184481 matches found
PT-2026-41762
AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. In versions 0.6.34 through 0.6.51, the backend deserializes Redis cache bytes using pickle.loads without integrity/authenticity checks. The write path serializes values with...
PT-2026-41830
Heap-based buffer overflow vulnerability in Samsung Open Source Escargot allows Overflow Buffers. This issue affects Escargot: 590345cc6258317c5da850d846ce6baaf2afc2d3...
PT-2026-42236
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.179 Description Insufficient policy enforcement in ServiceWorker allows a remote attacker to leak cross-origin data through the use of a crafted HTML page. A ServiceWorker is a script that the browser...
PT-2026-41731
Name of the Vulnerable Software and Affected Versions Claude HUD versions 0.0.0 through 0.0.12 Description A path traversal issue allows attackers to read arbitrary files by providing an unvalidated transcript path value via stdin JSON. This enables access to any file readable by the process...
PT-2026-41667
Denial-of-service condition in M-Files Server versions before 26.5.16015.0, before 26.2 LTS, and before 25.8 LTS SR3 allows an authenticated user to cause the MFserver process to crash...
PT-2026-41766
Name of the Vulnerable Software and Affected Versions Docker affected versions not specified Description A race condition occurs during the mount setup of docker cp, allowing a malicious container to create empty files or directories at arbitrary absolute paths on the host filesystem with root...
PT-2026-41692
Name of the Vulnerable Software and Affected Versions Arcane versions prior to 1.19.0 Description Arcane improperly exposes Git repository management endpoints to any authenticated user, allowing low-privileged accounts to modify repository configurations, exfiltrate stored Git credentials, acces...
PT-2026-41732
Name of the Vulnerable Software and Affected Versions Claude HUD versions 0.0.0 through 0.0.12 Description Local attackers can execute arbitrary commands on Windows systems by manipulating the COMSPEC environment variable. By setting COMSPEC to an arbitrary binary path before the software perform...
PT-2026-41691
Name of the Vulnerable Software and Affected Versions mcp-security versions prior to 0.1.9 Description The mcp-security framework fails to implement mandatory Server-Side Request Forgery SSRF mitigations—a flaw where an attacker can induce the server to make requests to an unintended location—as...
PT-2026-41586
Name of the Vulnerable Software and Affected Versions Kilo-Org kilocode versions prior to 7.0.48 Description A flaw in the Environment Variable Handler component allows remote information disclosure. The issue exists within the Load function located in the packages/opencode/src/config/config.ts...
PT-2026-41558
Name of the Vulnerable Software and Affected Versions GitBucket version 4.23.1 Description An issue allows unauthenticated remote code execution through weak secret token generation and insecure file upload functionality. Attackers can brute-force the Blowfish encryption key, upload a malicious J...
PT-2026-41555
WordPress Plugin WP with Spritz 1.0 contains a remote file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by injecting file paths into the url parameter. Attackers can send GET requests to wp.spritz.content.filter.php with malicious url values to access...
PT-2026-41462
Name of the Vulnerable Software and Affected Versions TextPattern CMS version 4.9.0-dev Description Authenticated attackers can achieve remote code execution by exploiting the plugin upload functionality. The process involves authenticating, retrieving a CSRF token from the plugin event page, and...
PT-2026-41468
Name of the Vulnerable Software and Affected Versions Das U-Boot versions prior to 2026.04 Description Das U-Boot allows a Flat Image Tree FIT signature verification bypass. This occurs because hashed-nodes are omitted from a hash, which can lead to the acceptance of unsigned or modified images...
PT-2026-41422
Name of the Vulnerable Software and Affected Versions jsondiffpatch versions prior to 0.7.6 Description Prototype Pollution occurs when attacker-controlled property names and path segments are used to traverse and modify objects without restricting access to special properties like proto or...
PT-2026-41465
Name of the Vulnerable Software and Affected Versions Backup and Restore version 1.0.3 Description Authenticated attackers can delete arbitrary files from the WordPress installation directory. This is achieved by sending POST requests to the 'admin-ajax.php' endpoint with manipulated file name an...
