184427 matches found
PT-2026-49217
WordPress Dharma Booking 2.28.3 and earlier contains a local file inclusion vulnerability that allows unauthenticated attackers to include arbitrary files by manipulating the gateway parameter. Attackers can supply file paths with directory traversal sequences or null byte injection to the gatewa...
PT-2026-49586
Name of the Vulnerable Software and Affected Versions protobufjs-cli versions prior to 1.3.2 protobufjs-cli versions prior to 2.5.0 Description An incomplete fix for unsafe name handling in pbjs static and static-module code generation allows the emission of unsafe JavaScript references when...
PT-2026-49235
Improper Control of Interaction Frequency vulnerability in MIA Technology Inc. Pizzy Library allows Flooding. This issue affects Pizzy Library: from 1.0.0.26250 before 1.3.9.26250...
PT-2026-49546
Name of the Vulnerable Software and Affected Versions Canon EOS Network Setting Tool versions prior to 1.5.1 Description The software contains hard-coded cryptographic keys, which are fixed keys embedded directly into the source code, potentially allowing unauthorized decryption or authentication...
PT-2026-49415
Unauthenticated SQL Injection in Contest Gallery = 28.1.6 versions...
PT-2026-49245
Name of the Vulnerable Software and Affected Versions Fortra Core Privileged Access Manager affected versions not specified Description An OS command injection issue exists in the boks autoregisterd service. A remote attacker with network access to this service can execute commands with the...
PT-2026-49467
Unauthenticated Other Vulnerability Type in WpEvently = 5.3.3 versions...
PT-2026-49212
WordPress Lazy Content Slider Plugin 3.4 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized actions by crafting malicious HTML forms. Attackers can trick authenticated administrators into submitting POST requests to the plugin settings page via lzcs...
PT-2026-49283
Name of the Vulnerable Software and Affected Versions dhcpcd version 10.3.0 Description A NULL pointer dereference occurs during the parsing of configuration options. In the parse option function, the software performs a member access on a NULL pointer of type struct dhcp opt when an invalid opti...
PT-2026-49572
Name of the Vulnerable Software and Affected Versions Python-Multipart versions prior to 0.0.31 Description The parse form function fails to validate the Content-Length header before using it to limit the chunked read of the request body. Because the header value is parsed as an integer without a...
PT-2026-49595
Name of the Vulnerable Software and Affected Versions @nestjs/platform-fastify versions prior to 11.1.24 Description An authentication bypass exists in the Fastify adapter when middleware is registered through the MiddlewareConsumer.forRoutes API. An unauthenticated client can bypass registered...
PT-2026-49301
Name of the Vulnerable Software and Affected Versions Kandji Agent versions prior to 4.7.55374 Description A client validation gap in the software allows a local attacker to escalate privileges and invoke restricted agent functionality. Recommendations Update to version 4.7.55374 or later...
PT-2026-49583
Name of the Vulnerable Software and Affected Versions Angular versions prior to 22.0.1 Angular versions prior to 21.2.17 Angular versions prior to 20.3.25 Description A Denial of Service DoS issue exists in the @angular/common package. The formatDate function, also used by the standard DatePipe,...
PT-2026-49092
Name of the Vulnerable Software and Affected Versions Glances versions prior to 4.5.5 Description The KVM/QEMU monitoring engine in the glances/plugins/vms/engines/virsh.py file fails to sanitize VM domain names retrieved from the virsh list --all output. These names are passed into f-string...
PT-2026-49076
Name of the Vulnerable Software and Affected Versions libreport affected versions not specified Description A content injection issue exists in the ABRT post-create event handler scripts within libreport. The event script retrieves log entries from the systemd journal for crashed processes and...
PT-2026-49096
Name of the Vulnerable Software and Affected Versions glances affected versions not specified Description The secure popen function in glances/secure.py improperly interprets shell-like operators, specifically file redirection, | pipe, and && command chaining, within command strings. When...
PT-2026-49085
Name of the Vulnerable Software and Affected Versions Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress versions prior to 2.1.0 Description Insufficient input sanitization and output escaping in the Anchor block allow authenticated attackers with contributor-level acces...
PT-2026-49089
Name of the Vulnerable Software and Affected Versions Model Context Protocol versions prior to 0.25.0 Description Servers fail to validate the "Origin" header on incoming connections, which may allow DNS rebinding attacks. DNS rebinding is a method of bypassing the Same-Origin Policy to interact...
