175506 matches found
PT-2026-42903
Name of the Vulnerable Software and Affected Versions GNU SASL versions prior to 2.2.3 Description DIGEST-MD5 contains a NULL pointer dereference affecting both clients and servers. This issue occurs in the file lib/digest-md5/getsubopt.c when a known token is provided without an accompanying =...
PT-2026-42910
Name of the Vulnerable Software and Affected Versions NousResearch hermes-agent versions prior to 2026.4.24 Description A weakness in the Messaging Gateway Handler component allows for remote information disclosure. The issue is located within the make run env function in the...
PT-2026-42927
Name of the Vulnerable Software and Affected Versions NousResearch hermes-agent versions prior to 5157f5427f19488b31c6fdebbacd15d798ce7f63 Description An OS command injection issue exists in the terminal tool component, specifically within the detect dangerous command function located in the...
PT-2026-42926
A vulnerability was found in NousResearch hermes-agent 2026.4.23. The impacted element is the function scan context content of the file agent/prompt builder.py. The manipulation results in injection. The attack may be performed from remote. The exploit has been made public and could be used. The...
PT-2026-42945
A vulnerability was found in Totolink A8000RU 7.1cu.643 b20200521. This vulnerability affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument ip results in os command injection. The attack can be executed...
PT-2026-42948
The severity is increased for this new vulnerability affecting H3C Magic B0 CVE-2026-9393 https://t.co/Epusx01gYB...
PT-2026-42944
A vulnerability has been found in itsourcecode Electronic Judging System 1.0. This affects an unknown part of the file /intrams/admin/login.php. The manipulation of the argument Username leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the...
PT-2026-42942
Name of the Vulnerable Software and Affected Versions Edimax BR-6675nD version 1.12 Description A buffer overflow can be triggered remotely via the POST Request Handler component. The issue exists within the formPPTPSetup function located in the '/goform/formPPTPSetup' endpoint when manipulating...
PT-2026-42957
A weakness has been identified in Totolink A8000RU 7.1cu.643 b20200521. The impacted element is the function setScheduleCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument mode can lead to os command injection. It is possible to...
PT-2026-42973
Name of the Vulnerable Software and Affected Versions SPIP versions prior to 4.4.15 Description The 'action/cookie.php' endpoint in the 'ecrire' component is subject to an open redirect, which occurs when an application redirects users to an external site without sufficient validation of the...
PT-2026-43107
Name of the Vulnerable Software and Affected Versions Roundcube Webmail versions 1.6.x through 1.6.15 Roundcube Webmail versions 1.7.x through 1.7.0 Description Insecure code evaluation logic exists within the LDAP autovalues option, which could lead to code injection. Recommendations Update to...
PT-2026-42951
Name of the Vulnerable Software and Affected Versions Edimax EW-7438RPn version 1.31 Description A stack-based buffer overflow exists in the webs component. This issue occurs during the manipulation of the selSSID/submit-url argument within the formWlSiteSurvey function of the...
PT-2026-42876
A vulnerability was detected in omec-project amf up to 2.1.1. Affected by this vulnerability is an unknown functionality of the component PathSwitchRequest Handler. The manipulation results in memory corruption. The attack may be launched remotely. The exploit is now public and may be used. It is...
PT-2026-42872
Name of the Vulnerable Software and Affected Versions Nezha Monitoring versions 1.4.0 through 2.0.8 Description Authenticated non-admin members can connect to the server-status WebSocket endpoint '/api/v1/ws/server' and receive telemetry for all servers, including those owned by other users. Whil...
PT-2026-42860
Name of the Vulnerable Software and Affected Versions Parse Server affected versions not specified Description An unauthenticated attacker with knowledge of a public Parse Application ID can cause a denial of service by submitting a single HTTP request to any '/parse/' endpoint. The attack involv...
PT-2026-42867
The WooCommerce PayPal Payments plugin for WordPress is vulnerable to unauthorized order manipulation and information disclosure due to missing authorization checks on the ppc-create-order and ppc-get-order WC-AJAX endpoints in all versions up to, and including, 4.0.1. The ppc-create-order endpoi...
