184379 matches found
PT-2026-53076
Name of the Vulnerable Software and Affected Versions Zephyr versions 3.6.0 through 4.4.0 Description An out-of-bounds write exists in the IP socket recvmsg implementation within the insert pktinfo function. The issue occurs because the system validates the user-supplied ancillary msg control...
PT-2026-52759
Unauthenticated Cross Site Scripting XSS in Automatic 3.135.1 versions...
PT-2026-52187
OS Command Injection vulnerability in the traceroute action of Rapid7 InsightConnect Traceroute Plugin on Linux allows remote attackers to execute arbitrary OS commands via the host, port, max ttl, count, or time out request parameters due to insufficient input validation when constructing shell...
PT-2026-52606
Name of the Vulnerable Software and Affected Versions Grav versions prior to 1.6.30 Description A cross-site scripting issue exists in the default security configuration of the Admin plugin page editor. Privileged users with page editing capabilities can inject malicious scripts to execute...
PT-2026-51458
Name of the Vulnerable Software and Affected Versions Gogs versions prior to 0.14.3 Description Organization team member management can be performed via GET requests without Cross-Site Request Forgery CSRF protection. CSRF is a security flaw where an attacker tricks a logged-in user into executin...
PT-2026-51407
Name of the Vulnerable Software and Affected Versions Capgo versions prior to 12.128.2 Description A weak parsing issue exists in the x-limited-key-id header. Remote attackers can bypass subkey enforcement by submitting duplicate headers, zero, or malformed values that result in falsy values or N...
PT-2026-51462
Name of the Vulnerable Software and Affected Versions Budibase versions prior to 3.39.9 Description Authenticated users with automation permissions can bypass the Server-Side Request Forgery SSRF blacklist through DNS rebinding. This occurs because the outbound fetch flow resolves the DNS twice:...
PT-2026-51258
Name of the Vulnerable Software and Affected Versions kortix-ai suna versions prior to 0.8.39 Description A weakness in the Auth Endpoint component allows for remote cross-site scripting XSS, which is a technique where malicious scripts are injected into trusted websites. The issue exists within...
PT-2026-51229
Name of the Vulnerable Software and Affected Versions Craft CMS versions 5.0.0-RC1 and later Description A stored cross-site scripting issue exists in the User Permissions page. The software fails to properly perform HTML escaping when rendering user group names. This allows attackers with...
PT-2026-51132
Name of the Vulnerable Software and Affected Versions Simple File List versions prior to 6.3.8 Description The Simple File List plugin for WordPress contains insufficient authorization checks that allow unauthenticated attackers to delete and modify files on the server. This issue occurs within t...
PT-2026-50838
Name of the Vulnerable Software and Affected Versions Blocksy Companion versions prior to 2.1.46 Description The Blocksy Companion plugin for WordPress contains a Stored Cross-Site Scripting issue within the admin settings caused by insufficient input sanitization and output escaping. This allows...
PT-2026-50837
Name of the Vulnerable Software and Affected Versions BetterDocs - Knowledge Base Docs & FAQ Solution for Elementor & Block Editor versions prior to 4.5.4 Description Stored Cross-Site Scripting occurs via the blockId attribute of the 'betterdocs/category-slate-layout' Gutenberg block. The issue...
PT-2026-51063
Name of the Vulnerable Software and Affected Versions Oj versions prior to 3.17.3 Description When parsing a JSON object with a key of 254 bytes or longer, the Oj.load function in :object mode reads uninitialized stack memory. For keys 256 bytes or longer, the process also performs an out-of-boun...
PT-2026-51037
Name of the Vulnerable Software and Affected Versions Capgo versions prior to 12.128.2 Description A cross-tenant authorization bypass exists in PostgREST endpoints. This issue allows API keys with organization-level read permissions to access webhook secrets and delivery logs belonging to other...
PT-2026-50628
The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress is vulnerable to generic SQL Injection via the 'name' parameter in all versions up to, and including, 1.15.43 due to insufficient escaping on the user supplied parameter and lack of sufficient...
PT-2026-50792
Name of the Vulnerable Software and Affected Versions guzzlehttp/psr7 versions prior to 2.12.1 Description guzzlehttp/psr7 fails to reject Carriage Return CR and Line Feed LF characters in specific HTTP start-line fields, including the request method, protocol version, and response reason phrase...
