175433 matches found
PT-2026-42674
Summary The request-filtering-agent SSRF protection was non-functional in the four notification webhook plugins Slack, Discord, Mattermost, Teams because httpAgent / httpsAgent were passed as part of the request body rather than the axios config. An authenticated user with hook-creation permissio...
PT-2026-42662
Name of the Vulnerable Software and Affected Versions LMDeploy versions 0.12.3 and earlier Description LMDeploy is a toolkit for compressing, deploying, and serving large language models. The software hardcodes trust remote code=True in multiple HuggingFace model-loading call sites, specifically...
PT-2026-42606
Summary Fission runtime pods were created with ServiceAccountName: fission-fetcher, and the fission-fetcher ServiceAccount was granted namespace-wide get on secrets and configmaps it needs that to load function code, env vars, and config. The runtime pod's automounted token was reachable from...
PT-2026-42603
Summary Amazon SageMaker Python SDK is an open-source library for training and deploying machine learning models on Amazon SageMaker. An issue exists where, under certain circumstances, the ModelBuilder/Serve component stores an HMAC signing key in cleartext as a container environment variable,...
PT-2026-42588
Description IntlExtension memoises every IntlDateFormatter and NumberFormatter it creates in instance-level arrays keyed on a hash that includes locale, pattern, attrs and other values that are ordinary named arguments of the format datetime / format date / format time / format number / format...
PT-2026-42813
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description The distributed pixel cache was originally designed to operate without a challenge-response authentication model, which is a security mechanism where one party...
PT-2026-42582
Name of the Vulnerable Software and Affected Versions Concrete CMS versions prior to 9.5.0 Description Cross Site Request Forgery CSRF occurs at the 'concrete/controllers/dialog/logs/delete' endpoint. CSRF is a type of attack that tricks a victim into submitting a malicious request. It is not...
PT-2026-42453
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A kernel panic can occur in the Linux kernel when a Random Early Detection RED queueing discipline qdisc has children, such as a Fair Queueing FQ qdisc, whose peek callback is qdisc peek...
PT-2026-42057
The 診断ジェネレータ作成プラグイン Diagnosis Generator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'js' parameter in versions up to and including 1.4.16. This is due to missing authorization checks and insufficient input sanitization in the themeFunc function. The function is hooke...
PT-2026-42074
Name of the Vulnerable Software and Affected Versions Read More & Accordion versions prior to 3.5.8 Description The Read More & Accordion plugin for WordPress contains a time-based blind SQL Injection. This occurs because the orderby parameter is processed using esc attr and esc sql but is...
PT-2026-42059
The Sentence To SEO keywords, description and tags plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on the create admin page function. This makes it possible for unauthenticated attacke...
PT-2026-42089
Name of the Vulnerable Software and Affected Versions NVIDIA TRT-LLM affected versions not specified Description An issue exists where an unchecked return value can lead to a null pointer dereference, which occurs when a program attempts to read or write to a memory location using a pointer that ...
PT-2026-42097
Name of the Vulnerable Software and Affected Versions NVIDIA Triton Inference Server affected versions not specified Description An integer overflow exists in the DALI backend. This issue could allow an attacker to achieve code execution, tamper with data, or cause a denial of service...
PT-2026-42106
Name of the Vulnerable Software and Affected Versions Talend Administration Center affected versions not specified Description A broken access control issue exists that allows a user with "View" permission to modify the Talend Studio update URL. Recommendations Apply the available patch to resolv...
PT-2026-42119
Name of the Vulnerable Software and Affected Versions FreePBX affected versions not specified Description Hardcoded credentials in the Userman module allow unauthenticated access to the portal, potentially exposing business phone systems. Recommendations Update the installed modules to the latest...
PT-2026-42118
Name of the Vulnerable Software and Affected Versions Netatalk versions 2.0.0 through 4.4.2 Description A heap-based buffer overflow occurs in the CNID daemon comm rcv function. This allows a remote authenticated attacker to execute arbitrary code with escalated privileges or cause a denial of...
