PT-2026-44004

Name of the Vulnerable Software and Affected Versions LibVNCClient versions prior to 0.9.16 Description The Tight encoding decoder in LibVNCClient uses fixed-size 2048-pixel scratch buffers for the Gradient filter but fails to reject Tight rectangles with a width exceeding 2048 pixels. A maliciou...

PT-2026-44054

Name of the Vulnerable Software and Affected Versions Frappe HR versions prior to 16.5.0 Description Frappe HR is an open-source human resources management solution HRMS. Authenticated employees can access leave details of other employees because of improper authorization checks. Recommendations...

PT-2026-43179

A vulnerability was detected in Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform 3000WEBV2. Affected by this vulnerability is an unknown functionality of the file /SubstationWEBV2/app/..;/calc/getCalcmeterDetailDayListTree. Performing a manipulation of the argument...

PT-2026-43190

Versions of the package @koa/router from 14.0.0 and before 15.0.0 are vulnerable to Access Control Bypass due to the middleware being silently dropped from the execution chain when the router prefix contains path parameters. Depending on what the skipped middleware was supposed to protect, an...

PT-2026-43197

Name of the Vulnerable Software and Affected Versions CODESYS Development System affected versions not specified Description The software extracts installation files to a temporary directory using incorrect default permissions during administrative installation. This allows a low-privileged local...

PT-2026-43201

Missing Authorization vulnerability in Webful Creations RepairBuddy allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects RepairBuddy: from n/a through 4.1121...

PT-2026-43239

A Check Point HTTP-based service can incorrectly handle malformed HTTP requests. The issue is related to HTTP request parsing and validation...

PT-2026-43360

A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process...

PT-2026-43317

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An improper access check allows privilege escalation through the com users batch task. Recommendations At the moment, there is no information about a newer versi...

PT-2026-43287

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Lack of output escaping in the feed modules allows for a Cross-Site Scripting XSS vector. XSS is a flaw where an application includes untrusted data in a web pag...

PT-2026-43285

Name of the Vulnerable Software and Affected Versions NVIDIA Transformers4Rec for Linux affected versions not specified Description Improper deserialization of untrusted data may occur, which is the process of converting data from a format like JSON or XML back into an object in a way that allows...

PT-2026-43426

Name of the Vulnerable Software and Affected Versions code-projects Project Management System version 1.0 Description A SQL injection issue exists within the Login component in the chk.php file. This flaw allows a remote attacker to manipulate an unknown function to execute arbitrary SQL commands...

PT-2026-43453

Summary Kata Containers ships with a default configuration that allows pod creators to inject arbitrary command-line arguments into the virtiofsd process through the io.katacontainers.config.hypervisor.virtio fs extra args pod annotation. By injecting -o source=/ along with --no-announce-submount...

PT-2026-42981

A vulnerability has been found in Sushmi-pal Invoice-System up to a0a3faa16dee2621b231ae227333f5761607283b. This vulnerability affects unknown code of the file /profile of the component Profile Workflow. Such manipulation of the argument ID leads to improper authorization. It is possible to launc...

PT-2026-42984

A vulnerability was identified in SourceCodester Indian Invoicing System 1.0. The affected element is an unknown function of the file /Invoicing/category.php. The manipulation of the argument msg leads to cross site scripting. The attack may be initiated remotely. The exploit is publicly availabl...

PT-2026-42982

A vulnerability was found in SourceCodester Indian Invoicing System 1.0. This issue affects some unknown processing of the file /Invoicing/IGST Invoice.php of the component Invoice Generation Handler. Performing a manipulation of the argument customer name/category results in sql injection. The...

PT-2026-43020

A severe vulnerability was disclosed for Edimax EW-7438RPn CVE-2026-9482 https://t.co/41d9U3ZOrq...

PT-2026-43013

Mattermost versions 11.6.x = 11.6.0, 11.5.x = 11.5.3, 11.4.x = 11.4.4, 10.11.x = 10.11.14 fail to filter nil elements from outgoing webhook attachment payloads before processing, which allows an authenticated user to cause a denial of service server process termination via a crafted webhook...

