175414 matches found
PT-2026-41440
Queue Management System 4.0.0 contains a stored cross-site scripting vulnerability that allows authenticated administrators to inject malicious scripts through user creation fields. Attackers can insert JavaScript payloads in the First Name, Last Name, and Email fields during user creation, which...
PT-2026-41244
An unchecked return value within the AMD Platform Management Framework PMF could allow an attacker to read or modify an arbitrary address potentially resulting in loss of confidentiality, integrity, or availability...
PT-2026-41303
An issue in Nodemailer smtp server before v.3.18.3 allows a remote attacker to cause a denial of service via the SMTPStream. write, lib/smtp-stream.js components...
PT-2026-41261
Name of the Vulnerable Software and Affected Versions Rapid7 Metasploit Pro affected versions not specified Description Rapid7 Metasploit Pro on Windows is subject to a local privilege escalation. During startup, the metasploitPostgreSQL service and the subsequent postgres.exe service attempt to...
PT-2026-41092
Name of the Vulnerable Software and Affected Versions Google Chrome on Windows versions prior to 148.0.7778.168 Description Insufficient policy enforcement in the IFrame Sandbox allows a remote attacker to bypass navigation restrictions by using a crafted HTML page. Recommendations Update Google...
PT-2026-41176
Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.6.31 Description A Cross-Site Scripting issue exists in the SVG renderer implementation. This allows the permanent storage of HTML or JavaScript code within the application, which is then executed in the context ...
PT-2026-41029
OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, the bounds check in TGAInput::decode pixel computes k + palbytespp as unsigned 32-bit arithmetic. When k = 0xFFFFFFFC and palbytespp = ...
PT-2026-41173
Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.0 Description A Server-Side Request Forgery SSRF issue exists in the process picture url function within backend/open webui/utils/oauth.py. The function fetches URLs from OAuth picture claims without using the...
PT-2026-40798
Name of the Vulnerable Software and Affected Versions Garmin WDU version 1.4.6 Garmin WDU version 5.0 Description The locally served web site allows authentication to be bypassed because the site only performs authentication within the client's browser. The WebSockets used for communication with...
PT-2026-40830
Name of the Vulnerable Software and Affected Versions OPNsense versions prior to 26.1.8 Description Unsanitized user input is passed to the DHCP configuration of the configured interface and subsequently processed by a shell script. This allows remote code execution as root on the underlying...
PT-2026-40536
Name of the Vulnerable Software and Affected Versions protobufjs versions prior to 7.5.6 protobufjs versions prior to 8.0.2 Description protobufjs allows certain schema option paths to traverse inherited object properties during option application. A crafted protobuf schema or JSON descriptor can...
PT-2026-40431
PowerSYSTEM Center email notification service is affected by a CRLF injection vulnerability when using SMTPS communication...
PT-2026-40440
Name of the Vulnerable Software and Affected Versions cPanel & WHM affected versions not specified Description Improper sanitization of the status query parameter in the '/unprotected/nova error' endpoint allows an unauthenticated attacker to inject arbitrary HTTP headers into the response...
PT-2026-39935
UNSUPPORTED WHEN ASSIGNED A buffer overflow vulnerability in the formWep, formWlAc, formPasswordSetup, formUpgradeCert, and formDelcert functions of the βwebsβ binary in Zyxel NWA1100-N customized firmware version 1.00AACE.1C0 could allow an attacker to trigger a denial-of-service DoS condition b...
PT-2026-39569
A vulnerability was determined in Open5GS up to 2.7.7. The affected element is the function ogs nas parse qos rules of the component SMF. Executing a manipulation can lead to denial of service. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. The...
PT-2026-39635
CosyVoice thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e 2025-30-21 contains an insecure deserialization vulnerability CWE-502 in its average model.py model averaging tool. The script loads PyTorch checkpoint files epoch .pt for model averaging using torch.load without enabling the weights...
PT-2026-39536
Name of the Vulnerable Software and Affected Versions D-Link DCS-935L versions prior to 1.10.01 Description A buffer overflow can be triggered remotely via the HNAP Service. The issue exists in the SetDeviceSettings function within the '/web/cgi-bin/hnap/hnap service' endpoint when manipulating t...
PT-2026-39491
uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the news/manage module. The date created, date from, date to, and created at parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted GET reques...
PT-2026-38944
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the drm/v3d component where the max seg size is not set when using V3D rendering with CONFIG DMA API DEBUG enabled. This causes the kernel to default to a 64K segment...
