184382 matches found
PT-2026-51701
The Cornerstone WordPress plugin before 7.8.9 does not enforce capability checks on one of its REST API routes, allowing any authenticated user to disclose the metadata of any other user, including roles, session token previews and stored billing/shipping fields. This affects the premium co...
PT-2026-51683
Name of the Vulnerable Software and Affected Versions EntreDroppers versions prior to 1.1.3 Description Insufficient input sanitization and output escaping allow unauthenticated attackers to perform Reflected Cross-Site Scripting. This occurs when the PHP SELF parameter reflects attacker-controll...
PT-2026-51822
A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled input before generating HTML output in the Audit Trail component...
PT-2026-51845
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the drm/xe/dma-buf subsystem involving race conditions when handling the invalidate mappings hook during buffer object initialization and attachment. These races occur...
PT-2026-52114
Name of the Vulnerable Software and Affected Versions Appsmith versions prior to 2.1 Description An authenticated user can craft outbound requests that reach loopback-bound services inside the container. This occurs because the outbound HTTP host filter applied by WebClientUtils used by the REST...
PT-2026-52094
🚨 CVE-2026-45689 Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7.10.11, an unauthenticated network attacker obtains a valid Rocket.Chat OAuth access token for an arbitrary user by sending a single...
PT-2026-51961
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the pci epf alloc doorbell function where the allocated doorbell message array is stored in epf-db msg and epf-num db before MSI vectors are requested. If the MSI...
PT-2026-51925
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the BPF Berkeley Packet Filter subsystem where the arena alloc pages function accepts an integer node id and forwards it through the allocation chain without performin...
PT-2026-51922
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An error pointer dereference exists in the USB Type-C subsystem. The cd321x update work function checks if the tps-partner variable is an error pointer; however, if an error is detected,...
PT-2026-51924
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the Renesas I3C master driver. The xfer structure allocated by the renesas i3c alloc xfer function is not properly freed within the renesas i3c i3c xfers function...
PT-2026-51843
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the drm/ttm component where a backup failure can lead to an infinite LRU Least Recently Used walk within the ttm bo shrink function. This occurs because the del bulk...
PT-2026-52008
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Linux kernel where the perf allow kernel function is called from the IBS NMI handler. Calling this function within the NMI Non-Maskable Interrupt context is unsafe...
PT-2026-51771
Capgo before 12.128.2 enforces mandatory two-factor authentication only at the UI level. Sensitive Organization ORG management API endpoints e.g., editing organization details, inviting users do not validate 2FA completion on the backend. An authenticated Admin user who has not enabled 2FA can...
PT-2026-52096
Name of the Vulnerable Software and Affected Versions Rocket.Chat versions prior to 8.5.0 Rocket.Chat versions prior to 8.4.1 Rocket.Chat versions prior to 8.3.3 Rocket.Chat versions prior to 8.2.3 Rocket.Chat versions prior to 8.1.4 Rocket.Chat versions prior to 8.0.5 Rocket.Chat versions prior ...
PT-2026-52117
Name of the Vulnerable Software and Affected Versions Rocket.Chat versions prior to 8.5.1 Rocket.Chat versions prior to 8.4.4 Rocket.Chat versions prior to 8.3.6 Rocket.Chat versions prior to 8.2.6 Rocket.Chat versions prior to 8.1.6 Rocket.Chat versions prior to 8.0.7 Rocket.Chat versions prior ...
PT-2026-51973
In the Linux kernel, the following vulnerability has been resolved: net sched: fix skb memory leak in deferred qdisc drops When the network stack cleans up the deferred list via qdisc run end, it operates on the root qdisc. If the root qdisc do not implement the TCQ F DEQUEUE DROPS flag the packe...
PT-2026-51911
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A data loss issue exists in the f2fs file system when fsync is performed on a newly created file concurrently with a checkpoint operation. The problem occurs because the f2fs need inode...
PT-2026-51913
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An inverted condition exists in the ccu mix trigger fc function. This flaw causes the system to skip the frequency change trigger, which can lead to kernel panics during cpufreq scaling,...
PT-2026-52036
Name of the Vulnerable Software and Affected Versions AnythingLLM versions 1.11.1 through 1.14.0 Description An issue exists where the application fails to perform ownership checks when deleting parsed files. Specifically, the 'POST /api/workspace/:slug/embed-parsed-file/:fileId' endpoint deletes...
