PT-2026-45406

A security flaw has been discovered in itsourcecode Content Management System 1.0. This issue affects some unknown processing of the file /admin/update ss img.php. The manipulation of the argument topic id results in sql injection. The attack can be executed remotely. The exploit has been release...

PT-2026-45558

CodexBar prior to 0.32.0 contains an insecure temporary file handling vulnerability that allows local attackers to access sensitive credentials or tamper with build artifacts by exploiting predictable file paths in the release notarization workflow. Attackers with access to the same host can read...

PT-2026-45469

Nextcloud is an open source content collaboration platform. From version 33.0.0 to before version 33.1.0, after unlocking a locked Android phone the back-button could be used to bypass the Nextcloud Files app PIN. This issue has been patched in version 33.1.0...

PT-2026-45412

🔒 CyberSecurity CVE-2026-37890: Atlassian Confluence OGNL Injection — Detection and Emergency P… "Critical OGNL injection flaw CVE-2026-37890 in Atlassian Confluence…" 🔗 https://t.co/RLZcRST2d3 CyberSecurity ThreatIntel penetrationtesting redteam offensivesecurity...

PT-2026-45447

A flaw has been found in a4m4 Student-Management-System up to f0c5f6842c5e8c431ff02b5260a565ca844df3a0. The affected element is an unknown function of the file admin/ of the component Admin Endpoint. This manipulation of the argument uid causes execution after redirect. It is possible to initiate...

PT-2026-45572

In hide of WindowState.java, there is a possible way to trick the user into approving permissions due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2026-45272

A vulnerability was found in raisulislamg4 student management system by php up to 310d950e09013d5133c6b9210aff9444382d16d1. The impacted element is an unknown function of the file admission form check.php. The manipulation of the argument Message results in cross site scripting. The attack can be...

PT-2026-45576

In createSessionInternal of PackageInstallerService.java, there is a possible to update a Device Policy Controller DPC into an invalid directory due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not...

PT-2026-45593

In approvalLevelForDomainInternal of DomainVerificationService.java, there is a possible way to hijack an arbitrary app link due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

PT-2026-45269

A vulnerability was detected in raisulislamg4 student management system by php up to 310d950e09013d5133c6b9210aff9444382d16d1. This issue affects some unknown processing of the file login check.php of the component Login. Performing a manipulation of the argument Username results in sql injection...

PT-2026-45528

Name of the Vulnerable Software and Affected Versions Nextcloud versions 1.3.6 through 8.3.x Description An improper check in the authentication process allows users provided by LDAP to continue authenticating via user OIDC even after they have been deleted. Recommendations Update to version 8.4....

PT-2026-45278

A vulnerability was detected in Mettle sendportal up to 3.0.1. This affects an unknown part of the file /webview/ of the component Campaign Handler. The manipulation of the argument content results in cross site scripting. The attack can be launched remotely. The exploit is now public and may be...

PT-2026-45649

Name of the Vulnerable Software and Affected Versions Kiteworks versions prior to 9.3.0 Description Kiteworks is a private data network PDN. An Insecure Direct Object Reference IDOR—a flaw where an application provides direct access to objects based on user-supplied input—exists in Kiteworks Secu...

PT-2026-45547

Insufficient granularity of access control in ASP AMD Secure Processor may allow an attacker with an untrusted user space application to map sensitive SMN System Management Network apertures leading to a potential escalation of privileges...

PT-2026-45659

Name of the Vulnerable Software and Affected Versions Strongbox affected versions not specified Description A buffer overflow leads to memory corruption when using Strongbox. A buffer overflow occurs when a program writes more data to a block of memory, or buffer, than it is allocated to hold,...

PT-2026-45632

Information Disclosure when processing advertisement frames with malformed MBSSID elements of insufficient length...

PT-2026-45570

In bta jv rfcomm connect of bta jv act.cc, there is a possible bypass of bonding for a secure connection due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2026-45356

Name of the Vulnerable Software and Affected Versions SOPlanning versions prior to 1.56 Description Lack of authorization enforcement for backup functionalities allows an unauthenticated attacker to query backup-related endpoints. This can lead to the retrieval of backup archives containing user...

PT-2026-45598

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. affected versions not specified Description In the getApplicationLabel function of KeyChainActivity.java, misleading or insufficient user interface elements may allow a user to be tricked into approving...

PT-2026-45281

Name of the Vulnerable Software and Affected Versions Apache Airflow versions prior to 3.2.2 Description A bug in the GET '/api/v2/connections/connection id' REST API endpoint allows an authenticated UI/API user with Connection-read permission to retrieve secrets stored in a Connection's extra JS...

PT-2026-45216

Name of the Vulnerable Software and Affected Versions Assimp versions prior to 6.0.5 Description A null pointer dereference occurs in the glTF2::LazyDict function within the glTF2Asset.h library. This issue is triggered by the manipulation of the operator argument and requires local access to be...

PT-2026-45089

Name of the Vulnerable Software and Affected Versions Spectra Gutenberg Blocks – Website Builder for the Block Editor versions prior to 2.19.26 Description The plugin is susceptible to Remote Code Execution, allowing authenticated attackers with Contributor-level access or higher to execute code ...

PT-2026-45091

A vulnerability was determined in Open5GS up to 2.7.7. Affected by this issue is the function handle scp info in the library lib/sbi/nnrf-handler.c of the component Shared NF-profile Parser. This manipulation causes out-of-bounds write. The attack can be initiated remotely. The exploit has been...

PT-2026-44908

Name of the Vulnerable Software and Affected Versions Froxlor versions 2.3.6 and earlier Description DNS record content is concatenated directly into bind9 zone files in the DnsEntry.php file, which allows for zone file injection. The issue stems from incomplete validation of LOC, RP, SSHFP, and...

