CVE-2026-47172 Quest Bot: Untrusted pull request code can be built and deployed by privileged `workflow_run` deployment.

Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.3, the repository has a privileged deploy workflow that runs after the unprivileged build workflow completes. The build workflow runs on pull requests, and the deploy workflow checks ou...

Security Bulletin: IBM Engineering Lifecycle Management - Engineering Workflow Management is impacted by vulnerabilities in Eclipse Paho Java client library

Summary A vulnerability has been identified in Eclipse Paho Java client library, which is used in IBM Engineering Lifecycle Management - Engineering Workflow Management . Vulnerability Details CVEID:CVE-2019-11777 DESCRIPTION: In the Eclipse Paho Java client library version 1.2.0, when connecting...

PT-2026-48713

In Duck Site before version 1.0.1, the repository has a deploy workflow that runs after the build workflow completes. The build workflow runs on pull requests, while the deploy workflow runs with package-write permissions and deployment secrets. If an attacker can make a pull request build satisf...

PT-2026-48720

Name of the Vulnerable Software and Affected Versions KanaDojo affected versions not specified Description A command injection issue exists where an attacker with pull request access can execute arbitrary shell commands. This occurs when shell metacharacters are inserted into the version or chang...

Duck Site 安全漏洞

Duck Site is a website content management tool open source by the Duck Organization. Versions of Duck Site prior to 1.0.1 contained security vulnerabilities. These vulnerabilities stemmed from improper deployment of workflow condition checks, which could allow attacker-controlled pull request cod...

Quest Bot 安全漏洞

Quest Bot is a multi-functional Discord community management robot developed by Duck Organization. Versions of Quest Bot prior to 1.0.3 contained security vulnerabilities. These vulnerabilities stemmed from improper deployment of workflow condition checks. This allowed attackers to construct...

CVE-2026-2638

A vulnerability in the quarantine and restore workflow of the X-VPN macOS website versions 77.0 through 77.5 allow a local attacker to leverage a race condition and symlink manipulation to achieve privileged file corruption...

PT-2026-48540

Due to the combination of checking out PR head branches attacker-controlled, reading .mcp.json from the working directory via default setting sources, and unconditionally enabling all project MCP servers via enableAllProjectMcpServers, it was possible for an attacker who opened a PR containing a...

EUVD-2026-35869

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.1, a stored cross-site scripting vulnerability in the prescription CSS/HTML multi-print feature allows a patient portal user to execute arbitrary JavaScript in a...

Malicious code in create-docs-mcp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd4381fd77419441a2eefe6b22adef6c9f5adfe1b92be5d071abd5908fdf8647 Package is published at version 9999.99.99 — the canonical high-version override used in dependency-confusion attacks against private/internal packag...

MAL-2026-5403 Malicious code in t-invest-mcp-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 46c186ac158f68845fc995a94d15d44c2b65a521d2619d2850232e58f4a61419 Package is a dependency-confusion squat: package.json sets version 9999.99.99 the canonical max-version trick used to win resolution against any...

Description of the security update for SharePoint Server Subscription Edition: June 9, 2026 (KB5002873)

Description of the security update for SharePoint Server Subscription Edition: June 9, 2026 KB5002873 Summary Important: If you're currently running SharePoint Workflow Manager, you must install SharePoint Workflow Manager KB5002799 to your farm before you install this cumulative update. If you'r...

Description of the security update for SharePoint Server 2016: June 9, 2026 (KB5002880)

Description of the security update for SharePoint Server 2016: June 9, 2026 KB5002880 Summary Important: If you're currently running SharePoint Workflow Manager, you must install the SharePoint Workflow Manager KB5002799 to your farm before you install this cumulative update. If you're currently...

Description of the security update for SharePoint Server 2019: June 9, 2026 (KB5002874)

Description of the security update for SharePoint Server 2019: June 9, 2026 KB5002874 Summary Important: If you're currently running SharePoint Workflow Manager, you must install the SharePoint Workflow Manager KB5002799 to your farm before you install this cumulative update. If you're currently...

CVE-2026-2638

A vulnerability in the quarantine and restore workflow of the X-VPN macOS website versions 77.0 through 77.5 allow a local attacker to leverage a race condition and symlink manipulation to achieve privileged file corruption...

EUVD-2026-35404

A vulnerability in the quarantine and restore workflow of the X-VPN macOS website versions 77.0 through 77.5 allow a local attacker to leverage a race condition and symlink manipulation to achieve privileged file corruption...

CVE-2026-2638 X-VPN macOS website versions - Local Privilege Escalation

A vulnerability in the quarantine and restore workflow of the X-VPN macOS website versions 77.0 through 77.5 allow a local attacker to leverage a race condition and symlink manipulation to achieve privileged file corruption...

CVE-2026-2638

Technical details beyond the summary are not publicly available in the provided documents. Monitor for updates.

CVE-2026-2638 X-VPN macOS website versions - Local Privilege Escalation

A vulnerability in the quarantine and restore workflow of the X-VPN macOS website versions 77.0 through 77.5 allow a local attacker to leverage a race condition and symlink manipulation to achieve privileged file corruption...

CVE-2026-46481

OpenMetadata is a unified metadata platform. Prior to version 1.12.4, a non-admin SSO user can trigger a TESTCONNECTION workflow for a Database Service and receive, in the HTTP 201 response of POST /api/v1/automations/workflows, both the cleartext database password in...