PT-2026-38913
Name of the Vulnerable Software and Affected Versions CloudStack Backup plugin versions 4.21.0.0 through 4.22.0.0 Description The CloudStack Backup plugin contains improper authorization logic. Authenticated users in environments where this plugin is enabled can list backups from any account in t...
PT-2026-38708
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Security. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...
PT-2026-38681
Name of the Vulnerable Software and Affected Versions uriparser versions prior to 1.0.2 Description The software contains pointer difference truncation to int in various locations. Recommendations Update to version 1.0.2 or later...
PT-2026-38382
Name of the Vulnerable Software and Affected Versions Gotenberg versions 8.31.0 and earlier Description A Server-Side Request Forgery SSRF issue exists in the LibreOffice conversion endpoint "/forms/libreoffice/convert". While some SSRF hardening is present in the Go code, the application passes...
PT-2026-38461
Heap-based Buffer Overflow vulnerability in mod proxy ajp of Apache HTTP Server. If mod proxy ajp connects to a malicious AJP server this AJP server can send a malicious AJP message back to mod proxy ajp and cause it to write 4 attacker controlled bytes after the end of a heap based buffer. This...
PT-2026-38598
Name of the Vulnerable Software and Affected Versions JeecgBoot versions prior to 3.9.2 Description An issue exists in the JSON Object Handler component where the manipulation of the condition argument in the '/sys/dict/loadTreeData' endpoint allows for remote SQL injection. SQL injection is a...
PT-2026-38329
Name of the Vulnerable Software and Affected Versions Spring Cloud Config versions 3.1.0 through 3.1.13 Spring Cloud Config versions 4.1.0 through 4.1.9 Spring Cloud Config versions 4.2.0 through 4.2.6 Spring Cloud Config versions 4.3.0 through 4.3.2 Spring Cloud Config versions 5.0.0 through 5.0...
PT-2026-38381
Name of the Vulnerable Software and Affected Versions Gotenberg versions prior to 8.30.0 Description The ExifTool metadata write blocklist can be bypassed using group-prefix syntax, allowing an attacker to perform arbitrary file rename, move, hardlink, and symlink creation on the server. The...
PT-2026-38396
Name of the Vulnerable Software and Affected Versions vm2 versions 3.9.6 through 3.10.5 Description The bridge in vm2 exposes mutable proxies for host-realm intrinsic prototypes and forwards sandbox writes into underlying host objects using otherReflectSet and otherReflectDefineProperty. This...
PT-2026-38621
Name of the Vulnerable Software and Affected Versions Note Mark versions 0.13.0 through 0.19.3 Description Authenticated users can upload assets to notes via the "/api/notes/noteID/assets" endpoint. The application stores the asset filename provided in the X-Name HTTP request header directly in t...
PT-2026-38300
Name of the Vulnerable Software and Affected Versions Lemur versions prior to 1.9.0 Description The LDAP authentication module lemur/auth/ldap.py constructs LDAP search filters using unsanitized user input via Python string interpolation. An authenticated LDAP user can inject LDAP filter...
PT-2026-37367
These are all security issues fixed in the icinga-php-library-0.19.2-1.1 package on the GA media of openSUSE Tumbleweed...
PT-2026-37197
Name of the Vulnerable Software and Affected Versions Pillow versions prior to 12.2.0 Description An integer overflow can occur when the library tracks the current position if a font advances for each glyph by an excessively large amount. Recommendations Update to version 12.2.0...
PT-2026-36668
Name of the Vulnerable Software and Affected Versions Apache Polaris affected versions not specified Description Apache Polaris issues broad temporary storage credentials during staged table creation before validating or reserving the effective table location. This allows an attacker to direct th...
PT-2026-34180
Name of the Vulnerable Software and Affected Versions Tekton Pipelines versions 1.0.0 through 1.10.x Description The git resolver fails to validate the revision parameter, which is passed directly as a positional argument to the git fetch command. This allows an attacker to inject arbitrary flags...
PT-2026-30141
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw where the aqc111 suspend function calls the PM variant of its write cmd routine, leading to a task hang during resume operations. Specifically, the issue...
PT-2026-8383
Apple recently patched the missing piece in the userland part of the Dec'25 full-chain exploit. CVE-2026-20700: dyld memory corruption to PAC bypass This bug completes the chain of CVE-2026-43529 jsc UAF RCE, PoC public and CVE-2026-14174 Angle OOB EoP, no working PoC yet. Patched in iOS 26.3...