PT-2026-42126
Name of the Vulnerable Software and Affected Versions Dell SmartFabric Storage Software versions prior to 1.4.5 Description An improper neutralization of special elements used in a command, known as command injection, allows a high privileged attacker with local access to potentially gain...
PT-2026-42140
Cleartext Storage of Sensitive Information in Memory vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component. This issue affects Meona Client Launcher Component: through 19.06.2020 15:11:49; Meona Server Component: through 2025.04 5+323020...
PT-2026-42147
Name of the Vulnerable Software and Affected Versions vm2 versions prior to 3.11.4 Description A security check in nodevm.js designed to block the combination of nesting: true and require: false is bypassed because it uses strict equality options.require === false. If the require option is omitte...
PT-2026-42181
Uncontrolled Memory Allocation vulnerability in Progress Software MOVEit Automation allows Excessive Allocation. This issue affects MOVEit Automation: before 2025.0.11, from 2025.1.0 before 2025.1.7...
PT-2026-42151
Missing Authorization vulnerability in Magepeople inc. WpBookingly allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WpBookingly: from n/a through 1.2.9...
PT-2026-42152
Missing Authorization vulnerability in WP Chill Image Photo Gallery Final Tiles Grid allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Image Photo Gallery Final Tiles Grid: from n/a through 3.6.11...
PT-2026-42205
Background This vulnerability is found in the diffusers package - the transformers-equivalent library for diffusion models. It is found in the DiffusionPipeline.from pretrained flow, which is used to load a pipeline from the HuggingFace Hub. This function has a trust remote code guard: if the...
PT-2026-42207
Summary The SSE event server bound to 0.0.0.0:5553 on Linux/macOS by default because the platform-dependent host default in engine/flags.go:39-46 set host = "" for non-Windows, and utils.JoinHostPort"", ":5553" resolves to ":5553" — a Go http.Server.Addr of ":5553" listens on every interface. On...
PT-2026-42243
Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 148.0.7778.179 Google Chrome on Linux versions prior to 148.0.7778.179 Google Chrome on ChromeOS versions prior to 148.0.7778.179 Description A heap buffer overflow in the Chromecast component allows ...
PT-2026-42262
Taiko AG1000-01A SMS Alert Gateway Rev 7.3 and Rev 8 contains a hard-coded credential vulnerability in the embedded web configuration interface where authentication is implemented entirely in client-side JavaScript in login.zhtml, exposing static plaintext credentials in the page source...
PT-2026-42221
ArcGIS Server contains an improper authentication vulnerability in an undocumented administrative endpoint. An unauthenticated attacker could exploit this issue by sending a crafted request to the endpoint. Successful exploitation may result in disruption of the web-based browsing interface. This...
PT-2026-42229
A path traversal vulnerability exists in the Altium Enterprise Server ComparisonService due to missing filename sanitization in the Gerber file upload APIs. A regular authenticated workspace user can supply a crafted filename in the multipart Content-Disposition header to escape the intended...
PT-2026-42216
Name of the Vulnerable Software and Affected Versions NVIDIA TensorRT affected versions not specified Description An issue exists where an attacker could cause an out-of-bounds write, which is a condition where data is written outside the boundaries of a pre-allocated fixed-length block of memory...
PT-2026-42269
Plane is an open-source project management tool. In versions 1.3.0 and below, SavedAnalyticEndpoint passes the user-controlled segment query parameter directly to a Django F expression without validation unlike the regular AnalyticsEndpoint, which checks against an allowlist, causing ORM Field...
PT-2026-42173
Name of the Vulnerable Software and Affected Versions Twig affected versions not specified Description The Compiler::string function fails to escape single quotes when generating PHP double-quoted string literals. In ModuleNode::compileConstructor, template names from a % use % tag are processed...
