CVE-2026-40889 Frappe HR has Improper Access Control on Files

Frappe HR is an open-source human resources management solution HRMS. Prior to versions 15.58.2 and 16.4.2, authenticated users can access unauthorized files by exploiting certain api endpoint. Versions 15.58.2 and 16.4.2 contain a patch. No known workarounds are available...

PT-2024-15250 · Opentext · Opentext Directory Services

Name of the Vulnerable Software and Affected Versions: OpenText Directory Services versions 16.4.2 through 24.1 Description: The issue is related to an Improper Limitation of a Pathname to a Restricted Directory, also known as a Path Traversal vulnerability. This vulnerability allows Path Travers...

Heap overflow

Adobe InDesign versions 16.4.2 and earlier and 17.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious...

Adobe InCopy 缓冲区错误漏洞

Adobe InCopy is an application produced by Adobe for professional word processing. Adobe InCopy 17.3 and 16.4.2 and previous versions have an out-of-bounds read vulnerability that can be exploited by attackers to bypass mitigations such as ASLR and gain access to sensitive information...

PT-2022-5083 · Adobe · Indesign

Name of the Vulnerable Software and Affected Versions: Adobe InDesign versions 16.4.2 and earlier Adobe InDesign versions 17.3 and earlier Description: The issue is related to an out-of-bounds read in memory, which could allow an attacker to disclose sensitive information. This could potentially ...