PT-2026-42885
A weakness has been identified in QuantumNous new-api up to 0.12.1. The impacted element is the function SearchUserTopUps/SearchAllTopUps of the file model/topup.go of the component self Endpoint. This manipulation causes sql injection. The attack can be initiated remotely. The exploit has been...
PT-2026-42713
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An integer overflow occurs during the internal payload size calculation when writing data exceeding 4GB in a single Write call on an SSH channel. This leads to a...
PT-2026-42729
Name of the Vulnerable Software and Affected Versions Easy Elements for Elementor – Addons & Website Templates versions prior to 1.4.6 Description An issue exists in the easyel handle register function where the wp ajax nopriv eel register AJAX handler processes the custom meta POST array. The...
PT-2026-42725
Name of the Vulnerable Software and Affected Versions ZTE MU5250 affected versions not specified Description An information disclosure issue exists due to improper configuration of the access control mechanism, which allows attackers to obtain information without authorization. Recommendations At...
PT-2026-42718
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Certain crafted inputs allow the creation of an ed25519.PrivateKey by casting malformed wire bytes, which results in a panic when the key is used. A panic is an...
PT-2026-42723
Name of the Vulnerable Software and Affected Versions WP Blockade versions prior to 0.9.15 Description The plugin is subject to Reflected Cross-Site Scripting, a flaw where an application includes untrusted data in a web page without proper validation, allowing attackers to execute scripts in the...
PT-2026-42733
The Widget Context plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.3. This is due to missing or incorrect nonce validation on the save widget context settings function. This makes it possible for unauthenticated attackers to modify widget...
PT-2026-42738
The MotoPress Hotel Booking plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 6.0.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to overwrite or...
PT-2026-42766
Name of the Vulnerable Software and Affected Versions shell-quote versions prior to 1.8.4 Description The quote function fails to validate object-token inputs against the operator model used by parse. Specifically, the .op field is escaped using a regular expression that does not match line...
PT-2026-42782
Name of the Vulnerable Software and Affected Versions idna affected versions not specified Description The ToASCII and ToUnicode functions incorrectly accept Punycode-encoded labels that decode to an ASCII-only label. For instance, ToUnicode"xn--example-.com" returns "example.com" instead of an...
PT-2026-42822
Name of the Vulnerable Software and Affected Versions TypeBot versions prior to 3.16.0 Description The application contains a stored Cross-Site Scripting XSS issue in the profile picture upload form at the 'app.typebot.io' endpoint. The system fails to sanitize or restrict SVG/XML-based uploads a...
PT-2026-42801
Sunshine is a self-hosted game stream host for Moonlight. In versions prior to 2026.516.143833, the client-certificate authentication can be bypassed because of how OpenSSL verification results are handled. In src/crypto.cpp, the custom verify callback treats X509 V ERR UNABLE TO GET ISSUER CERT...
PT-2026-42843
Name of the Vulnerable Software and Affected Versions Azure Virtual Network Gateway affected versions not specified Description Improper input validation allows an authorized attacker to execute code over a network. Recommendations At the moment, there is no information about a newer version that...
PT-2026-42841
Name of the Vulnerable Software and Affected Versions Microsoft Azure Active Directory B2C affected versions not specified Description An authentication bypass exists via an alternate path or channel, which allows an unauthorized attacker to elevate privileges over a network. Recommendations At t...
PT-2026-42737
The AudioIgniter plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 2.0.2. This is due to the handle playlist endpoint function hooked to template redirect accepting a user-controlled playlist ID via the audioigniter playlist id query var or t...
PT-2026-42707
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An issue exists where an SSH server authentication callback returning PartialSuccessError with non-nil Permissions caused those permissions to be silently...
PT-2026-42820
TypeBot is a chatbot builder tool. In versions 3.15.2, the getLinkedTypebots API endpoint returns full bot definitions to any authenticated user who references a target bot ID in a Typebot Link block, regardless of workspace ownership, leading to IDOR. The authorization check uses Array.filter wi...
