PT-2026-38637

Name of the Vulnerable Software and Affected Versions Next.js affected versions not specified Description An authorization bypass exists in applications that use middleware to protect dynamic routes. Attackers can use specially crafted query parameters to alter the dynamic route value perceived b...

PT-2026-37936

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability...

PT-2026-37948

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable...

PT-2026-37634

HCL BigFix Service Management SM does not adequately sanitize or safely render spreadsheet files CSV, XLS, XLSX before processing or distributing them. An attacker could populate data fields which, when saved to a CSV file, may attempt information exfiltration or other malicious activity when...

PT-2026-37441

HCL DFXAnalytics is affected by an Improper Error Handling vulnerability where the application exposes detailed stack traces in responses, which could allow an attacker to gain insights into the application's internal structure, code logic, and environment configurations...

PT-2026-38225

Name of the Vulnerable Software and Affected Versions PicoTronica e-Clinic Healthcare System ECHS version 5.7 Description An issue in the Response Header Handler component within the file '/cdemos/echs/api/v2/' allows for remote information disclosure. Recommendations Upgrade to version 5.7.1...

PT-2026-38487

Summary Nokogiri's CSS selector tokenizer contains regular expressions whose construction may result in exponential regex backtracking on adversarial selectors. Three ReDoS vectors are addressed in this release: 1. String-literal tokenization on certain unterminated quoted-string input. 2...

PT-2026-38276

Name of the Vulnerable Software and Affected Versions JupyterLab versions prior to 4.5.7 Jupyter Notebook versions prior to 7.5.6 Description The HTML sanitizer allowlists data-commandlinker-command and data-commandlinker-args on button elements. Because CommandLinker listens for all click events...

PT-2026-37961

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf; Oracle GraalVM Enterprise Edition: 20.3.8 and 21.3.4. Easily exploitable vulnerability allows...

PT-2026-37950

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable...

PT-2026-38489

Summary Nokogiri's Nokogiri::XSLT::Stylesheettransform leaks a small heap allocation when passed a Ruby string parameter containing a null byte. For applications that pass attacker-controlled input through XSLT.transform parameters, this may be a vector for a denial of service attack against...

PT-2026-37749

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JNDI. Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit...

PT-2026-38011

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23;...

PT-2026-37911

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Concurrency. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthenticated attacker with network access via multipl...

PT-2026-37517

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A runtime power management RPM reference leak exists in the Linux kernel. In the ipu6 pci probe function, several error paths jump directly to out ipu6 bus del devices without releasing...

PT-2026-38213

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 148.0.7778.96 Description An uninitialized use in the GPU allows a remote attacker who has compromised the renderer process to obtain potentially sensitive information from process memory through a...

PT-2026-37772

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: CORBA. Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf; Oracle GraalVM Enterprise Edition: 20.3.11 and 21.3.7. Easily exploitable vulnerability allows...

PT-2026-37581

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An array-index-out-of-bounds access exists in the ntb hw switchtec component of the Non-Transparent Bridge NTB subsystem. The number of Mirror Window MW Look-Up Tables LUTs depends on th...

PT-2026-38286

Name of the Vulnerable Software and Affected Versions Craft CMS versions 4.0.0 through 4.17.11 Craft CMS versions 5.0.0 through 5.9.17 Description An input-handling flaw in a Yii object creation path allows authenticated users to inject malicious configuration and execute arbitrary commands on th...

PT-2026-37907

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Lightweight HTTP Server. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network acce...

PT-2026-37246

Name of the Vulnerable Software and Affected Versions Netty versions prior to 4.1.133.Final Netty versions prior to 4.2.13.Final Description Request-line validation can be bypassed when a DefaultHttpRequest or DefaultFullHttpRequest is created and its URI is subsequently modified using the setUri...

PT-2026-37362

These are all security issues fixed in the cf-cli-8.18.3+git.0.83ce51d9c-1.1 package on the GA media of openSUSE Tumbleweed...

PT-2026-38153

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description A race condition in the Speech component allows a remote attacker who has already compromised the renderer process to obtain potentially sensitive information from process memory by usi...

PT-2026-37306

Name of the Vulnerable Software and Affected Versions ssrfcheck versions 1.3.0 and earlier Description ssrfcheck fails to block Server-Side Request Forgery SSRF attacks when a target private IP address is encoded as an IPv4-mapped IPv6 address e.g., 'http://::ffff:127.0.0.1/'. This occurs because...

PT-2026-37255

Name of the Vulnerable Software and Affected Versions Open-WebSearch versions prior to 2.1.7 Description An issue exists in the isPublicHttpUrl and assertPublicHttpUrl functions within src/utils/urlSafety.ts that allows non-blind Server-Side Request Forgery SSRF, where the response body is return...

PT-2026-38182

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description Insufficient data validation in DataTransfer allows a remote attacker who has compromised the renderer process to perform arbitrary read and write operations via a crafted HTML page...

PT-2026-37303

Name of the Vulnerable Software and Affected Versions exiftool-vendored versions prior to 35.19.0 Description Certain strings provided by the caller are interpolated into ExifTool arguments without rejecting line delimiters. A newline or carriage return within these strings can split a single...

PT-2026-37044

Name of the Vulnerable Software and Affected Versions MeiG Smart FORGE SLT711 version MDM9607.LE.1.0-00110-STD.PROD-1 Description The GoAhead web server allows unauthenticated OS command injection, a flaw where an attacker can execute arbitrary operating system commands on the device. This issue...