PT-2026-42109
Name of the Vulnerable Software and Affected Versions memcached versions prior to 1.6.42 Description Username data for SASL password database authentication contains a timing side channel. This occurs because the sasl server userdb checkpass function utilizes a loop that terminates immediately up...
PT-2026-42130
Name of the Vulnerable Software and Affected Versions NLnet Labs Unbound versions prior to 1.25.1 Description A flaw in the DNSSEC validator occurs when the code path used to consult the negative cache for DS records ignores the limit on NSEC3 hash calculations. An attacker controlling a DNSSEC...
PT-2026-42127
Name of the Vulnerable Software and Affected Versions Unbound versions 1.16.2 through 1.25.0 Description An issue exists within the ghost domain names family of attacks that allows an adversary who controls a ghost zone and can query the system to extend the ghost domain window by up to one cache...
PT-2026-41815
in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS...
PT-2026-41823
in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS...
PT-2026-41813
A local privilege escalation vulnerability exists in O+ Connect because it fails to validate the identity of the caller on the pipe interface...
PT-2026-41816
in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS and it cannot be recovered...
PT-2026-41819
in OpenHarmony v6.0 and prior versions allow a local attacker cause information leak...
PT-2026-41830
Heap-based buffer overflow vulnerability in Samsung Open Source Escargot allows Overflow Buffers. This issue affects Escargot: 590345cc6258317c5da850d846ce6baaf2afc2d3...
PT-2026-41827
The Fortis for WooCommerce WordPress plugin before 1.3.1 may leak sensitive API keys to unauthenticated attackers, allowing them to query Fortis' API and retrieve sensitive customer information, like past orders, PII, etc...
PT-2026-41835
Name of the Vulnerable Software and Affected Versions Escargot version 590345cc6258317c5da850d846ce6baaf2afc2d3 Description Samsung Open Source Escargot contains a flaw where memory allocation is performed using an excessive size value, leading to excessive allocation. Recommendations At the...
PT-2026-41838
Name of the Vulnerable Software and Affected Versions Escargot version 590345cc6258317c5da850d846ce6baaf2afc2d3 Description Improper check or handling of exceptional conditions in Samsung Open Source Escargot allows for input data manipulation. Recommendations At the moment, there is no informati...
PT-2026-41836
Name of the Vulnerable Software and Affected Versions Samsung Open Source Escargot version 590345cc6258317c5da850d846ce6baaf2afc2d3 Description An out-of-bounds write issue exists that allows overflow buffers. Recommendations At the moment, there is no information about a newer version that...
PT-2026-41847
Improper Input Validation vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue...
PT-2026-41843
Name of the Vulnerable Software and Affected Versions MLflow version 3.9.0 Description The MLflow Assistant feature contains improper origin validation in its '/ajax-api' endpoints. This allows a remote attacker to use cross-origin requests from a malicious webpage to interact with an MLflow...
PT-2026-41885
Name of the Vulnerable Software and Affected Versions Contest Gallery versions prior to 28.1.7 Description The Contest Gallery plugin for WordPress contains a SQL Injection flaw. This occurs because the unauthenticated 'post cg gallery form upload' AJAX action fails to properly escape the form...
PT-2026-41884
Name of the Vulnerable Software and Affected Versions Piotnet Forms versions prior to 2.1.41 Description An arbitrary file upload issue exists due to missing file type validation within the piotnetforms ajax form builder function. The software employs an incomplete extension blacklist that blocks...
PT-2026-41934
Name of the Vulnerable Software and Affected Versions Portrait Dell Color Management versions prior to 3.7.0 Description A symbolic link issue exists in the Portrait Dell Color Management application on Windows. A local low-privileged user can escalate privileges to Administrator because the...
PT-2026-41935
Name of the Vulnerable Software and Affected Versions HestiaCP versions 1.2.0 through 1.9.4 Description An IP spoofing issue allows unauthenticated remote attackers to bypass authentication security controls. This occurs when the system accepts an arbitrary IP address provided in the...