CVE-2026-44440

ERPNext is a free and open source Enterprise Resource Planning tool. Prior to 15.101.1 and 16.10.0, an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability on an endpoint allows an authenticated adjacent attacker to read arbitrary files. This vulnerability is...

PT-2024-36405 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 16.10.0 through 16.10.5 GitLab CE/EE versions 16.11.0 through 16.11.2 Description: The issue allows an attacker to crash KAS via crafted gRPC requests, potentially leading to a denial of service. Recommendations: For...