365298 matches found
CVE-2026-12535
Technical details are not publicly available in the provided documents; monitor for updates.
CVE-2026-55226
PT Security reports that Strimzi 1.0.1 patch release fixes CVE-2026-55226 (and CVE-2026-55225). No technical details about the vulnerability are provided in the connected documents. Risk, affected components, and remediation specifics beyond the upgrade are not disclosed.
CVE-2026-55809
Technical details for CVE-2026-55809 are not publicly available in the provided documents. Monitor for updates.
CVE-2026-55810
Technical details for CVE-2026-55810 are not provided in the supplied documents; monitor for updates.
CVE-2026-54069
Affected software: SiYuan Note ≤ 3.6.5. Vulnerability: Authentication bypass via the CheckAuth middleware, which unconditionally trusts chrome-extension:// origins and grants RoleAdministrator access to requests with spoofed Origin headers. Impact: Full admin API access, with potential data exfil...
CVE-2026-55225
PTSecurity notes that Strimzi 1.0.1 patch release fixes two CVEs: CVE-2026-55225 and CVE-2026-55226. The initial CVE-2026-55225 entry is reserved/no details, but the connected PT entries confirm a published patch release addressing these CVEs. No technical details (impact, affected components, ex...
CVE-2026-55092
Technical details for CVE-2026-55092 are not publicly available in the provided documents; monitor for updates.
CVE-2026-9012
Summary of connected document details for CVE-2026-9012: PT-Security report PT-2026-50548 references CVE-2026-9012 as an arbitrary directory traversal flaw in the Windows Kernel used as a delivery mechanism for a new feature (“Smart Scrapbook”). The description attributes a root cause to a direct...
CVE-2026-36418
The CVE concerns JimuReport versions ≤ 2.3.4, where remote code execution is possible via the /jmreport/executeSelectApi endpoint due to inadequate validation of user input passed to the Aviator expression engine. This is caused by improper handling of Aviator expressions, allowing arbitrary code...
CVE-2026-49463
CVE-2026-49463 context: PT-2026-50546 clarifies that an earlier fix in NL Portal (pre-3.0.3) was incomplete: an authorization parameter added to a GraphQL query was not used and a vulnerable REST endpoint remained. Impact: authenticated users could access documents belonging to other users if the...
CVE-2025-66391
CVE-2025-66391 affects Citrix Cloud (through 2025-11-10). A read-only account can trigger a write-workflow; specifically, when attempting to reset a user password, the system may send a one-time password to an attacker-controlled email address. This describes a potential confidentiality/integrity...
CVE-2026-39199
The CVE-2026-39199 entry affects snes9x 1.63 and describes an out-of-bounds write that leads to a denial of service when processing a crafted .ups patch file. The vulnerability is tied to the emulator’s handling of UP.patch data, causing a crash (DoS) when a malicious or malformed patch is loaded...
CVE-2026-55675
Technical details for CVE-2026-55675 are not publicly available in the provided documents. No affected products, impact, or remediation information are disclosed. Monitor for updates from the sources referenced in the connected documents.
CVE-2026-20706
CVE-2026-20706 is a reserved entry; connected documents reveal a concrete vulnerability in Gitea: the web archive download endpoint (/archive/) accepts OAuth2 tokens with non-repository scopes, enabling access to private repository archives. The issue arises because checkDownloadTokenScope is not...
CVE-2026-27783
CVE-2026-27783 maps to a Gitea issue-template/config exposure: three API endpoints (GET /repos/{owner}/{repo}/issue_templates, /issue_config, /issue_config/validate) read from the repository Code default branch without the unit-based access guard (reqRepoReader). This allows a user with any repos...
CVE-2026-25714
Technical details for CVE-2026-25714 are not publicly available in the provided documents. Monitor for updates.
CVE-2026-26231
CVE-2026-26231 has connected details via GHSA-MM7C-RHG6-QR4R describing a Gitea authorization bypass: an authenticated, low-privilege user with read access can abuse the PR flow to push arbitrary commits to a repository. The flaw stems from the PR creation flow binding allow_maintainer_edit=true ...
