175418 matches found
PT-2026-39969
The AzonPost plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the editpos hidden parameter in all versions up to, and including, 1.3. This is due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrar...
PT-2026-40180
Out-of-bounds read in Windows DWM Core Library allows an authorized attacker to disclose information locally...
PT-2026-40145
Name of the Vulnerable Software and Affected Versions Windows Message Queuing affected versions not specified Description A double free issue in Windows Message Queuing allows an authorized attacker to elevate privileges locally. A double free occurs when a program attempts to free the same memor...
PT-2026-40093
Name of the Vulnerable Software and Affected Versions IntelR Data Center Graphics Driver for VMware ESXi versions prior to 2.0.2 Description A buffer overflow in the Ring 1: Device Drivers may allow a privileged local attacker to escalate privileges and execute arbitrary code. This issue can be...
PT-2026-40096
Improper access control for some Intel Vision software for all versions within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an unauthenticated user combined with a low complexity attack may enable remote code execution. This result may potentially...
PT-2026-40443
Name of the Vulnerable Software and Affected Versions efw4.X versions prior to 4.08.010 Description The unZip function in efw.file.FileManager writes zip entries to disk using new FilebaseDir, zipEntry.getName without performing a canonical-path check. This allows an attacker to use entry names...
PT-2026-39922
Name of the Vulnerable Software and Affected Versions SAP Commerce cloud affected versions not specified Description Improper Spring Security configuration allows an unauthenticated user to perform malicious configuration upload and code injection. This can result in arbitrary server-side code...
PT-2026-39571
A security flaw has been discovered in D-Link DNS-320 2.06B01. This affects the function delete/rename/copy/move/chmod/chown of the file /cgi-bin/webfile mgr.cgi. The manipulation results in os command injection. The attack may be performed from remote. The exploit has been released to the public...
PT-2026-39715
Name of the Vulnerable Software and Affected Versions Inbox Zero versions prior to 2.29.3 Description The cleaner email stream endpoint used a shared Redis subscription listener. This configuration could result in thread events for one authenticated account being delivered to another authenticate...
PT-2026-39578
The Elasticsearch logging provider, when configured with a host URL that embeds credentials for example https://user:[email protected]:9200, wrote the full host URL — including the embedded credentials — into task logs. Any user with task-log read permission could harvest the backend...
PT-2026-39880
Name of the Vulnerable Software and Affected Versions Mantis Bug Tracker MantisBT versions prior to 2.28.2 Description Flawed logic in the Update Issue page 'bug update page.php' causes improper escaping of textarea custom field contents. This allows an authenticated user with low-privilege bug...
PT-2026-39722
Name of the Vulnerable Software and Affected Versions Python affected versions not specified Description The xml.parsers.expat and xml.etree.ElementTree modules use insufficient entropy for Expat hash-flooding protection. This allows a specially crafted XML document to trigger hash flooding, a...
PT-2026-39884
Name of the Vulnerable Software and Affected Versions MantisBT affected versions not specified Description Incorrect escaping of a saved filter's owner allows an attacker to inject arbitrary HTML on systems where the $g show user realname variable is set to ON, leading to Cross-site scripting XSS...
PT-2026-39543
Name of the Vulnerable Software and Affected Versions Open5GS versions prior to 2.7.8 Description A remote denial of service issue exists in the SMF component. The problem is located in the smf n4 build qos flow to modify list function within the /src/smf/n4-build.c file. Recommendations Update t...
PT-2026-39454
A security vulnerability has been detected in Wavlink NU516U1 240425. Impacted is the function advance of the file /cgi-bin/wireless.cgi. Such manipulation of the argument wlan conf/Channel/skiplist/ieee 80211h leads to os command injection. The attack may be launched remotely. The exploit has be...
PT-2026-39327
Name of the Vulnerable Software and Affected Versions Hono versions prior to 4.12.18 Description Cache Middleware fails to skip caching for responses that declare per-user variance using the Vary: Authorization or Vary: Cookie headers. While the middleware correctly skips caching for Vary: ,...
PT-2026-39420
Name of the Vulnerable Software and Affected Versions Hex-Rays IDA Pro versions 9.2 through 9.3 Hex-Rays IDA Pro versions prior to 9.3sp2 Description An argument injection flaw exists where the software fails to block Clang dependency-file generation. This allows an attacker to place malicious co...
