CVE-2026-54244

Technical details for CVE-2026-54244 are not publicly available in the provided documents. Monitor for updates.

CVE-2026-54243

Technical details for CVE-2026-54243 are not publicly available in the provided documents. Monitor for updates as information remains reserved.

CVE-2026-54242

Technical details for CVE-2026-54242 are not publicly available in the provided documents. No product, impact, or remediation information is provided. Monitor for updates.

CVE-2026-56414

The CVE-2026-56414 entry concerns H.View IP cameras (HV-500S6) with certificate-related upload interfaces. Authenticated users can store arbitrary file content to fixed, persistent filesystem locations without validation of file type, structure, or size. The described design omission enables plac...

CVE-2026-55975

CVE-2026-55975 affects H.View IP cameras (e.g., HV-500S6) where an authenticated user can supply unsanitized XML to the device’s certificate generation interface. The input is incorporated into a backend certificate creation command without proper validation, enabling command execution with eleva...

CVE-2026-31928

The CVE-2026-31928 entry concerns DMP-5000 devices shipped with a default administrative web account and weak authentication controls that are not required to be changed during initial configuration or operation, enabling full system access if exploited. The issue is tied to hard-coded/default cr...

CVE-2026-50029

Technical details for CVE-2026-50029 are not publicly available in the provided documents. Monitor for updates.

CVE-2026-33560

The CVE-2026-33560 issue affects the DMP-5000 file service, where an authenticated user can upload files of any type without validation, because there is no file-extension filtering or content inspection, allowing executable binaries/scripts to be written to the server. The vulnerability stems fr...

CVE-2026-49349

Technical details for CVE-2026-49349 are not publicly available in the provided documents. Monitor for updates.

CVE-2026-28701

CVE-2026-28701 affects various versions of Daktronics Controller Firmware. The vulnerability is a path traversal flaw permitting authenticated or unauthenticated remote users to escape the intended directory and enumerate arbitrary filesystem paths, with potential high impact to confidentiality, ...

CVE-2026-49258

Technical details for CVE-2026-49258 are not publicly available in the provided documents. No affected products, impact, vectors, or remediation are specified here. Monitor for updates and official disclosures as information becomes available.

CVE-2026-49869

Kestra OSS contains an unauthenticated RCE flaw in the AuthenticationFilter prior to versions 1.0.45 and 1.3.21. The whitelist uses a suffix check (request.getPath().endsWith("/configs")) to bypass Basic Auth, so any API path ending in configs bypasses authentication. An unauthenticated attacker ...

CVE-2026-45807

Summary: Kestra prior to versions 1.0.43 and 1.3.19 is affected by a path-traversal vulnerability. Several API endpoints accept a kestra:// URI and pass it through StorageInterface.parentTraversalGuard, which only inspects the literal URI.toString(). An URL-encoded .. ("%2E%2E") can slip through,...

CVE-2026-49984

CVE-2026-49984 – Kestra : A path traversal vulnerability in the LocalStorage backend allows any authenticated user who can view an execution to read arbitrary files on the server. Before patching, the LocalStorage path validator mishandles Windows-style backslashes, letting an attacker smuggle tr...

CVE-2026-53576

Kestra prior to versions 1.0.45 and 1.3.21 contained an authentication filter bypass on the REST API. Requests whose path ends in /configs were treated as the public instance-config endpoint and forwarded without credential checks, allowing anonymous access to resources such as /api/v1/{tenant}/f...

CVE-2026-48813

Technical details for CVE-2026-48813 are not publicly available in the provided documents. This entry is reserved; monitor for updates.

CVE-2026-53577

CVE-2026-53577 – Kestra : Affects the previewFileFromExecution endpoint (GET /api/v1/{tenant}/executions/{executionId}/file/preview). Before versions 1.0.45 and 1.3.21, there was an access control bypass that allowed any authenticated user to read output files from any other execution within the ...

CVE-2026-48804

Technical details are not publicly available in the provided documents. Monitor for updates as information about affected products, scope, and remediation has not been disclosed.

CVE-2026-55069

Kestra OSS (BasicAuth) stores administrator password with SHA-512; if an attacker gains read access to PostgreSQL, offline brute-force can recover the password. In Kubernetes, cracked credentials may enable reading ServiceAccount Tokens and all K8s Secrets, enabling vertical privilege escalation....

CVE-2026-48809

Technical details for CVE-2026-48809 are not publicly available in the provided documents. This entry is reserved with no exposed information. Monitor for updates as new details are disclosed.