PT-2026-50796
Name of the Vulnerable Software and Affected Versions Relyra versions 1.0.0 through 1.1.0 Description Relyra is a SAML 2.0 Service Provider library for Elixir and Phoenix that accepts forged SAML signatures. This occurs because the SignatureValue is not cryptographically verified before the libra...
PT-2026-50224
In multiple locations there is a possible provisioning bypass due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
PT-2026-50535
Name of the Vulnerable Software and Affected Versions Shaarli versions prior to 0.16.2 Description A stored Cross-Site Scripting XSS issue exists in the Markdown-to-HTML conversion process used in the Bookmark Description field. An authenticated user can inject a malicious javascript: URI inside ...
PT-2026-50545
Typemill before 2.24.0 contains a path traversal vulnerability that allows authenticated attackers with Author-level privileges to read arbitrary files outside the content directory by supplying traversal sequences in the path query parameter passed to Storage::getFile with an empty folder...
PT-2026-50259
Name of the Vulnerable Software and Affected Versions Apache DolphinScheduler versions prior to 3.4.2 Description A missing authorization check in the DataSource API allows unauthenticated users to expose arbitrary data source metadata. This occurs because the API does not require a login to acce...
PT-2026-50518
Name of the Vulnerable Software and Affected Versions Hermes Agent versions prior to 0.16.0 Description A DNS rebinding issue in WebSocket endpoints allows remote attackers to bypass Host and Origin validation. This occurs because FastAPI HTTP middleware does not execute for WebSocket upgrade...
PT-2026-50235
Name of the Vulnerable Software and Affected Versions Google Android affected versions not specified Description A race condition in the eventCallback function of Nfc.h can lead to a use-after-free scenario. This issue allows for local escalation of privilege without requiring additional executio...
PT-2026-50400
Unauthenticated PHP Object Injection in Hiroshi = 1.5.1 versions...
PT-2026-50526
Name of the Vulnerable Software and Affected Versions SourceCodester CET Automated Grading System with AI Predictive Analytics version 1.0 Description Improper access controls exist within the Student Self-Registration Endpoint in the /index.php file. This flaw allows for remote exploitation,...
PT-2026-50055
Vulnerability in the Oracle Property Manager product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Property...
PT-2026-50082
Unauthenticated Arbitrary File Download in WordPress & WooCommerce Scraper Plugin, Import Data from Any Site = 1.0.7 versions...
PT-2026-50131
Name of the Vulnerable Software and Affected Versions Rocket.Chat versions prior to 8.5.1 Rocket.Chat versions prior to 8.4.4 Rocket.Chat versions prior to 8.3.6 Rocket.Chat versions prior to 8.2.6 Rocket.Chat versions prior to 8.1.6 Rocket.Chat versions prior to 8.0.7 Rocket.Chat versions prior ...
PT-2026-50175
Name of the Vulnerable Software and Affected Versions n8n versions prior to 2.25.7 n8n versions prior to 2.26.2 Description When @n8n/mcp-browser is operated in HTTP transport mode using the --transport http flag, the MCP endpoint allows session initialization and tool invocation requests without...
PT-2026-49916
Name of the Vulnerable Software and Affected Versions Oracle Fusion Middleware WebCenter Content: Imaging version 12.2.1.4.0 Oracle Fusion Middleware WebCenter Content: Imaging version 14.1.2.0.0 Description An issue in the Core component of WebCenter Content: Imaging allows an unauthenticated...
PT-2026-50074
Name of the Vulnerable Software and Affected Versions Oracle VM VirtualBox version 7.2.8 Description An issue exists in the VMSVGA device component of Oracle VM VirtualBox. A high-privileged attacker with logon access to the infrastructure where the software executes can compromise the system. Th...
PT-2026-50030
🚨 CVE-2026-46926 Vulnerability in the Siebel CRM Cloud Applications product of Oracle Siebel CRM component: Siebel Cloud Manager. Supported versions that are affected are 17.0-26.5. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Siebel CRM...
PT-2026-49290
Name of the Vulnerable Software and Affected Versions Ruoyi version 4.8.2 Description Cross Site Scripting XSS occurs at the '/system/notice/add' endpoint. XSS is a type of security flaw that allows an attacker to inject malicious scripts into web pages viewed by other users. Recommendations At t...
PT-2026-49528
Name of the Vulnerable Software and Affected Versions i18next versions prior to 2.6.6 Description Prototype pollution occurs via crafted missing-key strings when used to persist missing translation keys. This happens when the Backend.writeFile function splits queued missing-key strings using the...