PT-2026-39263
Name of the Vulnerable Software and Affected Versions MCP Registry versions prior to 1.7.7 Description The public catalogue UI served at the 'GET /' endpoint is subject to stored cross-site scripting. This occurs via the server.websiteUrl field of published server.json files. The server-side...
PT-2026-38703
Vulnerability in the Java SE product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 11.0.8 and 15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of th...
PT-2026-39192
Name of the Vulnerable Software and Affected Versions VM2 affected versions not specified Description A sandbox breakout allows attackers to write code that escapes the VM2 sandbox to execute arbitrary commands on the host system. This occurs in the handleException function where exceptions with ...
PT-2026-38689
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u261 and 8u251; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols ...
PT-2026-39290
Summary MikroORM's identifier-quoting helper Platform.quoteIdentifier and the postgres/mssql overrides and its JSON-path emitters Platform.getSearchJsonPropertyKey, quoteJsonKey did not properly escape characters that delimit the SQL identifier or string-literal context they emit into. When...
PT-2026-39462
Name of the Vulnerable Software and Affected Versions libexpat versions prior to 2.8.1 Description The computational complexity of attribute name collision checks allows a denial of service when processing moderately sized crafted XML input. Recommendations Update to version 2.8.1 or later...
PT-2026-39003
Name of the Vulnerable Software and Affected Versions PraisonAI versions prior to 4.6.34 Description The Model Context Protocol MCP server in PraisonAI contains a path traversal flaw in its file-handling tools. The server registers four tools by default: 'praisonai.rules.create',...
PT-2026-38618
Name of the Vulnerable Software and Affected Versions Zebra versions 4.3.1 through 4.3.1 Description Insufficient error handling during sighash computation can lead to consensus divergence. When an invalid sighash type is encountered, the system fails to return an error, leaving the input sighash...
PT-2026-38407
Name of the Vulnerable Software and Affected Versions PyTorch Lightning versions 2.6.2 through 2.6.3 Description PyTorch Lightning, a deep learning framework used to pretrain and finetune AI models, contains compromised versions that include malicious code. This code introduces functionality...
PT-2026-38334
Name of the Vulnerable Software and Affected Versions OpenEXR versions 3.0.0 through 3.2.8 OpenEXR versions 3.3.0 through 3.3.10 OpenEXR versions 3.4.0 through 3.4.10 Description The IDManifest::init function reconstructs strings from a prefix-compressed representation. When a previous string...
PT-2026-38391
Name of the Vulnerable Software and Affected Versions vm2 versions prior to 3.11.0 Description A sandbox boundary violation allows host object identity to cross into the sandbox through host Promise resolution. When a host-side Promise that resolves to a host object is exposed to the sandbox, the...
PT-2026-38412
Name of the Vulnerable Software and Affected Versions Docling-Graph versions prior to 1.5.1 Description The URLInputHandler class in docling graph/core/input/handlers.py makes HTTP requests to user-supplied URLs without validating if the target resolves to a private, loopback, or link-local IP...
PT-2026-38399
Name of the Vulnerable Software and Affected Versions Netty affected versions not specified Description Resource exhaustion occurs because the MQTT 5 header Properties section is parsed and buffered before any message size limit is applied. In the MqttDecoder class, the decodeVariableHeader...
PT-2026-37596
In the Linux kernel, the following vulnerability has been resolved: media: qcom: camss: vfe: Fix out-of-bounds access in vfe isr reg update vfe isr iterates using MSM VFE IMAGE MASTERS NUM7 as the loop bound and passes the index to vfe isr reg update. However, vfe-line array is defined with VFE...
PT-2026-38273
Name of the Vulnerable Software and Affected Versions Flight versions prior to 3.18.1 Description The getMethod function unconditionally honors the X-HTTP-Method-Override header and the method parameter within the $ REQUEST variable on any HTTP verb, including safe verbs like GET. This occurs...
PT-2026-38312
Summary Nerdbank.MessagePack contains an uncontrolled stack allocation vulnerability in DateTime decoding. A malicious MessagePack payload can declare an oversized timestamp extension length, causing the reader to allocate an attacker-controlled number of bytes on the stack. This can trigger a...
PT-2026-37278
Name of the Vulnerable Software and Affected Versions Grav versions prior to 2.0.0-beta.2 Description A stored Cross-Site Scripting XSS issue allows publisher-level accounts to execute arbitrary JavaScript. The problem is caused by a blacklist bypass in the detectXss function, which fails to...