PT-2026-43018

A vulnerability was determined in Edimax BR-6675nD 1.12. Affected is the function stainfo of the file /goform/stainfo. This manipulation of the argument interface causes command injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized...

PT-2026-43029

Name of the Vulnerable Software and Affected Versions SourceCodester Simple POS and Inventory System version 1.0 Description An issue exists in the GET Parameter Handler component where the delete function within the '/admin/deleteproduct.php' endpoint is susceptible to SQL injection. This occurs...

PT-2026-43075

A vulnerability was detected in Edimax EW-7438RPn 1.31. Affected by this vulnerability is the function formWpsProxyEnable of the file /goform/formWpsProxyEnable. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack can be launched remotely. The exploit is...

PT-2026-43073

Allocation of Resources Without Limits or Throttling vulnerability in benoitc hackney allows Flooding. hackney h3:await response loop/6 accumulates the HTTP/3 response body in memory without any size cap. The after Timeout clause is a per-message inactivity timer that resets on every received...

PT-2026-43074

Name of the Vulnerable Software and Affected Versions Firefox for iOS versions prior to 151.1 Description Firefox for iOS incorrectly displayed specially crafted right-to-left RTL and internationalized domain names IDNs within link preview UI surfaces. A crafted RTL hostname could visually reorde...

PT-2026-43068

Name of the Vulnerable Software and Affected Versions hackney versions 0.10.0 through 4.0.0 Description Uncontrolled Resource Consumption in the SOCKS5 transport within src/hackney socks5.erl allows flooding. While the caller-supplied timeout is applied during the SOCKS5 negotiation phase, the...

PT-2026-43070

Name of the Vulnerable Software and Affected Versions hackney versions 2.0.0 through 4.0.0 Description The WebSocket client in src/hackney ws.erl lacks upper bounds on memory consumption across three code paths, allowing for flooding. First, the read handshake response/3 function accumulates...

PT-2026-43087

A flaw has been found in dazeb markdown-downloader up to 3d4394b34b6c99d81af817623af55e3384df5a6a. Affected is the function download markdown/list downloaded files/create subdirectory of the file src/index.ts. Executing a manipulation can lead to path traversal. The attack can be launched remotel...

PT-2026-43080

A vulnerability was determined in Tiandy Easy7 Integrated Management Platform 7.17.0. This issue affects some unknown processing of the file /rest/user/updateUserPassword of the component API Endpoint. Executing a manipulation can lead to weak password recovery. The attack can be executed remotel...

PT-2026-43091

A vulnerability was identified in Totolink A8000RU 7.1cu.643 b20200521. This vulnerability affects the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument admpass leads to os command injection. The attack can be...

PT-2026-43127

Missing Authorization vulnerability in Nikki Blight QR Redirector allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects QR Redirector: from n/a through 2.0.3...

PT-2026-42902

A vulnerability has been found in Edimax EW-7438RPn up to 1.31. Affected is the function formWizSurvey of the file /goform/formWizSurvey of the component webs. The manipulation of the argument ip/mask/gateway leads to os command injection. It is possible to initiate the attack remotely. The explo...

PT-2026-42906

A vulnerability was identified in NousResearch hermes-agent up to 2026.4.16. This affects the function check all command guards of the file tools/approval.py of the component Batch Runner. Such manipulation leads to missing authorization. The attack can be launched remotely. The exploit is public...

PT-2026-42917

A vulnerability was identified in Edimax EW-7438RPn 1.28a. Affected by this vulnerability is the function formHwSet of the file /goform/formHwSet of the component POST Request Handler. The manipulation of the argument...

PT-2026-42947

Name of the Vulnerable Software and Affected Versions Tenda F456 version 1.0.0.5 Description A buffer overflow can be triggered remotely through the manipulation of the page argument within the frmL7ImForm function located in the '/goform/L7Im' endpoint. Recommendations At the moment, there is no...

