CVE-2026-0273

CVE-2026-0273 is a command injection vulnerability in Palo Alto Networks PAN-OS software that allows an authenticated administrator to bypass system restrictions and execute arbitrary commands as root. The issue affects PAN-OS on PA-Series and VM-Series firewalls and Panorama , with access requir...

CVE-2026-0272

Technical details for CVE-2026-0272 are not publicly provided in the supplied documents beyond a general description of privilege escalation in PAN-OS CLI. Monitor for updates; no specifics on vulnerable component, affected versions, or fixes are present.

CVE-2026-0271

CVE-2026-0271 describes a privilege escalation vulnerability in the Palo Alto Networks Prisma Access Agent app on Linux. A local user can execute code with elevated privileges, as indicated by the entry. Affected product: Prisma Access Agent (Linux). Impact per metrics: high impact to confidentia...

CVE-2026-0270

Palo Alto Networks Cortex XSOAR engine running on Linux is vulnerable to a path traversal issue that could allow an unauthenticated attacker in an adjacent network, via MITM-enabled interception of network responses, to write arbitrary files to the host. The vulnerability affects the Cortex XSOAR...

CVE-2026-0269

CVE-2026-0269 describes a memory corruption vulnerability in the tunnel traffic processing path of Palo Alto Networks PAN-OS software. An authenticated user can trigger system reboots by sending a maliciously crafted packet, and repeated attempts may cause the firewall to enter maintenance mode. ...

CVE-2026-0268

Prisma Access Agent for Linux contains a local authentication bypass that enables a local attacker to route traffic outside the VPN tunnel. The issue is limited to Linux; Windows, macOS, iOS, Android, and ChromeOS variants are not affected. The CVE entry notes a local attack vector with low privi...

CVE-2026-53742

CVE-2026-53742 affects the WordPress plugin Simple Link Directory up to version 9.0.4. The issue is a Stored XSS via embed shortcode attributes: the embedder template echoes shortcode attributes into HTML data attributes without escaping. Attackers with contributor access can craft a shortcode at...

CVE-2026-53741

CVE-2026-53741 affects Simple Link Directory up to version 9.0.4. The root cause is that the sld_no_results_found option is interpolated into a JavaScript string literal without encoding. Because sanitize_text_field leaves quotes intact, a stored payload can break out of the string and execute sc...

CVE-2026-53740

The CVE-2026-53740 entry describes a stored cross-site scripting flaw in Yoast Duplicate Post (through 4.6) where an unescaped post title and permalink is injected into the Classic Editor scheduled republish notice. Attackers can craft a title to cause script execution when an administrator views...

CVE-2026-53739

CVE-2026-53739 affects the WordPress plugin Yoast Duplicate Post up to version 4.6. The issue is a cross-site request forgery in the duplicate_post_dismiss_notice handler that does not verify a nonce or capability. This allows an attacker to trick an authenticated user into issuing a request that...

CVE-2026-53738

CVE-2026-53738 affects the WordPress plugin Copy & Delete Posts, up to version 1.5.4. The vulnerability stems from the cdp_action_handling AJAX handler, where any plugin-enabled non-admin role can invoke every operation, bypassing per-function capability checks. This enables attackers with an ena...

CVE-2026-53737

CVE-2026-53737 affects Juicer (through 1.12.18). The vulnerability is a Stored Cross-Site Scripting (XSS) due to unescaped remote feed API response fields on the admin settings page; when the page loads, an attacker controlling the connected feed data can inject script that runs in an administrat...

CVE-2026-53736

CVE-2026-53736 affects the Easy Twitter Feeds WordPress plugin prior to 1.2.13. The issue is a cross-site request forgery in the duplicate_post action handler that lacks nonce verification. An attacker could entice an authenticated user to visit a crafted link that duplicates posts regardless of ...

CVE-2026-47764

Summary: A GHSA advisory details a path traversal vulnerability in PDM related to wheel installation. The InstallDestination.write_to_fs() method overrides the safe _path_with_destdir(), replacing Path.resolve()/is_relative_to()-based validation with a bare os.path.join() that performs no path va...

CVE-2026-47763

CVE-2026-47763 / GHSA-GHQ2-5C67-FPRM (PDM) : The advisory details a symlink-related write vulnerability in PDM’s project-local state/config handling. If a repository places a symlink to a target file (e.g., pdm.toml), commands like pdm config -l may write to the symlink target instead of refusing...

CVE-2026-42542

CVE-2026-42542 affects TDengine versions 3.4.0.0–3.4.1.5. An unauthenticated remote attacker can cause a denial of service by sending a single crafted RPC packet, triggering an integer underflow in uvConnMayGetUserInfo() and crashing the taosd server. Impact is limited to availability (A) with ne...

CVE-2026-0267

CVE-2026-0267 affects the Palo Alto Networks GlobalProtect app on macOS. It is described as an information exposure vulnerability where a local user can learn the passcodes used to disable, disconnect, or uninstall the app, enabling those actions despite configuration restrictions. The provided d...