PT-2026-6978
Name of the Vulnerable Software and Affected Versions GitLab AI Gateway versions 18.1.6 through 18.8.0 Description The GitLab AI Gatewayβs Duo Workflow Service component contains a flaw related to improper code generation. This issue allows authenticated attackers to cause a Denial of Service or...
PT-2026-5946
Name of the Vulnerable Software and Affected Versions Lexmark Embedded Solutions Framework affected versions not specified Description An untrusted search path issue exists in Lexmark devices, potentially allowing an attacker to execute arbitrary code. This flaw enables DLL hijacking without...
PT-2026-6281
Name of the Vulnerable Software and Affected Versions Fastify versions prior to 5.7.2 Description Fastify is a web framework for Node.js. A validation bypass exists where request body validation schemas specified by Content-Type can be circumvented. Appending a tab character t followed by arbitra...
PT-2025-49626
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the hpsa init one function within the SCSI subsystem of the Linux kernel. The hpda alloc ctlr info function allocates memory for a controller information structur...
PT-2025-46861
MaxKB is an open-source AI assistant for enterprise. In versions prior to 2.3.1, a user can get sensitive informations by Python code in tool module, although the process run in sandbox. Version 2.3.1 fixes the issue...
PT-2025-37346
Name of the Vulnerable Software and Affected Versions: Liferay Portal versions 7.1.0 through 7.4.3.101 Liferay DXP versions 2023.Q3.1 through 2023.Q3.4 Liferay Portal 7.4 GA through update 92 Liferay Portal 7.3 GA through update 35 Older unsupported versions Description: An open redirect issue...
PT-2025-36507
Name of the Vulnerable Software and Affected Versions: Fides versions prior to 2.69.1 Description: Fides is an open-source privacy engineering platform. Admin UI user password changes do not invalidate active user sessions prior to version 2.69.1, creating a vulnerability chaining opportunity...
PT-2025-33890 Β· Totvs Β· Totvs Portal Meu Rh
Name of the Vulnerable Software and Affected Versions: TOTVS Portal Meu RH versions up to 12.1.17 Description: A flaw has been identified in the Password Reset Handler component that may allow for an open redirect. Manipulation of the redirectUrl argument can lead to a redirect to an arbitrary UR...
PT-2025-34069 Β· Undefined Β· Undefined
π₯ Critical & High-Severity CVEs 1. CVE-2025-27461 β Ivanti Connect Secure / Policy Secure Auth Bypass β RCE Severity: Critical 9.8 Vector: Exploitable over the internet; bypasses auth β remote code execution. Why it matters: Actively exploited by ransomware crews; initial access vector. Defender...
PT-2025-34146 Β· My-Site Β· My-Site
Name of the Vulnerable Software and Affected Versions: my-site version 1.0.2 Description: Incorrect access control in the preHandle function allows attackers to access sensitive components without authentication via the cn.luischen.interceptor.BaseInterceptor class. Recommendations: Update to a...
PT-2025-32422 Β· Workos Β· Authkit
Name of the Vulnerable Software and Affected Versions: @workos-inc/authkit-remix versions 0.14.1 and below Description: The AuthKit library for Remix exposed sensitive authentication artifacts β specifically sealedSession and accessToken β by returning them from the authkitLoader, causing them to...
PT-2025-29613 Β· Cyberark Β· Secrets ManagerΒ +1
Name of the Vulnerable Software and Affected Versions: Conjur OSS versions 1.19.5 through 1.21.1 Secrets Manager, Self-Hosted versions 13.1 through 13.4.1 Description: Conjur provides secrets management and application identity for infrastructure. An authenticated attacker who can inject secrets ...
PT-2025-28925 Β· Jenkins Β· Jenkins Sensedia Api Platform Tools Plugin
Name of the Vulnerable Software and Affected Versions: Jenkins Sensedia Api Platform Tools Plugin version 1.0 Description: The Jenkins Sensedia Api Platform Tools Plugin stores the Sensedia API Manager integration token unencrypted in its global configuration file on the Jenkins controller. This...
PT-2025-27340 Β· Undefined Β· Undefined
CVE-2013-1440 - CVE-2022-26237: Microsoft Windows DNS Server Remote Code Execution Vulnerability CVE ID : CVE-2013-1440 Published : June 26, 2025, 9:15 p.m. | 3 hours, 2 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity:...