366243 matches found
CVE-2024-32110
CVE-2024-32110 is a CSRF vulnerability in the WordPress plugin Event Manager and Tickets Selling Plugin for WooCommerce (WpEvently) for versions up to 4.1.2. The connected Wordfence listing confirms the issue exists and notes a patch status of Patched, indicating a fix has been applied by the ven...
CVE-2023-33999
Technical details on CVE-2023-33999 are not provided in the supplied documents. Please monitor for updates from vendors/security advisories before assessing impact, affected products, or fixes.
CVE-2026-10795
UpdraftPlus (WordPress plugin)
CVE-2026-41856
CVE-2026-41856 affects Spring GraphQL’s annotation detection for @Controller data fetchers, where resolution of annotations in type hierarchies may be incorrect. This can lead to security annotations being ignored at runtime when all conditions are met and annotations are used for authorization d...
CVE-2026-41700
Spring for GraphQL with WebSocket transport is affected by Cross-Site WebSocket Hijacking. Affected versions: Spring for GraphQL 2.0.0–2.0.3; 1.4.0–1.4.5; 1.3.0–1.3.8; 1.0.0–1.0.6. Description confirms the issue: an attacker can lure an authenticated user to a malicious page to execute arbitrary ...
CVE-2026-41699
CVE-2026-41699 : Spring for GraphQL is affected by an Unsafe Deserialization flaw when processing paginated GraphQL queries (Connection fields). If the classpath contains specific deserialization-related classes, a crafted GraphQL request can lead to Remote Code Execution. Affected versions: Spri...
CVE-2026-41001
CVE-2026-41001 affects Spring Boot’s ArtemisEmbeddedConfigurationFactory, which uses a fixed, static path for the embedded Artemis broker data directory when no explicit path is configured. A local attacker on the same host can pre-create this predictable directory or place a symlink before appli...
CVE-2026-41000
The CVE-2026-41000 issue affects Spring Web Services where Wss4jSecurityInterceptor did not consistently wire Apache WSS4J ReplayCache instances into RequestData for validation-time checks. This undermines protections against replay of UsernameToken nonces and creation timestamps, as well as Time...
CVE-2026-40999
CVE-2026-40999 affects Spring Web Services (versions across 3.1.0–3.1.8, 4.0.0–4.0.18, 4.1.0–4.1.3, 5.0.0–5.0.1). When WS-Addressing is used with non-anonymous ReplyTo or FaultTo addresses, Spring WS can initiate outbound connections via configured WebServiceMessageSender instances to destination...
CVE-2026-40998
CVE-2026-40998 : Jaxp13XPathTemplate evaluated XPath expressions for StreamSource and SAXSource inputs using the JDK default DocumentBuilderFactory behavior rather than Spring’s hardened parser configuration, exposing applications that evaluate XPath against untrusted XML to XML External Entity (...
CVE-2026-40997
The CVE-2026-40997 issue affects Spring Web Services: versions 5.0.0–5.0.1, 4.1.0–4.1.3, 4.0.0–4.0.18, and 3.1.0–3.1.8. The vulnerability arises when several Spring WS integration paths with Spring Security reveal detailed account state (e.g., locked or disabled user semantics) to remote SOAP cli...
CVE-2026-40996
CVE-2026-40996 affects Spring Web Services where Wss4jSecurityInterceptor incorrectly defaults allowRSA15KeyTransportAlgorithm to true, overriding Apache WSS4J’s safer validation behavior for RequestData. This could allow RSA PKCS#1 v1.5 (rsa-1_5) encrypted key material in inbound WS-Security dec...
CVE-2026-40995
CVE-2026-40995 affects Spring Web Services versions 3.1.0–3.1.8, 4.0.0–4.0.18, 4.1.0–4.1.3, and 5.0.0–5.0.1. The issue arises in the X509AuthenticationProvider, which could issue a fully authenticated X509AuthenticationToken when a presented certificate maps to a UserDetails, without applying Spr...
CVE-2026-40994
Summary: CVE-2026-40994 affects Spring Web Services where Wss4jSecurityInterceptor initializes its BSP flag to disable BSP enforcement on inbound data, weakening protocol-level WS-Security checks. Affected versions: Spring Web Services 5.0.0–5.0.1; 4.1.0–4.1.3; 4.0.0–4.0.18; 3.1.0–3.1.8. Impact (...
CVE-2026-40992
CVE-2026-40992 concerns Spring Boot's Mail auto-configuration not enabling hostname verification by default. Affected: Spring Boot 4.0.0–4.0.6; 3.5.0–3.5.14; 3.4.0–3.4.16. The issue: hostname verification is not enabled; applications that explicitly set spring.mail.properties.mail.smtp.ssl.checks...
CVE-2026-40987
CVE-2026-40987 affects Spring Integration across multiple tracked branches (7.0.0–7.0.4, 6.5.0–6.5.8, 6.4.0–6.4.11, 6.3.0–6.3.14, 5.5.0–5.5.20). The connected documents describe a vulnerability where a malicious or compromised FTP/SFTP/SMB server can cause the client to write arbitrary files anyw...