CVE-2026-0266

CVE-2026-0266 concerns a Stored Cross-Site Scripting (XSS) vulnerability in Palo Alto Networks PAN-OS web interface. The connected documents specify that an authenticated administrator can store a JavaScript payload via the PAN-OS web UI, affecting PAN-OS on PA-Series and VM-Series firewalls as w...

CVE-2026-46689

Kanidm vuln CVE-2026-46689: An unauthenticated GET to any /scim/v1/... endpoint with a crafted ?filter= (thousands of nested parentheses, ~4–12 KB) can exhaust the parser’s stack due to an unbounded depth in the SCIM filter grammar. This causes a stack overflow and std::process::abort(), terminat...

CVE-2026-50131

Fedify (TypeScript federated server framework) has an incomplete SSRF mitigation in validatePublicUrl(): isValidPublicIPv4Address() blocks common private/local ranges but still treats several special-use, reserved, multicast, benchmarking, and carrier-grade NAT IPv4 ranges as valid. This exposes ...

CVE-2026-48110

CVE-2026-48110 affects Russh, a Rust SSH client/server library. From 0.34.0 up to before 0.61.0, several client/server message handlers decoded attacker-controlled SSH strings, name-lists, and byte fields into owned allocations before applying field-specific bounds. A remote SSH peer could send o...

CVE-2026-48108

Russh (Rust SSH client/server library) prior to 0.61.0 allowed non-canonical client identification and did not bound pre-banner input on the server side, enabling malformed pre-auth identification to potentially exhaust connection resources. The issue affects versions 0.34.0-beta.1 through before...

CVE-2026-48107

Russh (Rust SSH client/server) is affected in versions 0.37.0–0.60.x where the client’s keyboard-interactive auth path accepts an attacker-controlled prompt count via USERAUTH_INFO_REQUEST. The code uses the raw count directly in Vec::with_capacity(...) before verifying sufficient prompt data, en...

CVE-2026-10143

CVE-2026-10143 affects kafka-python prior to 2.3.2. The denial‑of‑service arises from ScramClient.process_server_first_message() passing the broker‑provided SCRAM iteration count directly to hashlib.pbkdf2_hmac() without validation in scram.py. This can freeze the client event loop, blocking prod...

CVE-2026-42462

CVE-2026-42462 describes an LD-Signature bypass in Fedify caused by JSON-LD named-graph restructuring. The issue allows an attacker to reorganize a signed JSON-LD payload (via features like @graph, @reverse, @included) in a way that changes how the signed ActivityPub activity is interpreted witho...

CVE-2026-46705

The vulnerability CVE-2026-46705 affects russh (Rust SSH client/server) versions 0.34.0-beta.1 through before 0.61.0. The server’s authentication path retained russh-owned state (e.g., remaining methods, partial_success, and in-progress state) across SSH_MSG_USERAUTH_REQUEST messages when the use...

CVE-2026-46702

Russh contains a post-decompression packet size bound vulnerability: when SSH compression is enabled, compressed payloads could inflate to oversized decompressed data, bypassing on-wire packet checks. This allowed remote DoS by sending small compressed packets that decompress beyond limits. Affec...

CVE-2026-46673

Summary of the vulnerability (CVE-2026-46673) : In Russh (Rust SSH client/server), CryptoVec allocations and growth were unchecked in vulnerable releases. Prior to 0.60.3, local agent inputs could feed attacker-controlled frame lengths into buffer growth before validation; in historical releases ...

CVE-2026-10142

CVE-2026-10142 affects kafka-python prior to 2.3.2. The vulnerability resides in the protocol parser, where an attacker can send a crafted 4-byte frame length via receive_bytes() without bounds validation. This can cause a multi-gigabyte memory allocation or an uncaught ValueError, leaving the co...

CVE-2026-46668

The CVE-2026-46668 issue affects SpiceDB releases earlier than v1.52.0, where caveat structures containing nested lists could cause improper cache reuse. Affected versions range from v1.15.0 up to, but not including, v1.52.0. The root cause centers on how nested caveat data is cached, enabling po...

CVE-2026-46669

OpenVM-pairing vulnerability CVE-2026-46669: the openvm-pairing guest library’s try_honest_pairing_check previously did not verify that the scaling factor s lies in a proper subfield of Fp12, allowing incorrect pairing results. The issue has been patched in version 1.6.0; users should upgrade to ...

CVE-2022-48575

The CVE-2022-48575 issue affects macOS Monterey due to a consistency/state-handling defect that may allow a person with physical access to bypass the Login Window. The Apple security content notes this as fixed in macOS Monterey 12.4. Affected component: Login Window handling; root cause: improve...

CVE-2022-26758

CVE-2022-26758: macOS Monterey before 12.4 is affected by a memory corruption issue that may allow a malicious application to cause unexpected changes in memory shared between processes. The vulnerability is addressed in macOS Monterey 12.4 with improved state management. The CVE entry notes a lo...

