Lucene search
K
PtsecurityRecent

184315 matches found

Positive Technologies
Positive Technologies
added 2 days ago6 views

PT-2026-56813

A weakness has been identified in manjurulhoque django-job-portal up to dfa352f305bba44445ac5dc12e9b2a98c9dcd71f. Affected by this vulnerability is the function EditEmployeeProfileAPIView of the file accounts/api/views.py of the component Employee Dashboard Endpoint. This manipulation of the...

6.5CVSS6.2AI score0.00209EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2 days ago7 views

PT-2026-56814

A security vulnerability has been detected in aerostackdev aerostack-mcp up to 6315dfde7df0a15aaf743f88d91347115e09ba23. Affected by this issue is the function upload media of the component mcp-whatsapp. Such manipulation of the argument media url leads to server-side request forgery. The attack...

6.5CVSS6.2AI score0.00209EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2 days ago6 views

PT-2026-56993

Name of the Vulnerable Software and Affected Versions Discourse versions prior to 2026.6.0 Discourse versions prior to 2026.5.1 Discourse versions prior to 2026.4.2 Discourse versions prior to 2026.1.5 Description The signup flow allows newly registered users to set the primary group id variable...

8.2CVSS6.1AI score0.00309EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2 days ago7 views

PT-2026-56788

The DHL eCommerce Benelux for WooCommerce plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check and missing nonce verification on the create label and delete label functions in versions up to, and including, 2.2.3. These functions are...

4.3CVSS5.9AI score0.00196EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2 days ago6 views

PT-2026-56789

The Employee, Leave and Recruitment Management System – Crew HRM plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.2.2. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

4.3CVSS6AI score0.00227EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2 days ago11 views

PT-2026-56792

The WP Cost Estimation & Payment Forms Builder E&P Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'customerInfos' parameter in all versions up to, and including, 10.5.97 due to insufficient input sanitization and output escaping. This makes it possible for...

7.2CVSS6.1AI score0.00204EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2 days ago6 views

PT-2026-56887

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. Prior to 0.10.0, backend/open webui/routers/terminals.py built the ws terminal upstream URL from an unencoded session id and appended user id as a query parameter, allowing query injection to make the terminal...

8CVSS6AI score0.00288EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2 days ago6 views

PT-2026-56888

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.8.12 before 0.10.0, an authenticated non-admin user with read access to an arena wrapper model can reach a restricted underlying model through task endpoints such as /api/v1/tasks/moa/completions. The...

5.4CVSS6AI score0.00211EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2 days ago4 views

PT-2026-57001

Name of the Vulnerable Software and Affected Versions Discourse versions prior to 2026.6.0 Discourse versions prior to 2026.5.1 Discourse versions prior to 2026.4.2 Discourse versions prior to 2026.1.5 Description A topic featured link is not sufficiently normalized and escaped before being...

7.4CVSS6.1AI score0.00468EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-56895

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.9.6 before 0.10.0, sanitize proxy path in backend/open webui/routers/terminals.py decoded proxy paths only eight times, allowing a nine-times percent-encoded ../ traversal value to pass normalization chec...

7.7CVSS5.9AI score0.00362EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2 days ago6 views

PT-2026-56885

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.7.0 before 0.10.0, GET /api/v1/channels//members returned full UserModelResponse objects for channel members, including settings.ui.toolServers.key and webhook configuration, allowing a normal channel...

6CVSS5.9AI score0.00259EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-56831

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.8.11 before 0.10.0, POST /api/v1/images/edit required only a verified account and did not enforce the global image-edit switch or the per-user image-generation permission, allowing a non-admin user to...

4.3CVSS6AI score0.00259EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-56997

Name of the Vulnerable Software and Affected Versions Discourse versions prior to 2026.6.0 Discourse versions prior to 2026.5.1 Discourse versions prior to 2026.4.2 Discourse versions prior to 2026.1.5 Description Restricted tag and tag-group names attached to publicly readable categories as...