CVE-2026-48801

Technical details are not publicly available in the provided documents. Monitor for updates as information about affected products, impact, or remediation is not disclosed here.

CVE-2026-54351

Budibase (open‑source low‑code platform) contains a vulnerability CVE-2026-54351 where the webhook trigger endpoint before version 3.39.9 is publicly accessible and passes the full HTTP body into automation parameters. A mass‑assignment flaw in externalTrigger() allows an attacker to overwrite ap...

CVE-2026-54353

Budibase prior to version 3.39.9 is vulnerable to a non‑blind SSRF due to a DNS rebinding bypass in the outbound fetch validation flow. Authenticated users with automation permissions can bypass the SSRF blacklist: the hostname is validated against the blacklist, but the socket connection later p...

CVE-2026-48790

Technical details for CVE-2026-48790 are not publicly available in the provided documents. Monitor for updates.

CVE-2026-54350

Budibase CVE-2026-54350 describes an unauthenticated NoSQL injection against published Budibase apps. EnrichContext substitutes query parameters into the JSON body and JSON.parse can lift attacker-controlled fields into the parsed filter, allowing an attacker with a PUBLIC query to read (and for ...

CVE-2026-50137

Budibase prior to 3.39.0 allows an anonymous attacker to call POST /api/attachments/:datasourceId/url with a known workspace id (app_…) and S3 datasource id (ds_…) and receive a 15‑minute pre‑signed PUT URL minted on the victim’s IAM credentials. The endpoint returns both the signed URL and the p...

CVE-2024-23581

CVE-2024-23581 affects HCL Traveler for Microsoft Outlook libraries (HTMO). The CVE is described as an application modification vulnerability in these libraries. The associated CVSS 3.1 vector (AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H) yields a base score of 6.7 (Medium) and indicates a local attack v...

CVE-2026-50136

Budibase prior to version 3.39.3 exposes an unauthenticated endpoint that generates S3 PutObject presigned URLs using credentials stored in a workspace datasource. The /api/attachments/:datasourceId/url route is protected only by recaptcha, allowing a caller with workspace and S3 datasource IDs t...

CVE-2026-50132

Summary (CVE-2026-50132) Budibase exposes a public GET endpoint GET /api/chat-links/:instance/:token/handoff that, before version 3.39.0, can silently link an attacker’s external chat identity (Slack/Discord/MS Teams) to a victim’s Budibase account without consent or CSRF protection. The flow: an...

CVE-2026-54352

Budibase has a high-severity arcane file-read issue via the PWA ZIP upload endpoint. Prior to 3.39.9, a workspace-builder could upload a ZIP containing a symlink to a root-available file (for example, /data/.env or /etc/shadow) and, because extract-zip preserves absolute targets and the icon vali...

CVE-2026-41262

Technical details for CVE-2026-41262 are not publicly available in the provided documents. Monitor for updates from the reserving organization.

CVE-2026-46604

The CVE-2026-46604 entry concerns the TIFF decoder in golang.org/x/image. The underlying issue is a panic that occurs when decoding an invalid TIFF image with an out-of-bounds strip offset, as described in multiple sources. The affected component is the TIFF decoding path within x/image/tiff. The...

CVE-2026-48770

Notepad++ prior to version 8.9.6.1 is affected by multiple issues arising from insecure handling of inter-process communication data. Specifically, a local attacker can trigger a denial of service (CVE-2026-48770) by sending a malformed WM_COPYDATA message where COPYDATA_FULL_CMDLINE is processed...

CVE-2026-48778

Notepad++ prior to 8.9.6.1 is affected by an RCE in config.xml: the value is read without validation and passed to ShellExecute when triggering File → Open Containing Folder → cmd, enabling attacker-controlled executable paths. The issue stems from NppXml::value() storing the value in _nppGUI._c...

CVE-2026-52885

Notepad++ Notepad++ v8.9.6.4 fixes a TOCTOU vulnerability (CVE-2026-52885) where the on-disk HMAC of shortcuts.xml is checked at trigger time while the command payload is loaded into memory at startup and never synchronized. An attacker with write access to shortcuts.xml can plant a malicious fil...

CVE-2026-46710

Notepad++ is affected by a local privilege escalation vulnerability in the installer (CVE-2026-46710) detected in versions 8.9.4–8.9.6. During installation, the installer launches powershell.exe without an absolute path after setting the working directory to the installation contextMenu directory...