PT-2026-37053
Name of the Vulnerable Software and Affected Versions apko versions prior to 1.2.7 Description The DiscoverKeys function in pkg/apk/apk/implementation.go performs an unconditional type-assertion of JWKS JSON Web Key Set keys as rsa.PublicKey without verifying the key type. If a repository JWKS...
PT-2026-35782
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.2 Description An improper access control issue exists in the iOS A2UI bridge, which incorrectly treats generic local-network pages as trusted origins. This allows attackers to inject unauthorized agent.request...
PT-2026-35539
Name of the Vulnerable Software and Affected Versions Spring Boot versions 4.0.0 through 4.0.5 Spring Boot versions 3.5.0 through 3.5.13 Description When configured to use an SSL bundle, the RabbitMQ auto-configuration fails to perform hostname verification during the connection process to the...
PT-2026-34428
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the nvme-pci component. When a user changes the polled queue count at run time, a brief window during a reset may allow a hipri task to poll a queue before the...
PT-2026-31254
Name of the Vulnerable Software and Affected Versions tagDiv Composer versions through 5.4.3 Description An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' issue exists in tagDiv Composer td-composer, allowing Stored XSS. The issue affects the software from n/a...
PT-2026-31102
Name of the Vulnerable Software and Affected Versions Masteriyo LMS – Online Course Builder for eLearning, LMS & Education plugin for WordPress versions up to and including 2.1.7 Description The Masteriyo LMS plugin is affected by an authorization bypass issue. Insufficient webhook signature...
PT-2026-30482
UniSharp Laravel File Manager v2.0.0-alpha7 and v2.0 contain an arbitrary file upload vulnerability that allows authenticated attackers to upload malicious files by sending multipart form data to the upload endpoint. Attackers can upload PHP files with the type parameter set to Files and execute...
PT-2026-27060
Name of the Vulnerable Software and Affected Versions trx addons WordPress plugin versions prior to 2.38.5 Description The software does not properly validate file types during an AJAX action, potentially allowing unauthenticated users to upload arbitrary files. This is related to a previous fix...
PT-2026-22558
Name of the Vulnerable Software and Affected Versions Linksys Wlan AP affected versions not specified Description The WLAN AP firmware contains a flaw where an incorrect bounds check can lead to an out-of-bounds write. This condition could allow for remote proximal/adjacent escalation of privileg...
PT-2026-21777
Name of the Vulnerable Software and Affected Versions Trellix HX Agent affected versions not specified Description A security issue exists in the Trellix HX Agent driver file fekern.sys that could allow a local user to gain elevated system privileges. Exploitation involved leveraging a Bring Your...
PT-2026-20223
IBM MQ Operator SC2 v3.2.0–3.8.1, LTS v2.0.0–2.0.29 and IBM‑supplied MQ Advanced container images across affected SC2, CD, and LTS 9.3.x–9.4.x releases contain a vulnerability where log messages are not properly neutralized before being written to log files. This flaw could allow an unauthorized...
PT-2026-7969
A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receives maliciously crafted packets, Vnet/IP software stack process may be terminated. The affected products and versions are as follows: Vnet/IP Interface Package for CENTU...
PT-2026-6858
Claude Code's bubblewrap sandboxing mechanism failed to properly protect the .claude/settings.json configuration file when it did not exist at startup. While the parent directory was mounted as writable and .claude/settings.local.json was explicitly protected with read-only constraints,...
PT-2026-7186
Name of the Vulnerable Software and Affected Versions FUXA versions through 1.2.9 Description FUXA is a web-based Process Visualization SCADA/HMI/Dashboard software. A path traversal issue allows an unauthenticated, remote attacker to write arbitrary files to arbitrary locations on the server...
PT-2026-5411
Dolibarr 11.0.3 contains a persistent cross-site scripting vulnerability in LDAP synchronization settings that allows attackers to inject malicious scripts through multiple parameters. Attackers can exploit the host, slave, and port parameters in /dolibarr/admin/ldap.php to execute arbitrary...
PT-2026-4277
Edge Crisis: CISA added two critical vulnerabilities to the Known Exploited Vulnerabilities catalog yesterday. CVE-2026-21809 and CVE-2026-21810 target Citrix Workspace and Ivanti Connect Secure. Federal agencies have until February 11 to remediate...