PT-2026-49080
Name of the Vulnerable Software and Affected Versions Store Locator WordPress plugin versions prior to 1.6.9 Description Insufficient validation of a parameter used in a file path allows high-privileged users, such as administrators, to read arbitrary .php files from the server. This can lead to...
PT-2026-49168
Name of the Vulnerable Software and Affected Versions runc versions prior to 1.3.6 runc versions prior to 1.4.3 runc versions prior to 1.5.0-rc.3 Description A flaw involving a /dev symlink allows a malicious container image to obtain limited write access to the host filesystem. This issue occurs...
PT-2026-49067
Name of the Vulnerable Software and Affected Versions File Browser affected versions not specified Description File Browser fails to properly validate symbolic links, allowing scoped users or unauthenticated public-share recipients to access files outside their intended directory boundaries. Whil...
PT-2026-48819
Virtual attribute handling in Ping Identity PingDirectory in affected versions allows only authorized users to exhaust java memory heap when recent login history is enabled and copying virtual attributes that reference ds-privilege-name values...
PT-2026-49050
Name of the Vulnerable Software and Affected Versions Avira Antivirus versions prior to 8.3.27.12 Description A heap buffer out-of-bounds write occurs in the Avira Antivirus engine when scanning a malformed POSIX tar archive. This flaw may allow local execution of code or a denial-of-service of t...
PT-2026-48926
Name of the Vulnerable Software and Affected Versions Mattermost versions prior to 11.6.2 Mattermost versions prior to 11.5.5 Mattermost versions prior to 10.11.17 Description An issue exists where role updated websocket event broadcasts are not restricted to members of the affected team or...
PT-2026-48955
Name of the Vulnerable Software and Affected Versions Parse Server versions 9.8.0 through 9.9.1-alpha.3 Description The routeAllowList server option is intended to restrict external client access to a specific list of REST API routes. However, the check is only enforced as Express middleware...
PT-2026-48995
A stored cross-site scripting vulnerability exists in MISP when the Overmind theme is used. The setHomePage endpoint previously saved the user-controlled path value through setSettingInternal, bypassing the normal setSetting validation logic, including validate homepage, which requires homepage...
PT-2026-48860
Name of the Vulnerable Software and Affected Versions Quest Bot versions prior to 1.1.6 Description A moderator possessing the necessary Discord permission bit can utilize the bot to perform moderation actions on users who are higher in the Discord role hierarchy, provided the bot itself has a...
PT-2026-49023
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Software installed and run as a non-privileged user may perform GPU system calls to write to arbitrary freed physical pages. This occurs because physical memory...
PT-2026-48972
A mass assignment vulnerability exists in MISP’s sharing group creation endpoint. When creating a new sharing group, the controller did not remove a user-supplied id field before saving the submitted data. In CakePHP, supplying a primary key in the save data can cause a create followed by save...
PT-2026-49005
Name of the Vulnerable Software and Affected Versions @apostrophecms/seo versions prior to 1.4.3 Description Stored Cross-Site Scripting XSS occurs when the @apostrophecms/seo package injects the Google Analytics Tracking ID seoGoogleTrackingId and Google Tag Manager ID seoGoogleTagManager direct...
PT-2026-48873
Name of the Vulnerable Software and Affected Versions Ghost versions prior to 6.37.0 Description Ghost is a Node.js content management system. When deployed behind a shared caching layer that shares content between different visitors, an unauthenticated user can send an x-ghost-preview header to...
PT-2026-48832
The Secure Copy Content Protection and Content Locking WordPress plugin before 5.1.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered html capability is disallowed for...
PT-2026-48939
Name of the Vulnerable Software and Affected Versions Mattermost versions 11.6.0 through 11.6.1 Mattermost versions 11.5.0 through 11.5.4 Mattermost versions 10.11.0 through 10.11.16 Description Insufficient sanitization of the FileInfo.Name variable received from federated peers during shared...
PT-2026-49070
đź”´ ShinyHunters exploits Oracle PeopleSoft 0-day CVSS 9.8 targeting 100+ organizations Ransomware group ShinyHunters exploited CVE-2025-35273, a critical server-side request forgery vulnerability in Oracle PeopleSoft, for more than two weeks before Oracle disclosed it. The group targeted roughly 3...
