PT-2026-45687

The Auto Image Attributes From Filename With Bulk Updater Add Alt Text, Image Title For Image SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the attachment metadata in all versions up to, and including, 4.9 due to insufficient input sanitization and output escaping. Thi...

PT-2026-45750

Name of the Vulnerable Software and Affected Versions Gleam versions 1.16.0 through 1.17.0 Description A path traversal issue exists in the handling of custom documentation pages. The documentation.pages entries within the gleam.toml file are incorporated into filesystem paths without sufficient...

PT-2026-45868

Name of the Vulnerable Software and Affected Versions Docker Desktop versions prior to 4.76.0 Description A VM panic occurs due to unbounded recursion within the grpcfuse kernel module. This happens when a container creates deeply nested directories on a bind-mounted host folder and triggers a...

PT-2026-45730

Name of the Vulnerable Software and Affected Versions Axiomthemes Crafti versions prior to 1.13 Description Improper control of filename for include/require statements in PHP programs allows for Local File Inclusion. This occurs when the application fails to properly validate the file paths used ...

PT-2026-45728

Name of the Vulnerable Software and Affected Versions Confidant versions prior to 1.5 Description Improper control of filenames for include or require statements in the PHP program allows for Local File Inclusion. This occurs when the application fails to properly validate the file paths used in...

PT-2026-45841

Improper Encoding or Escaping of Output vulnerability in elixir-tesla tesla allows multipart part header injection via unescaped Content-Disposition parameter values. Tesla.Multipart.part headers for disposition/1 interpolates each disposition parameter as k="v" with no validation of CR r, LF , o...

PT-2026-45858

Name of the Vulnerable Software and Affected Versions authentik versions prior to 2025.12.6 authentik versions prior to 2026.2.4 authentik versions prior to 2026.5.1 Description An attacker who has the ability to modify a source connection and possesses an account in one of the configured sources...

PT-2026-45884

A vulnerability was identified in wonderwhy-er DesktopCommanderMCP 0.2.37. This affects the function readFileFromUrl of the file src/tools/filesystem.ts of the component read file. Such manipulation of the argument url leads to server-side request forgery. The attack may be performed from remote...

PT-2026-45778

A high security vulnerability affecting Security Center main server installations has been identified. It could allow an attacker with local OS privileges to the main server to access the Server Admin credentials. A third party hired by Genetec found the issue. There is currently no evidence of...

PT-2026-45726

Name of the Vulnerable Software and Affected Versions Tiled Gallery Carousel Without JetPack versions prior to 3.2 Description The plugin is subject to stored cross-site scripting due to insufficient input sanitization and output escaping. Authenticated attackers with contributor level access or...

PT-2026-46565

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in the Document Object Model DOM, a programming interface for web documents, allows a remote attacker to bypass the same origin policy through the use of...

PT-2026-46441

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in Extensions allows a remote attacker who has compromised the renderer process to bypass the same origin policy, which is a security mechanis...

PT-2026-46440

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in the Media component allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted...

PT-2026-46620

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient policy enforcement in DevTools allows an attacker to perform privilege escalation. This occurs when a user is convinced to install a crafted malicious Chrome Extension...

PT-2026-46714

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in Glic allows a remote attacker to bypass navigation restrictions by using a crafted HTML page. Recommendations Update to version 149.0.7827.53 or later...

PT-2026-45834

Name of the Vulnerable Software and Affected Versions React Router versions 7.0.0 through 7.14.1 Description When using Framework Mode, a combination of steps could allow unauthorized remote code execution RCE through external requests. This occurs because the vendored turbo-stream v2 can be abus...

PT-2026-45604

In Load of LoadedArsc.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2026-45636

Memory Corruption when output buffer size is smaller than input buffer size during data copying operation...