CVE-2026-48011

Summary of CVE-2026-48011 (Shopware) : A timing-attack in the admin authentication flow enables an attacker to enumerate administrator usernames. The issue is in the OAuth user lookup path (UserRepository::getUserEntityByUserCredentials). If a username is not found, the code returns quickly; if f...

CVE-2026-46654

The CVE-2026-46654 issue affects Plonky3’s MultiField32Challenger in the prover transcript handling, where transcript malleability allows an attacker controlling prover-side observations to craft transcripts that yield identical challenges, breaking Fiat-Shamir binding. Root cause: a mismatch bet...

CVE-2026-44692

CVE-2026-44692 affects the Sharp CMS package for Laravel. Prior to version 9.22.0, the generic download endpoint authorizes access only to the selected Sharp entity but then reads the target disk and path from request parameters, allowing an authenticated user who can view one valid record to dow...

CVE-2026-53634

The CVE concerns Sharp (Laravel package) where the Quick Creation Command endpoints (create and store) from version 9.0.0 up to just before 9.22.3 failed to enforce authorization checks. An authenticated Sharp user lacking create permission on a target entity could access the creation form or sub...

CVE-2026-45380

The CVE-2026-45380 issue affects bit7z (a cross-platform C++ static library for archive handling). A one-byte off-by-one bug in SafeOutPathBuilder::restoreSymlink() (prior to 4.0.12) enables crafting a .7z archive that, when extracted on non-Windows, creates a symlink escaping the extraction dire...

CVE-2026-45384

Summary of CVE-2026-45384 (bit7z) Affected: bit7z library (cross-platform C++ library used for archive compression/extraction). Vulnerability: Prior to v4.0.12, an arbitrary file overwrite vulnerability exists via a symlink attack on predictable temporary files during an archive update. This stem...

CVE-2026-45106

Weblate (web-based localization tool) is affected by a stored HTML injection/XSS in the live search preview prior to version 2026.5, where unit source and context are rendered without escaping, allowing HTML/CSS that runs in authenticated editors of other users performing a matching search. The i...

CVE-2026-50127

CVE-2026-50127 affects Weblate (versions 5.15 up to, but not including, 2026.6). The VCS_RESTRICT_PRIVATE check did not properly account for certain transitional IPv6 ranges, multicast addresses, or some semi-private IPv4 ranges, allowing some addresses to bypass private-range restrictions. The i...

CVE-2026-46683

Snappy (KnpLabsKnappy) is a PHP library for generating thumbnails, screenshots, or PDFs from URLs or HTML. A vulnerability exists prior to v1.7.0 allowing SSRF and local file reads via the xsl-style-sheet option. The issue is resolved in version 1.7.0. Impact is described as SSRF and potential lo...

CVE-2026-46643

CVE-2026-46643 affects KnLplabs Snappy (knplabs/knp-snappy) on POSIX, where escapeshellarg('/usr/bin/wkhtmltopdf') may still leave $command unescaped due to a faulty is_executable check. This allows command execution when the binary path is influenced by user input or environment data, as the saf...

CVE-2026-6893

CVE-2026-6893 affects the dracut project, specifically the legacy DHCP path. A remote attacker on an adjacent network can trigger root code execution in the initramfs by sending specially crafted DHCP options (for example, a malicious hostname). The options are improperly handled and written into...

CVE-2026-46529

Technical details such as affected versions, impact, and remediation are not provided in the supplied documents; monitor for updates from official advisories.

CVE-2026-1220

Summary: CVE-2026-1220 is a race in V8 in Google Chrome prior to 144.0.7559.99 that could allow a remote attacker to trigger type confusion via a crafted HTML page. The vulnerability affects Chromium-based Chrome and stems from the V8 engine; exploitation could lead to arbitrary code execution or...

CVE-2026-47751

Technical details for CVE-2026-47751 are not publicly available in the provided documents. Monitor for updates from authoritative sources; the connected advisory describes a different vulnerability without confirming this CVE mapping.

CVE-2026-48063

The connected GHSA advisory documents a vulnerability in Baileys prior to certain versions where a malicious placeholderResendMessage payload can trigger a fake messages.upsert event (with a fake key and payload), spoofing messages and corrupting the app state sync, including history sync spoofin...

CVE-2026-48061

CVE-2026-48061 / GHSA-3QMC-CJ7Q-62HV (Litestar) : The AllowedHostsMiddleware trusts the X-Forwarded-Host header when Host is absent, allowing a client-controlled value to bypass host validation. This enables host header injection and can lead to password reset poisoning, cache poisoning, and rout...

CVE-2026-48060

TL;DR: The CVE-2026-48060 entry is enriched by the GHSA advisory: Litestar templates used with CSRF protection can suffer HTML injection that bypasses escaping in the template when CSRF tokens are inlined. This can lead to arbitrary HTML/JS being rendered in victims’ browsers, enabling a Cross-Si...