PT-2026-41443
Supsystic Pricing Table 1.8.7 contains an SQL injection vulnerability in the 'sidx' GET parameter that allows unauthenticated attackers to execute arbitrary SQL queries through the getListForTbl action. The plugin also contains stored cross-site scripting vulnerabilities in the 'Edit name' and...
PT-2026-41390
Name of the Vulnerable Software and Affected Versions Pipecat versions 0.0.90 through 1.1.x Description A path traversal issue exists in the development runner within the src/pipecat/runner/run.py file. When the runner is started using the --folder flag, it enables a download endpoint 'GET...
PT-2026-41029
OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, the bounds check in TGAInput::decode pixel computes k + palbytespp as unsigned 32-bit arithmetic. When k = 0xFFFFFFFC and palbytespp = ...
PT-2026-40886
The LatePoint plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to and including 5.3.2. This is due to missing nonce verification on the request cancellation function. This makes it possible for unauthenticated attackers to cancel a logged-in customer's bookings...
PT-2026-41030
Crabbox prior to v0.12.0 contains a privilege escalation vulnerability that allows users with shared visibility-only access to obtain Code, WebVNC, and Egress agent tickets by sending POST requests to ticket endpoints. Attackers can exploit insufficient access control checks on the...
PT-2026-41098
Name of the Vulnerable Software and Affected Versions Google Chrome on Mac versions prior to 148.0.7778.168 Description An out of bounds write in Codecs allows a remote attacker to potentially perform a sandbox escape by using a crafted video file. A sandbox escape is a technique used to break ou...
PT-2026-41175
Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.5.7 Description An issue exists where a user can modify another user's model regardless of whether its visibility is set to Private. By altering access permissions during the editing process, unauthorized access...
PT-2026-41125
Name of the Vulnerable Software and Affected Versions eMagicOne Store Manager versions prior to 1.3.3 Description Improper neutralization of special elements used in an SQL command allows for Blind SQL Injection. Blind SQL Injection is a type of attack where the application does not return data...
PT-2026-41154
Name of the Vulnerable Software and Affected Versions ApostropheCMS versions prior to 4.29.1 Description An authenticated server-side request forgery SSRF exists in the rich-text widget import flow. An authenticated user with permissions to submit or edit rich-text widget content can force the...
PT-2026-41127
Name of the Vulnerable Software and Affected Versions Tuist versions prior to 1.180.9 Description The "DELETE /api/projects/account handle/project handle/previews/preview id" endpoint loads a preview by its UUID without verifying that the preview belongs to the project resolved from the URL path...
PT-2026-41177
Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.5.11 Description A blind server side request forgery SSRF exists in the PDF generate function. User inputs are interpreted as HTML and embedded into the PDF. While scripts and certain dangerous tags like iFrame a...
PT-2026-40898
Name of the Vulnerable Software and Affected Versions InfusedWoo Pro versions prior to 5.1.3 Description The InfusedWoo Pro plugin for WordPress contains an authorization bypass issue because it fails to properly verify if a user is authorized to perform specific actions. This allows...
PT-2026-41150
Discovered through manual source code review. Verified by PoC execution against a local dbt-mcp v1.15.1 installation. Summary DefaultUsageTracker.emit tool called event in src/dbt mcp/tracking/tracking.py serializes the complete arguments dictionary of every MCP tool call and transmits it verbati...
PT-2026-41122
Tuist is a virtual platform team for Swift app devs. Prior to 1.180.10, the forgot password flow allows an unauthenticated attacker to repeatedly trigger password reset emails for a known account without server-side throttling. In self-hosted deployments, this can be abused to send large volumes ...
PT-2026-41179
Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.0 Description An issue exists where a user can continue the conversation of another user if the target user's Chat ID is known. This occurs because the system fails to verify if the Chat ID matches the user who...
PT-2026-41161
Name of the Vulnerable Software and Affected Versions opentelemetry-java versions prior to 1.62.0 Description A flaw in the baggage propagation implementation within opentelemetry-api and opentelemetry-extension-trace-propagators allows for unbounded memory allocation and CPU consumption when...
PT-2026-40960
Name of the Vulnerable Software and Affected Versions Cisco Catalyst SD-WAN Manager versions prior to 26.0.1 Description A flaw in the web UI of Cisco Catalyst SD-WAN Manager allows an authenticated remote attacker with read-only permissions to elevate their privileges to a high-privileged level...