CVE-2026-52797
Summary: Multiple sources describe a Gogs vulnerability (GHSA-PM6V-2H4W-4RP2) that allows an authorized user to exploit a path-traversal flaw in the GetDiffPreview workflow to execute a git diff on an arbitrary path and potentially overwrite files (e.g., gogs.db) via the --output option, causing ...
CVE-2026-28744
Summary: Gitea 1.26.1 is affected by a vulnerability in the Git Smart HTTP path where repository-scoped token checks run only for Basic authentication. Bearer/OAuth2 tokens can bypass scope enforcement, potentially allowing clones/pushes to private repositories without the required scope. The iss...
CVE-2026-48797
Backpropagate is a Python library for fine-tuning LLMs on a single GPU. In versions 1.1.0 and 1.1.1, the Reflex web UI exposes a training control plane without authentication, allowing dataset upload, model load, training control, multi-run orchestration, GGUF export, and HuggingFace Hub push. Th...
CVE-2026-44587
CarrierWave (Ruby) before versions 2.2.7 and 3.1.3 contains a denylisted_content_type bypass: denylist entries are interpolated into a regex without Regexp.quote or a start anchor, so entries like image/svg+xml render the pattern that fails to match the real MIME type (e.g., /image/svg+x/). This ...
CVE-2026-48929
Rocket.Chat versions older than 8.5.1, 8.4.4, 8.3.6, 8.2.6, 8.1.6, 8.0.7, 7.13.9, and 7.10.13 are vulnerable to unauthenticated file deletion through the deleteFileMessage Meteor method. When called over an unauthenticated DDP WebSocket connection, Meteor.userId() returns null, bypassing the auth...
CVE-2026-48616
CVE-2026-48616 affects Rocket.Chat Livechat file downloads in multiple legacy branches (versions
CVE-2026-48782
CVE-2026-48782 affects Pydantic AI (versions 1.56.0–1.101.0, 2.0.0b1, 2.0.0b2) where the cloud-metadata blocklist can be bypassed by IPv6 transition forms that previous fixes did not decode. The IPv6 forms bypassing the blocklist can expose cloud IAM short-term credentials when an app uses force_...
CVE-2026-48788
CVE-2026-48788 affects Remark42 (versions 1.6.0–1.15.0). The known issue is a content-type spoofing-based XSS in the image proxy: during download the proxy checks Content-Type headers to decide if a resource is an image, but the serving phase sniffing can differ, leading to a mismatch that lets H...
CVE-2026-48745
CVE-2026-48745 – Traccar Client : A vulnerability in Traccar Client
CVE-2026-47277
Runtipi pre-4.10.0 is affected by an unauthenticated arbitrary file read through app-store logo symlinks. In versions 4.9.1–4.9.3, the public endpoint serves marketplace logos from files inside cloned app-store repositories; a logo symlink (e.g., metadata/logo.jpg) can cause the target file to be...
CVE-2026-48783
CVE-2026-48783 affects Postiz prior to version 2.21.8. An unauthenticated endpoint (/public/modify-subscription) accepted a signed token and applied subscription-enforcement side effects to the organization in the token’s claims without verifying the token’s intended purpose. The endpoint could n...
CVE-2026-2604
Summary: CVE-2026-2604 affects evolution-data-server. An inconsistent comparison logic in the addressbook backend lets a Flatpak/D-Bus user craft a malicious URI with directory traversal sequences. This URI is stored during contact creation/modification and later rechecked with lower strictness d...
CVE-2026-48781
Summary (CVE-2026-48781): Postiz (AI social media scheduler) versions before 2.21.8 are affected. The Skool integration callback could sign an attacker-controlled JSON blob into a session-shape JWT using the app’s JWT_SECRET, and the authentication middleware trusted every claim without re-resolv...