PT-2026-44897

OpenClaw before 2026.4.29 contains an SSRF policy bypass vulnerability in browser debug and export routes that allows reuse of already-open blocked tabs. Attackers with access to these routes can bypass private-network SSRF policies by reusing blocked tabs to export or inspect content that should...

PT-2026-44759

The Plus Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'carousel direction' parameter of the Carousel Anything widget in versions up to, and including, 6.4.15 This is due to insufficient output escaping in the render function, where the carousel...

PT-2026-45039

Summary modules/sso/clients.php validates an adm csrf token on every state-changing branch except enable. The enable case loads the SAML or OIDC client by UUID, calls $client-enable$enabled, and persists the new state with no token check. Because the action is reachable via plain GET parameters, ...

PT-2026-45034

Description The Twilio SMS notifier bridge ships a webhook request parser used to authenticate and decode the status callbacks Twilio POSTs to an application's webhook endpoint. Its doParseRequest $request, SensitiveParameter string $secret method receives the configured webhook secret but never...

PT-2026-44893

QuickCMS allows a user's session identifier to be set before authentication. The value of this session ID stays the same after authentication. This behaviour enables an attacker to fix a session ID for a victim and later hijack the authenticated session. This issue was fixed in a patch to version...

PT-2026-44265

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the libwx network component where a Virtual Function VF attempts to access the WX CFG PORT ST register. Because this is a Physical Function PF restricted register, the...

PT-2026-44331

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the batman-adv module, TP meter sessions remain linked on bat priv-tp list after a netlink request finishes. When the mesh interface is removed, the batadv mesh free function tears do...

PT-2026-44461

An issue in SourceBans Material Admin before v.1.1.6 3ecd95e allows attackers to manipulate arbitrary user data in the web app via a crafted XAJAX call...

PT-2026-44372

qSnapper: Vulnerable Privileged D-Bus Service https://t.co/uQxI7YkxyL GUI frontend for the Snapper utility for managing Btrfs snapshots. DoS, authentication bypass, information leaks, or even a local root exploit. SUSE discovered 5 CVEs CVE-2026-41045 through 41049 and more...

PT-2026-44238

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description The biovec phys mergeable function, used in request merge, DMA mapping, and integrity merge paths, fails to verify if physically contiguous bvec segments belong to different dev pagemaps...

PT-2026-44285

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description A double free issue exists in the Linux kernel within the ice sf eth activate function. When auxiliary device add fails, the execution jumps to aux dev uninit and calls auxiliary device...

PT-2026-44288

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A self-deadlock occurs in the openvswitch vport during the release of tunnel ports. Vports are protected by RCU Read-Copy-Update, a synchronization mechanism that allows multiple readers...

PT-2026-44724

Name of the Vulnerable Software and Affected Versions python311-dulwich versions prior to 1.2.5-1.1 Description Security issues were identified in the python311-dulwich package. Recommendations Update to version 1.2.5-1.1...

PT-2026-44244

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description A use-after-free issue exists in the DAMON sysfs interface. Direct reads and writes of the memcg path and path files can race, as the write operation deallocates the buffer pointed to by...

PT-2026-44249

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description An issue exists in the RDMA mana component where the mana destroy wq obj cleanup process in mana ib create qp rss is handled...

PT-2026-44341

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A bounds checking issue exists in the Linux kernel DRM AMD GPU driver. The uvd, vce, and vcn components access the Indirect Buffer IB at predefined offsets without verifying if the IB is...

PT-2026-44301

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description A resource leak occurs in the RDMA/mlx4 component of the Linux kernel. The issue exists within the mlx4 ib create srq...

PT-2026-44278

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds read exists in the smb2 compound op function. This occurs when a server sends a truncated response with a large OutputBufferLength and terminates the EA list early. In...

PT-2026-44248

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description A use-after-free or double-free condition exists in the mac80211 wireless subsystem when debugfs is enabled. This occurs...

PT-2026-43985

Name of the Vulnerable Software and Affected Versions IBM Langflow OSS versions 1.0.0 through 1.9.0 Description Uncontrolled resource consumption may lead to a denial of service, a condition where a system becomes unavailable to its intended users. Recommendations At the moment, there is no...

PT-2026-43785

In the Linux kernel, the following vulnerability has been resolved: ovpn: tcp - don't deref NULL sk socket member after tcp close When deleting a peer in case of keepalive expiration, the peer is removed from the OpenVPN hashtable and is temporary inserted in a "release list" for further...

PT-2026-44164

Name of the Vulnerable Software and Affected Versions Basket versions prior to 2.1.17 Description The Basket module, which provides e-commerce and checkout functionality for Drupal sites, fails to sufficiently sanitize user-supplied data before it is processed by the PHP unserialize function. Thi...

PT-2026-43739

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the pqi report phys luns function. The issue arises when the function encounters an unsupported data format or when the allocation for the rpl 16byte wwid list...

PT-2026-43729

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the iommu/vt-d component where the address of a freshly allocated zero-initialized PASID table is written to a PASID directory entry before the CPU cache flush occurs...

PT-2026-43898

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A deadlock occurs in the ks8851 driver when the ks8851 irq function is executed. If a TX packet has been sent, the driver enables the TX queue via netif wake queue, which schedules a TX...

PT-2026-43619

Threat Intel May 26, 2026 Vulnerability Intelligence Briefing Curated from daily vulnerability intelligence monitoring and exploitation telemetry analysis by cvelogic. --- 1. Known Exploited Vulnerabilities CISA KEV CVE-2026-48172 LiteSpeed cPanel Plugin Added to the CISA KEV catalog following...