PT-2026-48978
Name of the Vulnerable Software and Affected Versions Discourse versions 2026.1.0 through 2026.1.3 Discourse versions 2026.3.0 Discourse versions 2026.4.0 Description The ReviewableQueuedPostSerializer unconditionally includes the raw email payload for posts received via incoming email. This allo...
PT-2026-48853
A vulnerability in Apache CXF's JwsJsonContainerRequestFilter can be exploited to cause CXF to process metadata that was not authenticated by the accepted signature. This can bypass the application's assumption that accepted Content-Type or protected HTTP-header metadata came from a verified...
PT-2026-48931
Name of the Vulnerable Software and Affected Versions chisel affected versions not specified Description Authenticated clients can bypass Access Control List ACL restrictions defined via the --authfile parameter to tunnel traffic to arbitrary destinations reachable from the server. While the serv...
PT-2026-48885
Name of the Vulnerable Software and Affected Versions Pause+ Mobile App versions 1.0.6 through 1.4.x Description Improper restriction of excessive authentication attempts allows for authentication bypass. Recommendations Update to version 1.5...
PT-2026-48899
Frappe is a full-stack web application framework. Prior to version 16.17.4, any authenticated user can access private files by guessing the file path. This issue has been patched in version 16.17.4...
PT-2026-48872
VeraCrypt 1.26.29 is now available!🎉 - Argon2id KDF for non-system volumes - Security fixes: CVE-2026-54073 & CVE-2026-53762 - Microsoft UEFI CA 2023 support for system encryption - Driver, EFI, Linux/macOS fixes 🔗More details at https://t.co/xdLi5dqTrX...
PT-2026-48937
Name of the Vulnerable Software and Affected Versions Mattermost versions 11.6.0 through 11.6.1 Mattermost versions 11.5.0 through 11.5.4 Mattermost versions 10.11.0 through 10.11.16 Description An issue exists where the system fails to enforce the PermissionInviteUser check when setting...
PT-2026-48913
The Aqara IAM/SSO Gateway gw-builder.aqara.com provides an open redirect, which is an instance of "CWE-601: URL Redirection to Untrusted Site," with an estimated CVSS of CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 6.1 Medium, which can be used to set up a phishing attack...
PT-2026-48890
Frappe is a full-stack web application framework. Prior to versions 15.107.0 and 16.17.0, an IDOR vulnerability allows authenticated users to access other users' email configuration details. This issue has been patched in versions 15.107.0 and 16.17.0...
PT-2026-48629
Name of the Vulnerable Software and Affected Versions GitLab EE versions 15.5 through 18.10.7 GitLab EE versions 18.11 through 18.11.4 GitLab EE versions 19.0 through 19.0.1 Description Improper authorization in the Group SAML identity management functionality allows an authenticated user with th...
PT-2026-48615
Name of the Vulnerable Software and Affected Versions Spring Integration versions 7.0.0 through 7.0.4 Spring Integration versions 6.5.0 through 6.5.8 Spring Integration versions 6.4.0 through 6.4.11 Spring Integration versions 6.3.0 through 6.3.14 Spring Integration versions 5.5.0 through 5.5.20...
PT-2026-48719
Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.5, the AutoMod remove flow looks up and deletes rules by global database ID without verifying that the rule belongs to the guild where the command is executed. A user can learn a victim...
PT-2026-48681
Name of the Vulnerable Software and Affected Versions PDM versions prior to 2.28.0 Description PDM automatically loads project-local plugin paths from .pdm-plugins during Core initialization. This process uses site.addsitedir, which on CPython processes .pth files in the added directory. If a .pt...
PT-2026-48708
Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.3, a user with Manage Server / ManageGuild, but without Manage Roles or Administrator, can configure the bot’s AutoRole feature to assign an arbitrary role to new members. If the select...
PT-2026-48792
Name of the Vulnerable Software and Affected Versions ClipBucket v5 versions prior to 5.5.3 Description An authenticated user with video upload privileges can exploit a boolean-based blind SQL injection, a technique where data is exfiltrated by observing true or false responses from the server. T...
PT-2026-48785
Name of the Vulnerable Software and Affected Versions Hippoo Mobile App for WooCommerce versions prior to 1.9.5 Description Incorrect Privilege Assignment in the software allows for Privilege Escalation, a condition where a user can gain higher levels of access or permissions than intended...