ROOT-OS-DEBIAN-11-CVE-2022-48814 CVE-2022-48814 in rootio-linux - Patched by Root

Root has patched CVE-2022-48814 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

ROOT-OS-DEBIAN-11-CVE-2025-40266 CVE-2025-40266 in rootio-linux - Patched by Root

Root has patched CVE-2025-40266 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

ROOT-OS-DEBIAN-11-CVE-2022-48674 CVE-2022-48674 in rootio-linux - Patched by Root

Root has patched CVE-2022-48674 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

ROOT-OS-DEBIAN-11-CVE-2025-38560 CVE-2025-38560 in rootio-linux - Patched by Root

Root has patched CVE-2025-38560 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

ROOT-OS-DEBIAN-11-CVE-2025-68261 CVE-2025-68261 in rootio-linux - Patched by Root

Root has patched CVE-2025-68261 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

ROOT-OS-DEBIAN-11-CVE-2025-39757 CVE-2025-39757 in rootio-linux - Patched by Root

Root has patched CVE-2025-39757 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

ROOT-OS-DEBIAN-11-CVE-2024-38543 CVE-2024-38543 in rootio-linux - Patched by Root

Root has patched CVE-2024-38543 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

ROOT-OS-DEBIAN-11-CVE-2025-39835 CVE-2025-39835 in rootio-linux - Patched by Root

Root has patched CVE-2025-39835 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

ROOT-OS-DEBIAN-11-CVE-2025-71268 CVE-2025-71268 in rootio-linux - Patched by Root

Root has patched CVE-2025-71268 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

ROOT-OS-DEBIAN-11-CVE-2022-49164 CVE-2022-49164 in rootio-linux - Patched by Root

Root has patched CVE-2022-49164 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

CVE-2026-11453 Tiobon Employee Self-Service System Login Endpoint BlogSearch.aspx sql injection

A vulnerability was found in Tiobon Employee Self-Service System up to 7.2. Affected by this vulnerability is an unknown functionality of the file /Blog/BlogSearch.aspx of the component Login Endpoint. The manipulation of the argument Keyword results in sql injection. The attack can be launched...

EUVD-2026-34981

A vulnerability was detected in GL.iNet GL-MT3000 4.4.5. This affects the function dlopen in the library /usr/lib/oui-httpd/rpc/ of the component Path Normalization Handler. Performing a manipulation of the argument devname results in command injection. It is possible to initiate the attack...

CVE-2026-11448

CVE-2026-11448 affects GL.iNet GL-MT3000 up to version 4.4.5. The vulnerability resides in the Minidlna Service, where the /rpc realpath function can be manipulated via the kube.set argument to cause a remote command injection. The issue can be triggered over the network without user interaction,...

CVE-2026-11448 GL.iNet GL-MT3000 Minidlna Service rpc realpath command injection

A weakness has been identified in GL.iNet GL-MT3000 up to 4.4.5. The affected element is the function realpath of the file /rpc of the component Minidlna Service. This manipulation of the argument kube. set causes command injection. The attack is possible to be carried out remotely. Upgrading to...

CVE-2026-11447

Summary: CVE-2026-11447 affects GL.iNet GL-MT3000 (firmware up to 4.4.5), specifically the MTK Backend component’s file iwinfo.so and the function iwinfo_backend. By manipulating the device argument, an attacker can trigger a remote command injection , with exploitation reportedly public. The iss...

EUVD-2026-34978

A security flaw has been discovered in GL.iNet GL-MT3000 up to 4.4.5. Impacted is the function iwinfobackend of the file iwinfo.so of the component MTK Backend. The manipulation of the argument device results in command injection. The attack can be executed remotely. The exploit has been released...

CVE-2026-11447 GL.iNet GL-MT3000 MTK Backend iwinfo.so iwinfo_backend command injection

A security flaw has been discovered in GL.iNet GL-MT3000 up to 4.4.5. Impacted is the function iwinfobackend of the file iwinfo.so of the component MTK Backend. The manipulation of the argument device results in command injection. The attack can be executed remotely. The exploit has been released...

CVE-2026-8900

The Simple SEO Slideshow plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Shortcode Attributes in all versions up to, and including, 1.2.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level...

CVE-2026-7523

The Alba Board plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.1.3. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level access...

CVE-2026-8893

The Express Payment For Stripe plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'type' attribute of the stripe-express shortcode in versions up to, and including, 1.28.0. This is due to insufficient input sanitization and output escaping on the shortcode attribute value,...