PT-2026-49247
Name of the Vulnerable Software and Affected Versions Angular versions prior to 22.0.1 Angular versions prior to 21.2.17 Angular versions prior to 20.3.25 Description Angular supports Hydration via provideClientHydration to optimize client-side bootstrap in Server-Side Rendered SSR environments...
PT-2026-49136
driftregion iso14229 through 0.9.0 contains an integer underflow and downstream out-of-bounds read in the Handle 0x27 SecurityAccess function in iso14229.c that allows a remote unauthenticated attacker to crash a UDS server and potentially read memory past the receive buffer by sending a...
PT-2026-48976
Name of the Vulnerable Software and Affected Versions Hash Elements versions prior to 1.5.5 Description An issue in HashThemes Hash Elements allows the retrieval of embedded sensitive system information to an unauthorized control sphere. Recommendations Update to version 1.5.5 or later...
PT-2026-48823
Name of the Vulnerable Software and Affected Versions UniFi OS affected versions not specified Description An improper input validation issue exists in certain devices running UniFi OS. A malicious actor with network access and low privileges can exploit this to escalate privileges within the...
PT-2026-49033
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.5.18 Description An approval display truncation issue allows authenticated users to hide command suffixes from approvers. This enables attackers to submit oversized exec commands that feature benign prefixes and...
PT-2026-49048
Name of the Vulnerable Software and Affected Versions Avira Antivirus versions prior to 8.3.70.76 Description A heap buffer out-of-bounds read occurs in the antivirus engine when scanning a malformed PDF file. This issue may lead to local execution of code or a denial-of-service of the engine...
PT-2026-48789
Name of the Vulnerable Software and Affected Versions Idira Identity Browser Extension Chrome, Firefox, and Edge builds versions prior to 26.8.1 Description An origin validation flaw exists within the internal web-page verification routines. This issue allows a remote attacker to trigger...
PT-2026-48610
The Open User Map PRO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'oum location notification' parameter in versions up to, and including, 1.4.31 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
PT-2026-48617
Name of the Vulnerable Software and Affected Versions Spring Web Services versions 5.0.0 through 5.0.1 Spring Web Services versions 4.1.0 through 4.1.3 Spring Web Services versions 4.0.0 through 4.0.18 Spring Web Services versions 3.1.0 through 3.1.8 Description The Wss4jSecurityInterceptor...
PT-2026-48810
Name of the Vulnerable Software and Affected Versions CodeIgniter versions prior to 4.7.3 Description The ext in upload validation rule incorrectly checks the MIME-derived guessed extension instead of the extension provided in the client filename. This allows a file with an executable extension,...
PT-2026-48622
Name of the Vulnerable Software and Affected Versions Spring Web Services versions 5.0.0 through 5.0.1 Spring Web Services versions 4.1.0 through 4.1.3 Spring Web Services versions 4.0.0 through 4.0.18 Spring Web Services versions 3.1.0 through 3.1.8 Description When WS-Addressing is used with...
PT-2026-48618
Name of the Vulnerable Software and Affected Versions Spring Web Services versions 5.0.0 through 5.0.1 Spring Web Services versions 4.1.0 through 4.1.3 Spring Web Services versions 4.0.0 through 4.0.18 Spring Web Services versions 3.1.0 through 3.1.8 Description X509AuthenticationProvider could...
PT-2026-48443
A flaw was found in migration-planner. An authenticated user can exploit this vulnerability by sending a DELETE request to the /api/v1/sources route, which lacks proper authorization and filtering. This allows for the destruction of all customer data, including sources, agents, and assessments,...
PT-2026-48453
A missing authentication check on the Aix‑DB "/llm/process llm out" endpoint allows unauthenticated clients to execute arbitrary "SELECT" SQL queries and retrieve database data, as the endpoint lacks the token validation enforced on all other application endpoints. All releases up to 1.2.4 are...
PT-2026-48473
Name of the Vulnerable Software and Affected Versions go-base versions prior to the May 17, 2026 patch Description The software contains a hardcoded JWT signing secret set to "random" in the dev.env template and as a programmatic fallback in the viper.SetDefault function within cmd/serve.go. A...
PT-2026-47751
A vulnerability in the quarantine and restore workflow of the X-VPN macOS website versions 77.0 through 77.5 allow a local attacker to leverage a race condition and symlink manipulation to achieve privileged file corruption...