer overflow occurs when a program write...

PT-2026-47141

The Klamra Paycal for Aspaclaria plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.1.4 via the 'invoice id' parameter due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with...

EulerOS Virtualization 2.13.1 : gnupg2 (EulerOS-SA-2026-2128)

According to the versions of the gnupg2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In GnuPG before 2.4.9, armorfilter in g10/armor.c has two increments of an index variable where one is intended, leading to an...

CVE-2026-8608 Event Monster <= 2.1.0 - Unauthenticated Insufficient Verification of Data Authenticity to Payment Bypass via em_capture_payment AJAX Action

The Event Monster – Event Management, Events Calendar, Tickets plugin for WordPress is vulnerable to Insufficient Verification of Data Authenticity in versions up to, and including, 2.1.0. This is due to the capturepayment AJAX handler registered via wpajaxnoprivemcapturepayment trusting...

CVE-2026-10038

The Charitable – Donation Plugin for WordPress (Charitable) up to version 1.8.11.1 is affected by an Insecure Direct Object Reference/Authorization Bypass that enables Arbitrary Attachment Deletion via the profile avatar update flow. The issue stems from save_avatar() calling wp_delete_attachment...

CVE-2026-9290

The affected product is the WordPress plugin “WP User Manager – User Profile Builder & Membership.” CVE-2026-9290 describes a Local File Inclusion (LFI) vulnerability in all versions up to and including 2.9.17, exploitable via the profile template scope function. This allows unauthenticated attac...

CVE-2026-8900 Simple SEO Slideshow <= 1.2.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes

The Simple SEO Slideshow plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Shortcode Attributes in all versions up to, and including, 1.2.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level...

CVE-2026-8900

The CVE-2026-8900 entry concerns the WordPress plugin Simple SEO Slideshow (versions up to and including 1.2.8). The vulnerability is a Stored Cross-Site Scripting (XSS) via shortcode attributes , caused by insufficient input sanitization and output escaping. An authenticated attacker with contri...

CVE-2026-8900 Simple SEO Slideshow <= 1.2.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes

The Simple SEO Slideshow plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Shortcode Attributes in all versions up to, and including, 1.2.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level...

CVE-2026-8893 Express Payment For Stripe <= 1.28.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes

The Express Payment For Stripe plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'type' attribute of the stripe-express shortcode in versions up to, and including, 1.28.0. This is due to insufficient input sanitization and output escaping on the shortcode attribute value,...

Exploit for CVE-2024-34070

CVE-2024-34070 Froxlor PoC Python proof of concept for CVE-20...

CVE-2026-11424

A server-side request forgery SSRF vulnerability exists in a GraphQL service component shared by Altium Enterprise Server and Altium 365. An authenticated user can submit a request whose input is treated as a URL by the server and used to issue an outbound HTTP GET request without URL validation ...

Bugsink: DOS using large numbers of event tags

Summary In affected versions, Bugsink stores every tag supplied with an incoming event. An event with an unusually large number of custom i.e. supplied by an attacker tags can therefore make ingestion spend more time than intended writing tag rows. Bugsink uses a single-writer database...

MINI-JGP4-R72P-C688

Bulletin has no description...

Bugsink: Project scoping missing in sourcemap and debug-file lookup

Summary Bugsink before 2.2.0 resolved sourcemaps and debug files by debug ID without scoping that lookup to the project that owned the uploaded metadata. An authenticated user with access to one project could cause event processing in that project to use sourcemap/debug-file metadata uploaded for...

EUVD-2026-31860

Bugsink: Project scoping missing in sourcemap and debug-file lookup...

EUVD-2026-31862

Bugsink: Issue bulk actions can affect another project’s issue if its UUID is known...

CVE-2026-11431

CVE-2026-11431 describes a path traversal in Altium’s Projects Service download endpoint used by Altium Enterprise Server and Altium 365. An authenticated user can supply a crafted path that bypasses validation, enabling reading arbitrary files (including entire directories returned as archives) ...