184322 matches found
PT-2026-43908
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description A flaw exists in the greybus gb-beagleplay component where the hdlc append function calls usleep range while the tx producer...
PT-2026-44028
Name of the Vulnerable Software and Affected Versions ElementsKit Elementor addons Lite versions prior to 3.9.7 Description A missing authorization issue in Wpmet ElementsKit Elementor addons Lite allows for the exploitation of incorrectly configured access control security levels. This is a brok...
PT-2026-43993
Name of the Vulnerable Software and Affected Versions Keycloak affected versions not specified Description An authenticated user with low privileges can achieve privilege escalation by sending an oversized JSON Web Token JWT, which is a compact, URL-safe means of representing claims to be...
PT-2026-44084
pam usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, src/mem.c implemented out-of-memory guards for xmalloc, xrealloc, and xstrdup using assertdata != NULL. The C standard specifies that all assert expressions are compiled out when NDEBUG is defined a...
PT-2026-43796
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the ovpn net xmit function. When building the skb list, the skb share check function frees the original skb socket buffer if it is shared. The system the...
PT-2026-43816
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the hardware random number generator hwrng core. The hwrng fill pointer is not cleared until the hwrng fillfn thread exits. Because hwrng unregister reads hwrn...
PT-2026-43721
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the inside-secure/eip93 crypto component where the system attempts to unregister all crypto algorithms regardless of whether they are implemented in the hardware...
PT-2026-43791
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ksmbd module where the function ksmbd vfs kern path end removing is not called on certain error paths. This failure to balance the corresponding ksmbd vfs kern pat...
PT-2026-43925
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description A race condition exists in the amphion VPU driver within the Linux kernel. This occurs when v4l2 m2m ctx release frees the m2m ctx context while v4l2 m2m try run is attempting to call devic...
PT-2026-43924
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Landlock security module where the LOG SUBDOMAINS OFF setting is not correctly inherited across fork. The hook cred transfer function only copies the Landlock...
PT-2026-43928
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A deadlock occurs in the jbd2 journal cancel revoke function due to an incorrect lock ordering folio - buffer. This happens when the filesystem blocksize is smaller than the pagesize,...
PT-2026-43948
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory corruption issue exists in the Linux kernel crypto acomp component. The function acomp save req incorrectly stores the address of the chain member &req-chain in req-base.data...
PT-2026-43950
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A resource leak occurs during device setup failure in the SPI Serial Peripheral Interface subsystem. Specifically, if the spi setup function fails while registering a device, the...
PT-2026-43971
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A lifetime bookkeeping error exists in the ucan driver within the CAN subsystem. USB drivers bind to USB interfaces, and device managed resources must have their lifetime tied to the...
PT-2026-43494
Name of the Vulnerable Software and Affected Versions HTTP::Daemon versions prior to 6.17 Description OS command injection is possible through the send file function. This occurs because send file utilizes Perl's 2-arg open function, which interprets magic prefixes. Specifically, prefixes like '|...
PT-2026-44033
A cross-site request forgery CSRF vulnerability in Jenkins Multijob Plugin 662.vd2e0001f6b b d and earlier allows attackers to resume failed Multijob builds...
PT-2026-43663
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RealMag777 TableOn posts-table-filterable allows Blind SQL Injection.This issue affects TableOn: from n/a through = 1.0.5.1...
PT-2026-43729
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the iommu/vt-d component where the address of a freshly allocated zero-initialized PASID table is written to a PASID directory entry before the CPU cache flush occurs...
PT-2026-43997
Craft CMS 5.9.5 and earlier contains a Missing Authorization vulnerability in the migrate endpoint /actions/app/migrate...
PT-2026-43789
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the RDMA/mlx5 component within the UVERBS HANDLERMLX5 IB METHOD GET DATA DIRECT SYSFS PATH function. The function uses kobject get path to allocate memory for the...
PT-2026-43345
FACTION is a PenTesting Report Generation and Collaboration Framework. Prior to 1.8.3, Faction is vulnerable to stored cross-site scripting XSS via attachment filenames in remediation verification file preview flows. User-supplied filename values are persisted and then rendered into HTML and...
