UBUNTU-CVE-2026-33151

Socket.IO is an open source, real-time, bidirectional, event-based, communication framework. Prior to versions 3.3.5, 3.4.4, and 4.2.6, a specially crafted Socket.IO packet can make the server wait for a large number of binary attachments and buffer them, which can be exploited to make the server...

Chromium: CVE-2026-4453 Integer overflow in Dawn

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

PT-2026-26431

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. Versions prior to 7.15.1 and 8.9.3 contain a Server-Side Request Forgery SSRF vulnerability combined with a Denial of Service DoS condition in the RSS Feed Dashlet component. Versions 7.15.1 an...

CVE-2026-28498

Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.9, a library-level vulnerability was identified in the Authlib Python library concerning the validation of OpenID Connect OIDC ID Tokens. Specifically, the internal hash verification logic verifyhash...

CVE-2026-30850 Parse Server: File metadata endpoint bypasses `beforeFind` / `afterFind` trigger authorization

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.9 and 9.5.0-alpha.9, the file metadata endpoint GET /files/:appId/metadata/:filename does not enforce beforeFind / afterFind file triggers. When these triggers are used as...

CVE-2026-30839 Wallos: SSRF via webhook test endpoint

Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.6.2, testwebhooknotifications.php does not validate the target URL against private/reserved IP ranges, enabling full-read SSRF. The server response is returned to the caller. This issue has been patched in...

CVE-2026-30823 Flowise: IDOR leading to Account Takeover and Enterprise Feature Bypass via SSO Configuration

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, there is an IDOR vulnerability, leading to account takeover and enterprise feature bypass via SSO configuration. This issue has been patched in version 3.0.13...

SUSE CVE-2026-26999

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.38 and 3.6.9, there is a potential vulnerability in Traefik managing TLS handshake on TCP routers. When Traefik processes a TLS connection on a TCP router, the read deadline used to bound protocol sniffing is cleared befor...

CVE-2026-30831

Rocket.Chat prior to versions 7.10.8, 7.11.5, 7.12.5, 7.13.4, 8.0.2, 8.1.1, and 8.2.0 is affected by an authentication issue in the enterprise DDP Streamer’ Account.login that does not enforce 2FA or validate deactivated user status. The problem occurs in the DDP Streamer component and results in...

ROOT-OS-DEBIAN-13-CVE-2025-61726 CVE-2025-61726 in rootio-golang-1.24 - Patched by Root

Root has patched CVE-2025-61726 in the rootio-golang-1.24 package for Root:Debian:13. Multiple fixed versions available...

UBUNTU-CVE-2026-28802

Authlib is a Python library which builds OAuth and OpenID Connect servers. From version 1.6.5 to before version 1.6.7, previous tests involving passing a malicious JWT containing alg: none and an empty signature was passing the signature verification step without any changes to the application co...

CVE-2026-28438

CocoIndex is a data transformation framework for AI. Prior to version 0.3.34, the Doris target connector didn't verify the configured table name before creating some SQL statements ALTER TABLE. So, in the application code, if the table name is provided by an untrusted upstream, it expose...

CVE-2026-28676 OpenSift: Insufficient path containment checks in storage helpers could allow path traversal-style file operations

OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Prior to version 1.6.3-alpha, multiple storage helpers used path construction patterns that did not uniformly enforce base-directory containment. This created path-injection risk in file...

CVE-2026-27807

MarkUs is a web application for the submission and grading of student assignments. Prior to version 2.9.4, MarkUs allows course instructors to upload YAML files to create/update various entities e.g., assignment settings. These YAML files are parsed with aliases enabled. This issue has been patch...

CVE-2026-28210

FreePBX is an open source IP PBX. Prior to versions 16.0.49 and 17.0.7, FreePBX module cdr Call Data Record is vulnerable to SQL query injection. This issue has been patched in versions 16.0.49 and 17.0.7...

CVE-2026-28209

CVE-2026-28209 affects FreePBX where FreePBX versions 16.0.17.2–before 16.0.20 and 17.0.2.4–before 17.0.5 are vulnerable to a command injection in the recordings module when the ElevenLabs Text-to-Speech engine is used. Root cause: command injection arising in the recordings workflow. Impact is h...

CVE-2025-52468

Chamilo is a learning management system. Prior to version 1.11.30, an input validation vulnerability exists when importing user data from CSV files. This flaw occurs due to insufficient sanitization of user data, specifically in the "Last Name", "First Name", and "Username" fields. It allows...

SUSE CVE-2026-24834

Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In versions prior to 3.27.0, an issue in Kata with Cloud Hypervisor allows a user of the container to modify the file system used by the Guest micro VM...

PT-2026-23058

Name of the Vulnerable Software and Affected Versions changedetection.io versions prior to 0.54.4 Description The software contains a reflected cross-site scripting XSS issue in the /rss/tag/ endpoint. The tag uuid path parameter is directly included in the HTTP response without proper HTML...

OpenClaw exec allowlist safeBins short-option bypass could permit arbitrary file write

Summary OpenClaw exec allowlist/safeBins policy could be bypassed with attached short-option payloads for example sort -o/tmp/poc, enabling file-write operations while still satisfying safeBins checks. Affected Packages / Versions - Package: openclaw npm - Affected versions: = 2026.2.17 - Latest...