PT-2026-38154

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description Insufficient validation of untrusted input in Permissions allows an attacker on the local network segment to leak cross-origin data via malicious network traffic. Recommendations Update...

PT-2026-37219

Name of the Vulnerable Software and Affected Versions SQLBot versions prior to 1.7.1 Description The Text2SQL chat interface is susceptible to prompt injection. The question parameter is concatenated into the Large Language Model LLM prompt without filtering or escaping, and the resulting SQL is...

PT-2026-36937

A security flaw has been discovered in Axle-Bucamp MCP-Docusaurus up to 404bc028e15ec304c9a045528560f4b5f27a17e0. The affected element is the function update document/continue document/delete document/get content of the file app/routes/document.py. Performing a manipulation of the argument DOCS...

PT-2026-37254

Summary Mage ProductAlert AddController::stockAction reads the uenc query parameter and passes it directly to $this- redirectUrl$backUrl without calling $this- isUrlInternal When the supplied product id does not match any catalog product, the server issues an unvalidated HTTP 302 redirect to...

PT-2026-36739

Name of the Vulnerable Software and Affected Versions GeoVision GV-IP Device Utility version 9.0.5 Description Insufficient encryption in the Device Authentication functionality allows for the leak of credentials. When the utility sends privileged commands to devices over UDP, the username and...

PT-2026-36646

Name of the Vulnerable Software and Affected Versions Starlet versions prior to 0.32 Description Starlet for Perl allows HTTP Request Smuggling due to improper header precedence. The software incorrectly prioritizes the Content-Length header over Transfer-Encoding: chunked when both are present i...

PT-2026-36606

The Geo Mashup plugin for WordPress is vulnerable to Time-Based SQL Injection via the 'sort' parameter in all versions up to, and including, 1.13.18. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. The esc sql...

PT-2026-38388

Name of the Vulnerable Software and Affected Versions vm2 versions prior to 3.11.0 Description An issue exists where it is possible to obtain the host Object, allowing an attacker to escape the sandbox. This can be achieved through various methods, such as using the getOwnPropertySymbols function...

PT-2026-38392

Name of the Vulnerable Software and Affected Versions vm2 versions prior to 3.11.0 Description A sandbox escape allows sandboxed code to crash the host Node.js process. This occurs when a Promise constructor triggers an unhandled rejection that propagates to the host. Specifically, when sandboxed...

PT-2026-35436

A vulnerability has been found in code-projects Online Lot Reservation System up to 1.0. The impacted element is an unknown function of the file /loginuser.php. The manipulation of the argument email/password leads to sql injection. It is possible to initiate the attack remotely. The exploit has...

PT-2026-34963

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the ksmbd module, the parse dacl function compares each Access Control Entry ACE Security Identifier SID against sid unix NFS mode. If sid unix NFS mode is the prefix S-1-5-88-3 with...

PT-2026-34953

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the vfio/xe component where certain members of xe vfio pci core device required for handling resets are only initialized during migration initialization. Consequently,...

PT-2026-34977

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference exists in the alps raw event function within the hid-alps driver. This occurs because the driver fails to properly check if it has been claimed correctly befor...

PT-2026-34864

The Liaison Site Prober plugin for WordPress is vulnerable to Information Exposure in all versions up to and including 1.2.1 via the /wp-json/site-prober/v1/logs REST API endpoint. The permissions read permission callback unconditionally returns true via return true instead of checking for...

PT-2026-34973

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the bnge driver where the error path fails to return after calling the auxiliary device uninit function. When auxiliary device add fails, the system calls auxiliary...

PT-2026-35030

Name of the Vulnerable Software and Affected Versions LiquidJS versions prior to 10.25.7 Description A circular block reference within % layout % and % block % tags can trigger an infinite recursive loop. This occurs in the getBlockRender function within src/tags/block.ts during OUTPUT mode; when...

PT-2026-34679

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the net/tls component. When the crypto aead encrypt function returns -EBUSY, a request is enqueued to the cryptd backlog. If the tls encrypt async wait...

PT-2026-37150

Name of the Vulnerable Software and Affected Versions i18next-http-middleware versions prior to 3.9.3 Description An unauthenticated HTTP client can pollute Object.prototype in the Node.js process hosting the middleware. This occurs via two unvalidated entry points: getResourcesHandler and...

PT-2026-34617

Name of the Vulnerable Software and Affected Versions @xmldom/xmldom versions prior to 0.8.13 @xmldom/xmldom versions prior to 0.9.10 xmldom versions prior to 0.6.0 Description The package serializes DocumentType node fields internalSubset, publicId, and systemId verbatim without escaping or...

PT-2026-35428

Name of the Vulnerable Software and Affected Versions n8n versions prior to 1.123.32 n8n versions prior to 2.17.4 n8n versions prior to 2.18.1 Description A flaw in the xml2js library used to parse XML request bodies in the webhook handler allows prototype pollution via a crafted XML payload...

PT-2026-34574

Name of the Vulnerable Software and Affected Versions IBM Security Verify Directory Container versions 10.0.0 through 10.0.0.3 Description IBM Security Verify Directory is susceptible to malicious file upload due to a failure to validate file types. This allows a privileged user to upload harmful...

PT-2026-34616

Name of the Vulnerable Software and Affected Versions @xmldom/xmldom versions prior to 0.8.13 @xmldom/xmldom versions prior to 0.9.10 xmldom versions 0.6.0 and earlier Description Seven recursive traversals in lib/dom.js operate without a depth limit. When processing a sufficiently deeply nested...