6.3CVSS6.1AI score0.00384EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2 days ago7 views

PT-2026-56816

n8n is an open source workflow automation platform. Prior to 2.27.4 and 2.28.1, the AI Agents feature did not enforce the Allowed HTTP Request Domains restriction configured on credentials when an MCP tool was pointed at an arbitrary URL, allowing a member-level user with use-only access to a...

7.1CVSS6.1AI score0.00263EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-56884

Name of the Vulnerable Software and Affected Versions Open WebUI versions 0.9.0 through 0.9.x Description When Redis is configured, the authentication process for Socket.IO connect, user-join, join-channels, join-note, and the terminal websocket first-message uses the decode token function withou...

7.1CVSS6.1AI score0.0025EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2 days ago8 views

PT-2026-56829

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.9.2 before 0.10.0, the SKILL MENTION RE and strip re regular expressions in backend/open webui/utils/middleware.py parsed skill mentions with overlapping quantifiers, allowing an authenticated chat messag...

6.5CVSS6AI score0.00295EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2 days ago3 views

PT-2026-56932

An issue in docuForm GmbH FSM Client v.11.11c allows a remote attacker to obtain sensitive information via the login.php component. A vulnerability was identified in the authentication mechanism that allows user enumeration through the login interface. An attacker can differentiate between valid...

6AI score0.00248EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2 days ago4 views

PT-2026-56877

A stack-based buffer overflow vulnerability in the RTSP service of Tenda CP3 V3.0 firmware V31.1.9.91 allows an unauthenticated remote attacker to cause a denial of service via a crafted SETUP request. The RTSP service's second-stage URL routing parser fails to validate the length of the URL fiel...

7.5CVSS6.4AI score0.00402EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2 days ago4 views

PT-2026-56878

A stack-based buffer overflow vulnerability in the RTSP service of Tenda CP3 V3.0 firmware V31.1.9.91 allows an unauthenticated remote attacker to cause a denial of service via a crafted second SETUP request. After completing the OPTIONS, DESCRIBE, and a legitimate first SETUP request to obtain a...

7.5CVSS6.4AI score0.00411EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-56876

Tenda CP3 V3.0 firmware V31.1.9.91 contains a stack-based buffer overflow in the RTSP service. The device fails to validate the length of the clock= value in the Range header field when processing a PLAY request. An unauthenticated remote attacker who has completed a standard RTSP session handsha...

6.4AI score0.0019EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2 days ago4 views

PT-2026-56875

Tenda CP3 V3.0 firmware V31.1.9.91 does not validate the Content-Length header field in RTSP requests including DESCRIBE, SETUP, and PLAY methods. When a request carrying a Content-Length header is received without a corresponding message body, the RTSP parser enters a persistent body-awaiting...

7.5CVSS6AI score0.00404EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2 days ago9 views

PT-2026-56823

An improper input handling vulnerability in the RTSP service of Tenda CP3 V3.0 firmware V31.1.9.91 causes the device to abruptly terminate the TCP connection with a RST packet when a request containing an oversized field value is received, without returning any RFC 2326-compliant error response...

6AI score0.00324EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2 days ago8 views

PT-2026-56822

A stack-based buffer overflow vulnerability in the RTSP service of Tenda CP3 V3.0 firmware V31.1.9.991 allows an unauthenticated remote attacker to cause a denial of service via a crafted TEARDOWN request...

6.3AI score0.0041EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-56935

Pimcore is an Open Source Data & Experience Management Platform. Prior to 2025.4.6 and 2026.1.6, the Studio API class definition creation endpoint POST /pimcore-studio/api/class/definition/configuration-view/detail/create is guarded by the objects permission instead of the classes permission,...

7.1CVSS6AI score0.00199EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-56893

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, under certain non-default configurations, processing of PDF uploads could be exploited to obtain RCE on the server. This issue is patched in 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5...

7.5CVSS5.9AI score0.0033EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2 days ago4 views

PT-2026-56906

Name of the Vulnerable Software and Affected Versions Mockoon versions prior to 9.7.0 Description The admin API in commons-server/src/libs/server/admin-api.ts is mounted on the same Express listener as user-defined mock routes and is enabled by default in shipped runtimes. The API lacks...