PT-2026-46875
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=516319578 Crash type: Heap-buffer-overflow WRITE 1 Crash state: ihevcd fmt conv 422sp to 420p ihevcd fmt conv ihevcd decode...
PT-2026-51015
Name of the Vulnerable Software and Affected Versions ProxySQL versions 2.0.0 through 3.0.8 Description The MySQL frontend incorrectly processes the PROXY UNKNOWN r PP1 frame of the PROXY protocol v1. According to the specification, when the protocol token is UNKNOWN, the receiver must ignore...
PT-2026-43160
A vulnerability was determined in hemant6488 CodeIgniter-StudentManagementSystem. The affected element is an unknown function of the file /index.php/students/addStudentView of the component Student Management Handler. Executing a manipulation can lead to improper access controls. The attack can b...
PT-2026-43434
Name of the Vulnerable Software and Affected Versions GitHub Enterprise Server versions prior to 3.22 Description A server-side request forgery SSRF issue exists where an unauthenticated attacker can send crafted requests to internal services due to insufficient input validation in an upload...
PT-2026-43290
Name of the Vulnerable Software and Affected Versions com content affected versions not specified Description Lack of output escaping in the readmore links for com content allows for a Cross-Site Scripting XSS vector. XSS is a flaw where an attacker can inject malicious scripts into web pages...
PT-2026-43411
A vulnerability was determined in JeecgBoot up to 3.9.1. The affected element is the function LoginController.selectDepart of the file /sys/selectDepart. This manipulation causes improper access controls. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and m...
PT-2026-43440
Name of the Vulnerable Software and Affected Versions Pterodactyl versions prior to 1.12.3 Description The Client API contains a logic flaw allowing users to bypass assigned limits for database allocations. This occurs because the database locking mechanism within the controllers is ineffective...
PT-2026-43378
code100x contains an authentication bypass vulnerability in the Mobile API that allows unauthenticated attackers to impersonate arbitrary users by supplying a crafted JSON payload in the 'g' HTTP header. The middleware in middleware.ts skips identity header generation when an Auth-Key header is...
PT-2026-43194
A flaw has been found in Totolink CA750-PoE 6.2c.510. This affects the function setWiFiWpsConfig of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Executing a manipulation of the argument PIN can lead to os command injection. It is possible to launch the attack remotely. The...
PT-2026-43407
Name of the Vulnerable Software and Affected Versions oban web versions 2.12.0 through 2.12.4 Description A missing authorization issue in the Elixir.Oban.Web.Jobs.DetailComponent module allows unauthorized job worker substitution. The handle event"save-job", ... handler fails to perform...
PT-2026-43403
Lumiverse is a full-featured AI chat application. Prior to 0.9.7, the component override system transpiles user-supplied TSX via Sucrase and evaluates it with new Function, shadowing dangerous globals fetch, window, eval, etc. with undefined. A static source validator...
PT-2026-43406
MaxKB is an open-source AI assistant for enterprise. Prior to 2.9.1, user passwords are stored using unsalted MD5 hashes, making them trivially crackable via rainbow tables or GPU-accelerated brute force hashcat. This vulnerability is fixed in 2.9.1...
PT-2026-43438
Name of the Vulnerable Software and Affected Versions Samba affected versions not specified Description A flaw exists in the handling of certificate auto-enrollment Group Policy. When this feature is enabled, Samba may retrieve a CA certificate via an unencrypted HTTP connection and install it in...
PT-2026-43452
TL;DR This vulnerability affects all Kirby sites on Kirby 5.3.0-5.4.0 and is independent from setup conditions and authentication. This vulnerability is of high severity for all Kirby sites. ---- Introduction Path traversal is a type of attack that allows to access arbitrary filesystem paths. By...
PT-2026-43356
🚨 CVE-2026-48696 FastNetMon Community Edition through 1.2.9 has a buffer overflow, a different vulnerability than CVE-2026-48686 and CVE-2026-48689. 🎖@cveNotify...