CVE-2026-40986
Spring Web Flow vulnerability: JavaScript RemotingHandler renders the body of an error response as HTML even when the response is not text/html, enabling a scripting attack if server error details containing attacker-reflected input are returned. Affected versions: Spring Web Flow 4.0.0; 3.0.0–3....
CVE-2026-40985
CVE-2026-40985 affects Spring Web Flow where configurations use the WebFlowELExpressionParser. The vulnerability arises from processing Unified EL expressions, allowing a crafted expression to influence behavior. Affected versions are Spring Web Flow 4.0.0; 3.0.0–3.0.1; and 2.5.0–2.5.1. The conne...
CVE-2026-35273
CVE-2026-35273 is a remote, unauthenticated RCE in Oracle PeopleSoft Enterprise PeopleTools Updates Environment Management (PSEMHUB) affecting PeopleTools 8.61 and 8.62. Vendor advisories describe the flaw as a high-severity, network-exposed vulnerability with CVSS v3.1 score 9.8. Exploitation ha...
CVE-2026-2827
CVE-2026-2827 affects the Open User Map PRO plugin for WordPress. The vulnerability is a Stored Cross-Site Scripting (XSS) via the oum_location_notification parameter in versions up to and including 1.4.31, caused by insufficient input sanitization and output escaping. Unauthenticated attackers c...
CVE-2026-41809
Technical details for CVE-2026-41809 are not publicly available in the provided documents. Monitor for updates.
CVE-2026-59751
Technical details for CVE-2026-59751 are not publicly available in the provided documents. No affected products, root cause, impact, or fixes are described. Monitor for updates.
CVE-2026-28699
CVE-2026-28699 affects Gitea: an OAuth2 access token presented over HTTP Basic Auth can bypass the intended scope. The root cause is that Basic-auth tokens were recorded with IsApiToken=true but ApiTokenScope was missing, allowing a token with read:user scope to perform write actions. A self-cont...
CVE-2026-52849
Technical details for CVE-2026-52849 are not provided in the supplied documents. No affected products, impact, or remediation are disclosed. Monitor for updates as the vulnerability information is currently reserved.
CVE-2026-11892
CVE-2026-11892 is connected to PT-2026-48663, which describes a vulnerability that could allow a complete compromise of Mozilla’s CI pipeline and potentially Firefox builds. The available connected document indicates the issue affected Mozilla’s CI workflow leading to build compromise; no explici...
CVE-2026-38581
CVE-2026-38581 affects damasac thaipalliative_lte up to version 3.0. The flaw is an SQL Injection in /substudy/ezform.php (idFormMain, id parameters) where user input is concatenated into SQL without sanitization or parameterization. This enables remote attackers to execute arbitrary SQL commands...
CVE-2026-47342
CVE-2026-47342 affects Apache OFBiz prior to 24.09.07 and is a privilege-escalation via updateOrRemove authorization bypass. The issue allows a low-privileged authenticated user to obtain higher privileges. The advisory recommends upgrading to 24.09.07 to fix the vulnerability. CVSS 3.1 base scor...
CVE-2026-46645
SQLAdmin (for SQLAlchemy) contains an authorization bypass in the ajax_lookup endpoint prior to version 0.25.1, where is_accessible() is bypassed, allowing an authenticated user to query a model’s data despite access restrictions. The issue affects ajax_lookup specifically and was mitigated by pa...
CVE-2026-50223
CVE-2026-50223 affects Apache OFBiz prior to 24.09.07. It is caused by improper control of code generation (template injection) via DataResource editing by a low-privileged authenticated user, enabling possible Remote Code Execution. A fix is available in version 24.09.07; upgrading is recommende...
CVE-2026-46695
Summary of verified details: CVE-2026-46695 concerns Boxlite before v0.9.0, where host directories mounted via virtiofs were intended read-only but could be remounted by inside-the-sandbox code to write to host files. Root cause: read_only flag was not enforced at the hypervisor level; the hyperv...
CVE-2026-46703
Summary of CVE-2026-46703 (Boxlite) : The vulnerability occurs when Boxlite extracts OCI image layer tarballs. A tar entry of type SYMLINK can point to an absolute host path (for example, escape -> /tmp), and subsequent file entries resolve through that symlink, enabling writes outside the ext...
CVE-2026-47213
Summary (CVE-2026-47213 / BoxLite) BoxLite’s execution timeout mechanism is vulnerable due to sending SIGALRM (catchable) to terminate a timed process instead of SIGKILL (uncatchable). The Timeout watcher invokes a sleep, then calls kill with SIGALRM, while the code comments indicate SIGKILL shou...