8.8CVSS6.2AI score0.00173EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2 days ago7 views

PT-2026-56781

Heap-based buffer overflow vulnerability in Samsung Open Source Escargot allows Overflow Buffers. This issue affects Escargot: before ef525f337fafddecde77a3c426212a84bb20cb98...

6.1CVSS6.2AI score0.00116EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2 days ago8 views

PT-2026-56778

Stack-based buffer overflow vulnerability in Samsung Open Source Escargot allows Overflow Buffers. This issue affects Escargot: before b30b63fc63b403907d8137da1c65aaa4521fe74e...

6.1CVSS6.2AI score0.00116EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2 days ago8 views

PT-2026-56780

Access of resource using incompatible type 'type confusion' vulnerability in Samsung Open Source Escargot allows Pointer Manipulation. This issue affects Escargot: before 779f6bedf58f334dec64b0a51ebb724b4708b84a...

6.1CVSS5.9AI score0.00105EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2 days ago6 views

PT-2026-56833

When coupled with the SSL bypass vulnerability, JavaScript can be injected into a WebView in the PayRange version 7.0.7 app. The injection of specific JavaScript function calls allows the attacker to escape the WebView sandbox and perform a number of dangerous actions on the user's device...

6AI score0.00199EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2 days ago6 views

PT-2026-56989

Name of the Vulnerable Software and Affected Versions Hermes WebUI versions prior to 0.51.788 Description An unauthenticated remote code execution issue allows remote attackers to execute arbitrary shell commands. This is achieved by accessing embedded terminal API endpoints without credentials...

9.8CVSS6.7AI score0.00928EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2 days ago6 views

PT-2026-56874

An insufficient input validation vulnerability in the RTSP service of MERCURY MIPC252W v1.0.5 Build 230306 Rel.79931n allows an unauthenticated remote attacker to render an individual TCP connection temporarily unusable via sending an RTSP request with a Content-Length header but no corresponding...

6AI score0.00182EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-56872

MERCURY MIPC252W IP camera v1.0.5 Build 230306 Rel.79931n does not implement nonce expiration in RTSP Digest authentication. An adjacent network attacker can capture a legitimate authentication exchange and replay the nonce and response values in a new connection to bypass authentication without...

6AI score0.00195EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2 days ago8 views

PT-2026-56905

ChatterBot is a machine learning, conversational dialog engine for creating chat bots. Prior to 1.2.14, UbuntuCorpusTrainer.extract uses a predictable home-rooted output directory /ubuntu data/ubuntu dialogs with a check-then-create pattern followed by tar.extractallpath=self.data path, allowing ...

5.5CVSS5.9AI score0.00095EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2 days ago8 views

PT-2026-56774

SOPlanning is vulnerable to SQL injection in the audit retention configuration. An attacker holding parameters all rights can inject SQL commands into the audit configuration form which is then saved. The execution is triggered when the audit functionality is accessed by the attacker or another...

8.6CVSS6.2AI score0.00277EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2 days ago6 views

PT-2026-57002

Name of the Vulnerable Software and Affected Versions Cotonti Siena versions prior to 0.9.27 Description A cross-site request forgery CSRF issue exists where unauthenticated attackers can modify administrator configurations. This occurs because the admin.php config update handler does not invoke...

8.8CVSS6.3AI score0.00175EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2 days ago8 views

PT-2026-56802

Vinchin Backup & Recovery through 9.0.0.86562 contains a stack buffer overflow vulnerability in the ModuleHandShake function of the agentlink server service that allows unauthenticated remote attackers to overwrite the saved return address by supplying an oversized listen uuid field that is...

6.9CVSS6.2AI score0.00463EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-56892

An authenticated administrator may be able to achieve arbitrary code execution on the host system by uploading a malicious file through the Open Source LLM setup feature in the Admin Console. This vulnerability has been addressed in FileMaker Server 26.0.1...