PT-2026-43399
Name of the Vulnerable Software and Affected Versions Lumiverse versions prior to 0.9.7 Description The consumeNonce function only verifies that a module-level variable is set and has not expired, failing to validate values from the incoming HTTP request or bind the nonce to the administrator's...
PT-2026-44504
Name of the Vulnerable Software and Affected Versions FOSSBilling versions prior to 0.8.0 Description Authenticated sessions for client, staff, or admin accounts are not invalidated when the account is suspended or marked inactive. The session identity loaders in src/di.php loggedin client and...
PT-2026-43348
Name of the Vulnerable Software and Affected Versions Chatwoot versions 2.2.0 through 4.11.1 Description An issue exists in the conversation and contact filter APIs where user-supplied values in the values field of the filter payload are interpolated directly into SQL queries without...
PT-2026-43349
Chatwoot is a customer engagement suite. From 2.14.0 to before 4.13.0, a Pre-Account Takeover Pre-ATO vulnerability existed in Chatwoot's authentication flow. Because email confirmation was not enforced before an account became usable, an attacker could pre-register an email address they did not...
PT-2026-43162
Name of the Vulnerable Software and Affected Versions Archive::Tar versions prior to 3.08 Description Archive::Tar for Perl allows the extraction of symlinks with attacker-controlled targets located outside the extraction directory. The function make special file passes the tar header's linkname ...
PT-2026-43029
Name of the Vulnerable Software and Affected Versions SourceCodester Simple POS and Inventory System version 1.0 Description An issue exists in the GET Parameter Handler component where the delete function within the '/admin/deleteproduct.php' endpoint is susceptible to SQL injection. This occurs...
PT-2026-42999
A vulnerability was determined in KLiK SocialMediaWebsite 1.0. This vulnerability affects the function uniqid of the file upload.inc.php of the component File Handler. This manipulation causes unrestricted upload. The attack can be initiated remotely. The exploit has been publicly disclosed and m...
PT-2026-43087
A flaw has been found in dazeb markdown-downloader up to 3d4394b34b6c99d81af817623af55e3384df5a6a. Affected is the function download markdown/list downloaded files/create subdirectory of the file src/index.ts. Executing a manipulation can lead to path traversal. The attack can be launched remotel...
PT-2026-43137
Name of the Vulnerable Software and Affected Versions Autoship Cloud for WooCommerce Subscription Products versions prior to 2.14.1 Description A missing authorization issue exists in the Autoship Cloud for WooCommerce Subscription Products plugin, which allows for the exploitation of incorrectly...
PT-2026-42991
A security vulnerability has been detected in code-projects Employee Management System 1.0. This impacts an unknown function of the file /myprofile.php. Such manipulation of the argument ID leads to cross site scripting. The attack can be executed remotely. The exploit has been disclosed publicly...
PT-2026-43077
A vulnerability was found in Tiandy Easy7 Integrated Management Platform 7.17.0. This vulnerability affects unknown code of the file /Easy7/apps/WebService/GetDBDataEx.jsp. Performing a manipulation of the argument strTBName results in sql injection. Remote exploitation of the attack is possible...
PT-2026-43075
A vulnerability was detected in Edimax EW-7438RPn 1.31. Affected by this vulnerability is the function formWpsProxyEnable of the file /goform/formWpsProxyEnable. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack can be launched remotely. The exploit is...
PT-2026-43084
A security vulnerability has been detected in yashpokharna2555 StudentManagementSystem cb2f558ddf8d19396de0f92abf2d224d46a0a203. This affects the function confirm logged in of the file student trans.php. Such manipulation of the argument FIRST NAME/Last Name/EMAIL leads to sql injection. It is...
PT-2026-43117
A vulnerability has been found in Dromara lamp-cloud up to 5.6.2. Impacted is the function GroovyClassLoader.parseClass of the component Message Template Handler. Such manipulation of the argument DefMsgTemplate.content leads to improper neutralization of special elements used in a template engin...