PT-2026-52074
Name of the Vulnerable Software and Affected Versions @tryghost/activitypub versions prior to 3.1.0 Description The ActivityPub client in Ghost is susceptible to JavaScript injection. This occurs when the client processes posts shared by a maliciously customized ActivityPub server, allowing the...
PT-2026-51768
Capgo before 12.128.2 contains a broken authentication vulnerability in its API key generation mechanism. API keys are exposed in frontend requests, and the backend fails to validate that keys are securely generated and bound to the authenticated user. An attacker can tamper with the API key...
PT-2026-51780
Capgo before 12.128.2 contains a denial of service vulnerability in the /auth/v1/otp endpoint that prevents email verification for two-factor authentication due to captcha validation failures. Authenticated users cannot complete 2FA enrollment as the backend consistently returns HTTP 500 errors...
PT-2026-51765
Capgo before 12.128.2 contains a cross-domain SSO account takeover vulnerability in the provision-user endpoint that allows attackers to merge arbitrary victim accounts based on email match without validating SSO provider domain authorization. An attacker with enterprise org admin access and a...
PT-2026-51769
Capgo before 12.128.2 allows non-admin API keys to read webhook signing secrets via Supabase REST due to insufficient row-level security policies on the webhooks table. Attackers can retrieve the webhook secret and forge valid X-Capgo-Signature headers to send authenticated webhook events to...
PT-2026-52089
Name of the Vulnerable Software and Affected Versions AutoGPT versions prior to 0.6.52 Description The Fill Text Template block is susceptible to a Denial of Service DoS attack. Although the backend utilizes a SandboxedEnvironment to block unauthorized attribute access, such as class , it does no...
PT-2026-52126
Name of the Vulnerable Software and Affected Versions ATEN Unizon affected versions not specified Description An issue exists where the software fails to properly verify cryptographic signatures, allowing authenticated remote attackers to execute arbitrary code in the context of SYSTEM. The flaw ...
PT-2026-51736
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in FunnelKit Funnel Builder by FunnelKit allows Blind SQL Injection. This issue affects Funnel Builder by FunnelKit: from n/a through 3.15.0.5...
PT-2026-52121
Name of the Vulnerable Software and Affected Versions ATEN Unizon affected versions not specified Description A directory traversal flaw exists in the updateLicense method, where a lack of proper validation of user-supplied paths allows authenticated remote attackers to delete arbitrary files. Th...
PT-2026-52122
Name of the Vulnerable Software and Affected Versions ATEN Unizon affected versions not specified Description A directory traversal flaw exists in the uploadSSL method, where the system fails to properly validate user-supplied paths before performing file operations. This allows authenticated...
PT-2026-52179
Summary Description An Improper Authorization CWE-285 issue in OpenAM's Liberty Web Services SOAP receiver allows an unauthenticated remote attacker to write persistent entries into the Liberty Discovery store on any user's LDAP entry, and into a shared root-realm Discovery branch. This impacts...
PT-2026-51668
Name of the Vulnerable Software and Affected Versions Post Duplicator versions prior to 3.0.15 Description Users with Contributor-level access and above can perform a PHP Object Injection. This occurs because the plugin fails to safely handle custom meta-data during post duplication, storing...
PT-2026-52090
Name of the Vulnerable Software and Affected Versions FOSSBilling versions prior to 0.8.0 Description FOSSBilling exposes a guest API endpoint '/api/guest/staff/create' designed for initial administrator bootstrap. A flawed guard check using the is countable function on a value that returns a Mod...
PT-2026-52051
Out of bounds read and write in BlinkInterestGroups in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...
PT-2026-51666
Name of the Vulnerable Software and Affected Versions AI Share & Summarize versions prior to 2.0.4 Description Users with the Contributor role and above can perform Stored Cross-Site Scripting XSS attacks. This occurs because the plugin fails to sanitize and escape certain shortcode attributes,...
PT-2026-51827
Name of the Vulnerable Software and Affected Versions Frappe Framework version 17.0.0-dev Description A Reflected Cross-Site Scripting XSS issue occurs in the dashboard-view component due to improper neutralization of user-controlled input during breadcrumb rendering. Reflected XSS is a type of...