CVE-2026-48800

Notepad++ prior to 8.9.6.1 is affected by CVE-2026-48800 where the content inside in shortcuts.xml is read without validation and used to build a Run menu item that ShellExecute() executes. The attacker-controlled string becomes the executable path when the user clicks the Run menu entry, enabl...

CVE-2026-52884

Notepad++ CVE-2026-52884 affects Notepad++ up to version 8.9.6.1 where isInTrustedDirectory() does not canonicalize paths before checking. The code uses a prefix-based trust check (PathIsPrefix or equivalent), allowing a path traversal like ....\ after a trusted directory prefix to resolve to an ...

CVE-2026-9836

CVE-2026-9836 — IBM DataStage Flow Designer is affected by an information disclosure vulnerability (CWE-200). Affects InfoSphere Information Server versions 11.7.0.0 to 11.7.1.6. Remediation: upgrade to IBM InfoSphere Information Server 11.7.1.0 or 11.7.1.6 (including Service Pack 3 for 11.7.1.6)...

CVE-2026-55188

RustFS’s ListRemoteTargetHandler in versions 1.0.0-alpha.1 through 1.0.0-beta.8 contains an authorization bypass that only checks for credentials and neglects to verify replication or admin permissions. This allows an authenticated user without bucket/admin rights to list remote replication targe...

CVE-2026-49991

RustFS 1.0.0-beta.4 is affected by a path traversal vulnerability in the Snowball auto-extract feature. Authenticated users with only PutObject permission on their own bucket can write arbitrary objects into other users’ buckets, breaking multi-tenant isolation. Root causes include: (1) No ../ sa...

CVE-2026-55189

RustFS (distributed object storage in Rust) contains a vulnerability from 1.0.0-alpha.1 through 1.0.0-beta.9 where enabling the FTP frontend lets FTP read and probe handlers bypass the IAM authorization function, allowing authenticated users to read objects and probe buckets regardless of IAM pol...

CVE-2026-55838

CVE-2026-55838 (RustFS) : In versions up to 1.0.0-beta.7, the real-time metrics endpoint /rustfs/admin/v3/metrics is accessible to any valid IAM user, because MetricsHandler skips the admin-request validation that other admin handlers perform. As a result, a user whose policy allows only their ow...

CVE-2026-32833

CVE-2026-32833 affects Cudy LT300 3.0 firmware prior to 2.5.12. The vulnerability arises in the system time configuration interface, where an authenticated attacker can inject shell metacharacters into the cbid.system.ntp.current POST parameter via the NTP settings endpoint, enabling remote code ...

CVE-2026-44733

CVE-2026-44733 affects OpenProject (open-source, web-based project management software). Before versions 17.3.2 and 17.4.0 , a Business Logic Error via PATCH to /api/v3/users/me could bypass password requirements. A password validation flaw in the change-password flow allowed password changes onl...

CVE-2026-44731

OpenProject contains an input leakage in the web application’s meetings filter feature that lets an attacker determine whether a user ID is valid and view the user’s full name, enabling enumeration of existing accounts. The issue occurs before versions 17.3.2 and 17.4.0 and is resolved by upgradi...

CVE-2026-53324

CVE-2026-53324 concerns the Linux kernel, fixing debugfs directory naming for per-device entries in the mana/net subsystem. The root cause was reliance on a hardcoded "0" for PFs and pci_slot_name(pdev->slot) for VFs, which could dereference a NULL pdev->slot for VFs in environments like VF...

CVE-2026-53322

CVE-2026-53322 affects the Linux kernel vfio/pci subsystem. The fix ensures that during device shutdown, vfio_pci_core_close_device() calls vfio_pci_dma_buf_cleanup() before disabling the function via vfio_pci_core_disable(). This guarantees that all access via DMABUFs is revoked before the funct...

CVE-2026-53323

CVE-2026-53323 : In the Linux kernel, the conduit (master) device’s ethtool wrappers used by DSA were calling netdev_lock_ops()/netdev_unlock_ops(), creating a potential deadlock when aggregating stats from conduit and DSA switch ports. The fix removes the redundant locking calls from the DSA con...

CVE-2026-53321

CVE-2026-53321 : In the Linux kernel, the io_uring/napi path was missing a cap on the maximum polling time when no events are found. The issue arises from napi potentially polling for longer than reasonable times, leading to task stagnation without conditional rescheduling. A fix caps the total b...