PT-2026-45672

A vulnerability has been found in 1Panel-dev CordysCRM up to 1.6.2. This affects an unknown function of the file backend/framework/src/main/java/cn/cordys/config/RequestParamTrimConfig.java. The manipulation leads to cross site scripting. Remote exploitation of the attack is possible. The exploit...

PT-2026-45454

FlexRIC v2.0.0 crashes when receiving a duplicate E2 SETUP REQUEST from the same or spoofed E2 Node. The iApp registry enforces node ID uniqueness via assert rather than graceful rejection. A remote unauthenticated attacker can crash the iApp process port 36421 by sending two E2 SETUP REQUESTs wi...

PT-2026-45363

Name of the Vulnerable Software and Affected Versions Apache Airflow versions prior to 3.2.2 Description A flaw in the FileTaskHandler allows a DAG author to access or modify files outside the configured base log folder when the worker log folder is shared with the API server. This can be achieve...

PT-2026-45386

Name of the Vulnerable Software and Affected Versions Teamwork Cloud versions No Magic Release 2022x through No Magic Release 2026x Magic Collaboration Studio versions CATIA Magic Release 2022x through CATIA Magic Release 2026x Description An issue involving the deserialization of untrusted data...

PT-2026-45585

In multiple functions, there is a possible way to access the contacts database due to a SQL injection. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2026-45974

A Dag author could either a create a symlink under their task's log directory pointing to an arbitrary file readable by the API server process read-path attack — e.g. /etc/passwd or airflow.cfg or b supply a task id containing .. sequences accepted by the Task SDK's KEY REGEX write-path attack, a...

PT-2026-45653

Name of the Vulnerable Software and Affected Versions Kiteworks versions prior to 9.3.0 Description An Insecure Direct Object Reference IDOR issue in Kiteworks Secure Data Forms allows an authenticated user to access metadata of resources belonging to other users. This occurs because of...

PT-2026-45244

A vulnerability was identified in AstrBotDevs AstrBot 4.24.2. This affects the function astr main agent of the file astrbot/core/astr main agent.py. Such manipulation of the argument session id leads to authorization bypass. It is possible to launch the attack remotely. The exploit is publicly...

PT-2026-45398

The PDBM application relies on a static, hard‑coded secret embedded in the PDBM.exe executable. This secret is used by the application’s encryption routines, including the function responsible for decrypting credentials stored in the product’s configuration file. Because the secret is constant...

PT-2026-45475

Nextcloud is an open source content collaboration platform. From versions 17.0.0 to before 17.0.15, 18.0.0 to before 18.1.12, 19.0.0 to before 19.1.16, 20.0.0 to before 20.1.11, and 21.0.0 to before 21.0.4, a user with READ and CREATE permission, but no UPDATE permission for a team folder can...

PT-2026-45357

SOPlanning is vulnerable to Stored Cross-Site Scripting XSS via /process/upload backup endpoint. An authenticated attacker with access to the backup functionality can upload a crafted ZIP archive containing a malicious user.csv file with embedded JavaScript. The injected code is executed in the...

PT-2026-45387

A vulnerability was discovered on Stormshield Network Security 4.3.0 to 4.3.41, 4.8.0 to 4.8.15, 5.0.0 to 5.0.5 It is possible to execute a reflected XSS attack on the login API available on Stormshield SNS appliance by executing a script on the victim's machine. The risks include the theft of...

PT-2026-45662

A weakness has been identified in code-projects Online Hospital Management System 1.0. This issue affects some unknown processing of the file viewdoctortimings.php. This manipulation of the argument delid causes improper control of resource identifiers. The attack can be initiated remotely. The...

PT-2026-45360

SOPlanning is vulnerable to Path Traversal in backup endpoints. Authenticated remote attacker is able to exploit a vulnerable endpoint and construct payloads that allow reading and executing files previously added through the backup functionality. Critically, due to CVE-2026-40543 Missing...

PT-2026-45522

Name of the Vulnerable Software and Affected Versions Nextcloud versions prior to 2.7.2 Description Authenticated users can verify if arbitrary files are linked to specific approval workflows used for requesting approval. Recommendations Update to version 2.7.2...