CVE-2026-48779
Technical details for CVE-2026-48779 are not publicly available in the provided documents. Monitor for updates from the listed sources; the initial description includes affected versions and fixes, but no further technical specifics are provided here.
CVE-2026-25470
CVE-2026-25470 : Unauthenticated RCE in WordPress ACPT (Pro) – Custom Post Types Plugin for WordPress (ACPT) 2.0.47 if available; no public patch details provided in the documents. Exploitation status is not provided in the connected documents. Monitor for updates and vendor advisories for a con...
CVE-2026-39598
CVE-2026-39598 concerns WordPress Academy LMS Pro plugin (pre-3.5.2). The vulnerability is an Unrestricted Upload of File with a Dangerous Type, enabling an attacker to upload a web shell to the web server. Affected: Academy LMS Pro prior to 3.5.2. CVSS 3.1 metrics indicate NETWORK attack Vector,...
CVE-2026-49073
Summary: CVE-2026-49073 affects the WordPress plugin Directorist Booking (wpWax Directorist Booking) versions up to 3.0.3. The issue is an SQL Injection in the plugin, allowing blind SQL injection through improper neutralization of special elements in SQL commands. The CVSSBase score is 8.5 (HIGH...
CVE-2026-48055
Streambert (Electron-based desktop app) has a Zip Slip vulnerability in its subtitle extraction logic affecting versions up to 2.4.0. The code concatenates raw archive entry names to a temporary directory, enabling path traversal and arbitrary file writes if a malicious ZIP with traversal sequenc...
CVE-2026-11409
The CVE-2026-11409 entry concerns an authenticated OS command injection in the IPv6 PPPoE configuration handler of TL-WR940N v6. The vulnerability arises from improper sanitization of user input, allowing an authenticated attacker with administrative access to execute arbitrary system commands wi...
CVE-2026-11410
The CVE-2026-11410 entry concerns TL-WR940N v6 (BigPond Cable BPA WAN config) with an authenticated OS command injection caused by improper input sanitization in the configuration module. An administrator can trigger arbitrary command execution with elevated privileges on the device via the BPA W...
CVE-2026-49113
The CVE-2026-49113 entry concerns the WordPress Cornerstone plugin, affected versions earlier than 7.8.8. It describes a Subscriber-level Arbitrary Code Execution vulnerability, with CVSSv3.1 metrics indicating a NETWORK attack vector, HIGH impact on confidentiality, integrity, and availability, ...
CVE-2026-49080
CVE-2026-49080 : Unauthenticated SQL Injection affecting the WordPress plugin wpDataTables, version
CVE-2026-49057
The CVE-2026-49057 entry concerns the WordPress JobSearch plugin (≤ 3.2.7) with Unauthenticated Broken Access Control. Concrete details found: affected software/product is WordPress JobSearch plugin; vulnerable component/condition is broken access control without authentication; impact is describ...
CVE-2026-48869
CVE-2026-48869 : The WordPress Enfold theme (versions
CVE-2026-40761
WordPress Theme Valeska <= 1.2.2 is affected by an unauthenticated PHP Object Injection vulnerability. Affected component: Valeska theme (WordPress). Root cause: PHP object injection in versions
CVE-2026-40759
CVE-2026-40759 affects WordPress Esmée theme versions
CVE-2026-40760
WordPress Behold theme
CVE-2026-40758
The CVE concerns WordPress Léonie theme versions
CVE-2026-40754
CVE-2026-40754 concerns the WordPress Roisin theme (versions <= 1.4) with unauthenticated PHP Object Injection. Public references describe an object-injection vulnerability in Roisin
CVE-2026-40755
CVE-2026-40755 affects WordPress TechLink theme versions
CVE-2026-40751
CVE-2026-40751 affects WordPress Theme Ashtanga versions
CVE-2026-40739
CVE-2026-40739 affects the WordPress LuxeDrive theme versions
CVE-2026-40736
WordPress Laurits theme