PT-2026-40647
Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions prior to 17.1.3.1 F5 BIG-IP versions prior to 17.5.1.4 Description IP-based access restrictions for httpd do not cover all endpoints, which may allow connections from blocked addresses. Recommendations Update to version...
PT-2026-40833
Name of the Vulnerable Software and Affected Versions Strapi versions prior to 5.45.0 Description The rate-limit middleware in the users-permissions plugin incorrectly derives its rate-limit key using ctx.request.body.email, even on routes where the body schema does not require an email field, su...
PT-2026-40700
aria2c accepts a server certificate with incorrect Extended Key Usage EKU. If the attackers compromise a certificate with the associated private key issued for a different purpose, they may be able to reuse it for TLS server authentication...
PT-2026-40810
EcclesiaCRM is CRM Software for church management. In 8.0.0 and earlier, the ValidateInput function's default case in EcclesiaCRM's query view passes user-supplied POST parameters directly into SQL queries via str replace without any sanitization, enabling SQL injection through query parameters...
PT-2026-40600
ELECOM wireless LAN access point devices do not check if language parameter has an appropriate value. If a user views a malicious page while logged in, the admin page on the user's web browser may become broken...
PT-2026-40720
Name of the Vulnerable Software and Affected Versions Nautobot versions prior to 2.4.33 Nautobot versions prior to 3.1.2 Description A user with permissions to add or modify a GitRepository record can use the REST API to directly set the current head field, which is not intended to be...
PT-2026-40706
Name of the Vulnerable Software and Affected Versions U-SPEED AC1200 Gigabit Wi-Fi Router Model: T18-21K version 1.0 Description The Network Time Protocol NTP configuration interface fails to properly sanitize user-supplied input. An authenticated user with permissions to modify NTP settings can...
PT-2026-40799
The HCL BigFix SCM Reporting site contains an outdated and unsupported version of the jQuery 1.x library. Since jQuery 1.x has reached end-of-life and no longer receives security updates, it may expose the application to publicly known security weaknesses and increase the risk of client-side...
PT-2026-40164
Name of the Vulnerable Software and Affected Versions Windows Ancillary Function Driver for WinSock affected versions not specified Description A race condition occurs in the Windows Ancillary Function Driver for WinSock due to improper synchronization when using a shared resource. This allows an...
PT-2026-42025
Name of the Vulnerable Software and Affected Versions Windows 11 Windows Server 2022 Windows Server 2025 Description A security feature bypass known as YellowKey affects the BitLocker component in Windows. This issue allows an attacker with physical access to a device to bypass full-disk encrypti...
PT-2026-39924
SQL injection vulnerability exists in @sap/hdi-deploy package, where SQL queries are dynamically constructed using user input without proper parameterization or prepared statements. Successful exploitation could allow the high privileged users to alter the SELECT statements impacting...
PT-2026-40120
Name of the Vulnerable Software and Affected Versions Guardrails AI versions prior to 0.6.8 Description A code injection issue exists in the Hub package installation mechanism. When installing validator packages using the command guardrails hub install, the system retrieves a manifest from the...
PT-2026-40173
After Effects versions 26.0, 25.6.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
PT-2026-40093
Name of the Vulnerable Software and Affected Versions IntelR Data Center Graphics Driver for VMware ESXi versions prior to 2.0.2 Description A buffer overflow in the Ring 1: Device Drivers may allow a privileged local attacker to escalate privileges and execute arbitrary code. This issue can be...
PT-2026-39931
The Salesforce module before 1.x-1.0.1 for Backdrop CMS does not properly use a random state parameter to protect the authorization flow against CSRF attacks...
PT-2026-39988
A vulnerability has been identified in Teamcenter V2312 All versions V2312.0014, Teamcenter V2406 All versions V2406.0012, Teamcenter V2412 All versions V2412.0009, Teamcenter V2506 All versions V2506.0005, Teamcenter V2512 All versions. The affected application does not properly encode or filter...
PT-2026-40102
JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, plugin-shell's run command wrapped every agent-supplied command in 'sh -c' / 'cmd /C' and passed the full argument string to the shell's parser, allowing shell metacharacters in agent-supplied arguments to be...