4.9CVSS6.4AI score0.00289EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2 days ago6 views

PT-2026-56790

The Colissimo Officiel : Méthodes de livraison pour WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the updateShippingMethod function registered to the wp ajax lpc order affect AJAX action in versions up to, and including,...

4.3CVSS6AI score0.00196EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2 days ago6 views

PT-2026-57010

Name of the Vulnerable Software and Affected Versions SiYuan versions prior to 3.7.1 Description The '/api/storage/getCriteria' endpoint returns saved search criteria from the data/storage/criteria.json file without applying the publish-access filtering used by other storage endpoints. This allow...

6.5CVSS6.1AI score0.00235EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2 days ago7 views

PT-2026-57006

Name of the Vulnerable Software and Affected Versions GitHub CLI gh versions 2.10.0 through 2.95.0 Description Connecting to a malicious Codespace using the gh codespace jupyter command can lead to command execution. This occurs because the tool opens a JupyterLab URL provided by a process within...

4.4CVSS6.1AI score0.00198EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2 days ago6 views

PT-2026-57007

Name of the Vulnerable Software and Affected Versions SiYuan versions prior to 3.7.1 Description An authenticated user can read workspace secrets and the document database. This occurs because the /snippets/filepath endpoint uses the serveSnippets function in kernel/server/serve.go, which joins a...

7.7CVSS6.1AI score0.00316EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2 days ago8 views

PT-2026-57008

Name of the Vulnerable Software and Affected Versions SiYuan versions prior to 3.7.1 Description SiYuan uses the Lute engine to render note and package content into HTML. A flaw in the sanitization process occurs because the dangerous javascript scheme block fails to validate the form action and...

8.6CVSS6.1AI score0.00388EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2 days ago7 views

PT-2026-56832

Name of the Vulnerable Software and Affected Versions Open WebUI versions 0.6.16 through 0.9.x Description The Socket.IO server is configured with always connect=True, which allows the ydoc:awareness:update and ydoc:document:leave Socket.IO handlers to accept collaborative-document events without...

6.5CVSS6.1AI score0.00222EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-56896

Hoppscotch is an open source API development ecosystem. Prior to 2026.6.0, mock server creation in mock-server.service.ts does not persist the isPublic input field while schema.prisma defaults isPublic to true, causing mock servers linked to private collections to be publicly accessible without...

7.5CVSS5.9AI score0.00336EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-56900

Ghost is a Node.js content management system. From 6.27.0 before 6.44.0, Ghost's public donation checkout flow allowed an unauthenticated attacker to control donation checkout metadata and obtain full paid gift memberships for a minimal payment without exposing customer or member data or stealing...

5.3CVSS5.8AI score0.00257EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-56902

Metabase is an open-source business intelligence and embedded analytics tool. Prior to 1.58.15, 1.59.12, 1.60.6.3, and 1.61.1.4, Metabase instances with an H2 database connection, including the default sample database, deserialize arbitrary Java objects returned in H2 native query result columns ...

9.9CVSS6.2AI score0.00447EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2 days ago7 views

PT-2026-56897

Name of the Vulnerable Software and Affected Versions Hoppscotch versions prior to 2026.6.0 Description The updateInfraConfigs GraphQL mutation in admin/infra.resolver.ts accepts an attacker-controlled MAILER SMTP URL value. Additionally, the validateSMTPUrl function in utils.ts permits path,...

7.2CVSS6.3AI score0.00518EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-56898

Name of the Vulnerable Software and Affected Versions Ruflo versions prior to 3.16.3 Description The default docker-compose deployment exposes the MCP bridge endpoints 'POST /mcp' and 'POST /mcp/:group' without authentication. This allows an unauthenticated network attacker to invoke the terminal...

10CVSS6.1AI score0.00442EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-56985

An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine PFE of Juniper Networks Junos OS on MX Series allows adjacent subscribers to bypass configured firewall filters. On MX Series devices with MPC10/11, LC4800/9600, and MX304 with subscribers...

5.3CVSS6AI score0.00238EPSS
Exploits0References2
Total number of security vulnerabilities184315