PT-2026-45262

An incorrect handling of permissions in OTRS External Interface and the ConfigItem List module allows an authenticated customer to query the system for CI information. Please note that CMDB has to be anabled and CustomerGroupSupport has to be used to be affected. This issue affects OTRS: 7.0.X...

PT-2026-45663

A security vulnerability has been detected in SGLang 0.5.10.post1. Impacted is an unknown function of the file python/sglang/srt/lora/lora manager.py of the component Inference HTTP Endpoint. Such manipulation of the argument lora path leads to reachable assertion. The attack can be launched...

PT-2026-45600

In getAppLabel of ForgetDeviceDialogFragment.java, there is a possible trick the user into forgetting a device due to misleading or insufficient UI. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2026-45359

SOPlanning is vulnerable to SQL Injection across multiple endpoints and parameters. Attacker with low privileges can inject arbitrary SQL commands, potentially gaining full control over the database. This issue affects SOPlanning version 1.55 and below...

PT-2026-45434

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in E2Pdf.Com e2pdf allows Reflected XSS. This issue affects e2pdf: from n/a through 1.32.14...

PT-2026-45533

Name of the Vulnerable Software and Affected Versions Nextcloud versions 0.7.0 through 0.7.6 Nextcloud versions 0.8.0 through 0.8.9 Nextcloud versions 0.9.0 through 0.9.7 Nextcloud versions 1.0.0 through 1.0.3 Description An authenticated attacker with access to the Tables app can execute arbitra...

PT-2026-45610

Name of the Vulnerable Software and Affected Versions WindowManagerService affected versions not specified Description A tapjacking issue exists in the addWindow function of WindowManagerService.java, where a tapjacking or overlay attack—a technique where a malicious application overlays a...

PT-2026-45362

SOPlanning is vulnerable to Cross‑Site Request Forgery CSRF in groupe save create, modify and delete endpoints. An attacker can craft a malicious website that, when visited by an authenticated user, automatically sends a forged GET or POST request to the application. This issue affects SOPlanning...

PT-2026-45633

Memory Corruption when processing IOCTL requests with mismatched API versions due to concurrent modification of user-space buffer...

PT-2026-45495

Name of the Vulnerable Software and Affected Versions launch-editor versions prior to 2.9.0 vite versions prior to 5.4.9 Description Insufficient sanitization of the file argument in the launchEditor function allows an attacker to execute arbitrary commands on Windows systems by providing a...

PT-2026-45644

Memory corruption while processing fastboot commands with invalid input...

PT-2026-45666

The Slider Revolution plugin for WordPress is vulnerable to Sensitive Information Exposure in versions 7.0.0 - 7.0.14, via the 'slider.get.full' AJAX Action. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including raw social...

PT-2026-45629

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Memory corruption occurs during a memory copy operation due to invalid writes caused by a null pointer, which is a reference that does not point to any valid...

PT-2026-45450

A vulnerability was determined in indrasishbanerjee aem-mcp-server up to b5f833aef9b5dfd17a5991b3b18a8a11edbdc583. This impacts the function getAssetMetadata of the file src/mcp-server.ts of the component Axios Request Flow. Executing a manipulation of the argument assetPath can lead to server-si...

PT-2026-45366

Name of the Vulnerable Software and Affected Versions Apache Airflow versions prior to 3.2.2 Description The JWTRefreshMiddleware sets the JWT authentication cookie without the Secure flag. In deployments where the Airflow API server is positioned behind an HTTPS-terminating reverse proxy, the...

PT-2026-45403

A flaw has been found in SourceCodester Pet Grooming Management Software 1.0. Affected is an unknown function of the file /admin/. This manipulation causes file and directory information exposure. The attack can be initiated remotely. The exploit has been published and may be used...

PT-2026-45259

Content removed...