PT-2026-51664
Name of the Vulnerable Software and Affected Versions Email JavaScript Cloak versions prior to 1.04 Description The Email JavaScript Cloak plugin for WordPress contains a Stored Cross-Site Scripting issue. This occurs due to insufficient input sanitization and output escaping on user-supplied...
PT-2026-51688
Name of the Vulnerable Software and Affected Versions MIR blocks and shortcodes versions prior to 1.0.1 Description The MIR blocks and shortcodes plugin for WordPress contains a Stored Cross-Site Scripting issue. Authenticated attackers with contributor-level access or higher can inject arbitrary...
PT-2026-51681
Name of the Vulnerable Software and Affected Versions SearchPlus versions prior to 1.7.2 Description The SearchPlus plugin for WordPress allows unauthenticated users to modify or delete stored data. This occurs because the searchplus save token action callback and searchplus reset token action...
PT-2026-51670
Name of the Vulnerable Software and Affected Versions Bulk SEO Image versions prior to 1.2 Description The Bulk SEO Image plugin for WordPress is subject to Cross-Site Request Forgery. This occurs because the settings page handler BulkSeoImage lacks proper nonce validation—a security token used t...
PT-2026-51700
Name of the Vulnerable Software and Affected Versions WP Meta SEO versions prior to 4.5.19 Description Unauthenticated Stored Cross-Site Scripting occurs when the wpmsTemplateRedirect hook detects a 404 error. The plugin concatenates $ SERVER'HTTP HOST' with the raw $ SERVER'REQUEST URI' and...
PT-2026-51675
Name of the Vulnerable Software and Affected Versions SignUp & SignIn plugin for WordPress versions prior to 1.0.1 Description The SignUp & SignIn plugin for WordPress contains an authentication bypass that allows unauthenticated attackers to take over any account, including administrator account...
PT-2026-51684
Name of the Vulnerable Software and Affected Versions Advance Nav Menu Manager versions prior to 1.4 Description The Advance Nav Menu Manager plugin for WordPress contains an authorization bypass. The issue occurs because the plugin fails to properly verify if a user is authorized to perform...
PT-2026-51673
Name of the Vulnerable Software and Affected Versions URL Preview plugin for WordPress versions prior to 1.1 Description The plugin is susceptible to Server-Side Request Forgery SSRF, a flaw where an attacker can force the server to make requests to an unintended location. Unauthenticated attacke...
PT-2026-51698
Name of the Vulnerable Software and Affected Versions Reviews and Rating – Docplanner plugin for WordPress versions prior to 1.1.5 Description An authorization bypass exists because the plugin fails to properly verify if a user is authorized to perform specific actions. Authenticated attackers wi...
PT-2026-51766
Capgo before 12.128.2 contains a broken object level authorization BOLA vulnerability in the POST /build/start/:jobId and POST /build/cancel/:jobId endpoints. The handlers authorize the request based only on the attacker-controlled app id supplied in the request body and never verify that the job...
PT-2026-51785
Name of the Vulnerable Software and Affected Versions hono versions prior to 4.12.14 Description An HTML injection issue exists in the JSX server-side rendering SSR process. Attackers can inject unintended HTML by using malformed attribute names. By crafting attribute keys that include characters...
PT-2026-51702
Name of the Vulnerable Software and Affected Versions Cornerstone WordPress plugin versions prior to 7.8.8 Description The premium Cornerstone page builder, bundled with the X theme, fails to enforce capability checks on a CSS-preview request handler. Additionally, the nonce required to call this...
PT-2026-51689
Name of the Vulnerable Software and Affected Versions Osiris Signature Banner versions prior to 0.6 Description The Osiris Signature Banner plugin for WordPress contains a Cross-Site Request Forgery CSRF flaw. This occurs because of missing or incorrect nonce validation—a security token used to...
PT-2026-51958
Name of the Vulnerable Software and Affected Versions Linux kernel version 6.19.0-rc7 Description In passthrough mode, a null pointer dereference occurs when dm-cache attempts to invalidate a cache entry while a concurrent write to the same cached block causes the bio prison cell lock to fail. In...
PT-2026-51662
Name of the Vulnerable Software and Affected Versions GeoVision GV-I/O Box 4E version 2.09 Description OS command injection flaws exist in the libNetSetObj.so internal library, which is used to configure the network stack. A remote attacker can execute arbitrary commands by sending a specially...