PT-2026-42476
Buffer Overflow vulnerability in Uncrustify Project Affected v.Uncrustify d-0.82.0-132-bcc41cbdc and Fixed in commit 68e67b9a1435a1bb173b106fedb4a4f510972bdc allows a local attacker to cause a denial of service via the check template.cpp, check template function, tokenize cleanup function,...
PT-2026-42453
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A kernel panic can occur in the Linux kernel when a Random Early Detection RED queueing discipline qdisc has children, such as a Fair Queueing FQ qdisc, whose peek callback is qdisc peek...
PT-2026-42461
Name of the Vulnerable Software and Affected Versions Request Tracker versions 5.0.4 through 5.0.9 Request Tracker versions 6.0.0 through 6.0.2 Description Reflected cross-site scripting XSS occurs via the Page parameter in GET requests. This allows an attacker to craft a URL that executes...
PT-2026-42496
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in icons/buttons/landb.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the frm name and frm id POST parameters directly into rendered HTML content...
PT-2026-42394
The Avada Fusion Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple shortcodes in all versions up to, and including, 3.15.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level...
PT-2026-42434
Missing Authorization vulnerability in Tobias CF7 WOW Styler allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CF7 WOW Styler: from n/a through 1.7.6...
PT-2026-42431
Name of the Vulnerable Software and Affected Versions Netatalk versions 2.0.0 through 4.4.2 Description An incorrect calculation in the hextoint macro occurs due to improper handling of uppercase characters. This allows a remote authenticated attacker to cause limited data modification by providi...
PT-2026-42475
Improper restriction of excessive authentication attempts vulnerability in Turkiye Electricity Transmission Corporation TEİAŞ Mobile Application allows Brute Force. This issue affects Mobile Application: from 1.6.2 before 1.13...
PT-2026-42465
Name of the Vulnerable Software and Affected Versions Apex One on-premise versions prior to SP1 Build 18012 Apex One new installs versions prior to 17079 Apex One SaaS agent versions prior to 14.0.20731 Description A directory traversal issue in the on-premise management server allows an attacker...
PT-2026-42469
Name of the Vulnerable Software and Affected Versions Apex One/SEP agent affected versions not specified Description An origin validation error in the process protection mechanism allows a local attacker to escalate privileges. To exploit this issue, the attacker must first have the ability to...
PT-2026-42491
Name of the Vulnerable Software and Affected Versions VillaTheme HAPPY versions prior to 1.0.11 Description A missing authorization issue in VillaTheme HAPPY allows for the exploitation of incorrectly configured access control security levels. Recommendations Update to version 1.0.11 or later...
PT-2026-42493
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in circle.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the frm id POST parameter directly into an HTML form input value attribute. Attackers ca...
PT-2026-42516
Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/mobile main.php where the id GET parameter is concatenated into the WHERE clause of a SELECT statement used as a ticket-existence sanity check without sanitization. Authenticated attackers can craft requests that alter...
PT-2026-42576
Name of the Vulnerable Software and Affected Versions Concrete CMS versions 9.0 through 9.4.x Description Cross Site Request Forgery CSRF occurs at the 'concrete/controllers/backend/file' endpoint within the rescanMultiple function. CSRF is a type of attack that tricks a victim into submitting a...
PT-2026-42547
Concrete CMS 9.5.0 and below contains a CSRF vulnerability in the install package method of concrete/controllers/single page/dashboard/extend/install.php. An attacker who can cause an authenticated administrator to visit a crafted page, and who has placed or caused a package to be present under...
PT-2026-42689
Name of the Vulnerable Software and Affected Versions js-cookie versions prior to 3.0.7 Description The internal assign function copies properties using a for...in loop and plain assignment. When a source object is created via JSON.parse, the proto member is treated as an own enumerable property...
PT-2026-42624
Summary Boxlite is a sandbox service that allows users to create lightweight virtual machines Boxes and launch OCI containers within them to run untrusted code. One of the core security features claimed by Boxlite is the ability to mount host directories in read-only mode read only=True into the ...