CVE-2026-42568
CVE-2026-42568 affects YAMCS when LdapAuthModule is configured. The root cause is that the username parameter is inserted directly into LDAP search filters without RFC 4515 escaping, enabling an authentication bypass (e.g., username=*) and potentially granting access to tokens for first matching ...
CVE-2026-47768
The Nebula Mesh advisory (GHSA-9PG3-25FQ-P6CC) details a vulnerability where an API key issued for an operator is exposed via a redirect URL after handleOperatorCreateAPIKey. Affected: all released Nebula Mesh versions up to v0.3.1. Root cause: after token mint, the raw 32-byte bearer token is pl...
CVE-2026-52726
Technical details about CVE-2026-52726 are not publicly provided in the supplied documents; monitor for updates.
CVE-2026-44693
Pi-hole FTL contains a race condition in the HTTP session management subsystem (global session buffer) introduced with the v6.0 CivetWeb rewrite, allowing unauthenticated session hijacking. It affects versions prior to 6.6.1 and is patched in 6.6.1. CVSS v3.1 is 8.8 (Network, Privileges None, Use...
CVE-2026-47734
Dulwich prior to 1.2.5 is vulnerable to an unbounded memory allocation in receive-pack when processing a crafted thin pack. A tiny push (~174 bytes) can declare a huge dest_size in the delta header, causing add_thin_pack / apply_delta to allocate hundreds of MB regardless of actual data. Impacted...
CVE-2026-53465
ImageMagick (affected prior to 7.1.2-25) contains a heap buffer overwrite in the SF3 encoder when encoding a multi-frame image. The issue, tracked as CVE-2026-53465, can impact availability (HIGH) with little-to-no confidentiality or integrity impact as per the provided metrics. The root cause is...
CVE-2026-53464
CVE-2026-53464 (ImageMagick) : A memory leak in the wand option parser occurs when invalid arguments are provided (pre-7.1.2-25). The issue is triggered locally by malformed wand options and results in a "Memory leak" with low attack complexity and no user interaction. The advisory states it has ...
CVE-2026-53463
CVE-2026-53463 affects ImageMagick's distort operation. When incorrect arguments are passed, a null pointer dereference can occur, potentially impacting availability. This issue is fixed in ImageMagick releases: 6.9.13-50 and 7.1.2-25. The CVSS metrics provided assign a Medium severity (score 4.3...
CVE-2026-53462
Technical details are not publicly available in the provided documents. Monitor for updates.
CVE-2026-53461
ImageMagick contains an out-of-bounds heap write in the ICON decoder caused by an incorrect loop, affecting releases before 6.9.13-50 and 7.1.2-25. The vulnerability can lead to a crash (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) and is rated HIGH with network exploitation and no user interaction requi...
CVE-2026-53460
CVE-2026-53460 (ImageMagick) affects ImageMagick due to a missing check for maximum memory requests in AcquireAlignedMemory, which can trigger an out-of-Memory condition. Affected versions include pre-patch 6.9.13-50 and 7.1.2-25; patches fix in 6.9.13-50 and 7.1.2-25. The CVSS v3.1 base score is...
CVE-2026-47712
CVE-2026-47712 affects the Dulwich project (pure-Python Git implementation). The issue: porcelain.format_patch(outdir=...) derives patch file names from the commit subject, allowing a crafted subject to steer the created patch file outside the requested outdir. The root cause: get_summary previou...
CVE-2026-49219
Technical details are not publicly available in the provided documents. Monitor for updates.
CVE-2026-49218
ImageMagick’s CVE-2026-49218 describes a policy bypass in the DCM decoder that could produce images with invalid dimensions, potentially causing crashes in other operations. Affected versions prior to 6.9.13-48 and 7.1.2-24 are vulnerable due to a missing check in the DCM decoder. The issue has b...
CVE-2026-48994
CVE-2026-48994 affects ImageMagick MAT decoder on 32-bit systems due to a missing check of a return value, leading to a heap buffer over-write. Affected versions prior to patch: 6.9.13-48 and 7.1.2-24; patches are available in those versions. CVSSv3.1 base score: 5.9 (Network, high complexity, no...
CVE-2026-48734
ImageMagick CVE-2026-48734 affects the MVG decoder and causes a stack overflow due to a missing depth or visited-set check. Affected versions are prior to 6.9.13-49 and 7.1.2-24. The issue can lead to denial of service with a crafted MVG file that exploits the stack overflow. The CVSS data indica...
CVE-2026-42305
Dulwich (pure-Python Git implementation) versions before 1.2.5 on Windows are vulnerable to an arbitrary file write via NTFS-hostile tree entries, causing remote code execution when cloning or checking out a malicious repository. Root cause: path-element validation allowed filenames that Windows ...
CVE-2024-21944
CVE-2024-21944 maps to an AMD SEV-SNP/ASP issue where SPD metadata can be improperly validated. Research show BadRAM-style exploits that can cause a memory module to misreport size, enabling a local attacker with ring0 or physical access to overwrite guest memory and compromise guest data integri...