PT-2026-42964

A vulnerability was determined in Besen BS20 EV Charging Station up to 20260426. This impacts an unknown function of the component Bluetooth Low Energy Handler. Executing a manipulation can lead to weak password requirements. The attack needs to be done within the local network. This attack is...

PT-2026-42870

A security flaw has been discovered in Edimax BR-6428NS 1.10. This affects the function formWirelessTbl of the file /goform/formWirelessTbl of the component POST Request Handler. Performing a manipulation of the argument vapurl results in buffer overflow. The attack can be initiated remotely. The...

PT-2026-42658

Name of the Vulnerable Software and Affected Versions UniFi OS affected versions not specified Description A network-based actor can exploit a Path Traversal vulnerability in UniFi OS devices. This flaw allows the attacker to access files on the underlying system, which may be manipulated to gain...

PT-2026-42722

Name of the Vulnerable Software and Affected Versions FastX theme for WordPress versions prior to 1.0.3 Description The FastX theme for WordPress allows authenticated attackers with Subscriber-level access or higher to install and activate the PostX plugin. This is caused by missing capability...

PT-2026-42740

The Ditty – Responsive News Tickers, Sliders, and Lists plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.1.65. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

PT-2026-42796

Missing authorization in the entry status management feature in Devolutions Server allows a non-administrator authenticated user to bypass the administrator-enforced Pending Approval flow and gain access to an entry's data via a crafted status change request. This issue affects : Devolutions Serv...

PT-2026-42792

Improper access control in the entry documentation and attachment features in Devolutions Server allows an authenticated user with vault read access to retrieve the documentation and attachments of sealed entries via a crafted API request. This issue affects : Devolutions Server 2026.1.6.0 throug...

PT-2026-42783

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Parsing arbitrary HTML that is subsequently rendered using the Render function can lead to the creation of an unexpected HTML tree. This behavior can be exploite...

PT-2026-42830

Name of the Vulnerable Software and Affected Versions Docker Model Runner on macOS affected versions not specified Description The vllm-metal inference backend unconditionally sets trust remote code=True when loading model tokenizers and operates without sandboxing. This allows the...

PT-2026-42825

Name of the Vulnerable Software and Affected Versions TypeBot versions prior to 3.17.0 Description The WhatsApp Cloud API webhook endpoint 'POST /v1/workspaces/workspaceId/whatsapp/credentialsId/webhook' fails to verify the x-hub-signature-256 HMAC signature provided by Meta. Because the...

PT-2026-42846

Name of the Vulnerable Software and Affected Versions Microsoft Copilot affected versions not specified Description Improper neutralization of special elements used in a command, known as command injection, allows an unauthorized attacker to perform tampering over a network. Recommendations At th...

PT-2026-42838

Name of the Vulnerable Software and Affected Versions Microsoft Power Pages affected versions not specified Description Improper neutralization of special elements used in a command allows an unauthorized attacker to execute code over a network via command injection, which is the execution of...

PT-2026-42835

Name of the Vulnerable Software and Affected Versions RT versions prior to 5.0.10 RT versions 6.0.0 through 6.0.2 Description User-controlled data in spreadsheet exports is not sanitized before being written to the output file. This allows spreadsheet applications to interpret crafted values as...

PT-2026-42474

Insufficient session expiration vulnerability in Turkiye Electricity Transmission Corporation TEİAŞ Mobile Application allows Session Hijacking. This issue affects Mobile Application: from 1.6.2 before 1.13...

PT-2026-42479

Name of the Vulnerable Software and Affected Versions Apache Fory versions prior to 1.0.0 Description Deserialization of untrusted data in Apache Fory PyFory occurs because the ReduceSerializer could bypass documented DeserializationPolicy validation hooks during reduce-state restoration and...

PT-2026-42497

Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in ics202.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the frm add str POST parameter directly into an HTML form hidden input value attribute...

PT-2026-42657

Name of the Vulnerable Software and Affected Versions UniFi OS Server affected versions not specified Description An improper access control flaw exists in UniFi OS Server. The issue occurs because nginx evaluates the raw request URI for authentication but performs routing using the normalized UR...