PT-2026-44599

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.216 Description A use after free issue in XR Extended Reality allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape. This is achieved through the us...

PT-2026-43269

e107 is a content management system CMS. Prior to 2.3.5, e107 CMS does not properly enforce CSRF token validation on comment moderation actions. The problem comes down to how session handler::check handles CSRF tokens. Instead of requiring a token on every state-changing request, it only validate...

PT-2026-43404

MaxKB is an open-source AI assistant for enterprise. Prior to 2.9.0, MaxKB's webhook trigger endpoint /api/trigger/v1/webhook/trigger id is accessible without authentication. The WebhookAuth class unconditionally returns None, , which Django REST Framework interprets as successful authentication...

PT-2026-43255

OpenKM 6.3.12 contains a remote code execution vulnerability that allows authenticated administrators to execute arbitrary Java/BeanShell code through the /admin/Scripting endpoint. Attackers can submit malicious script content with an action=Evaluate parameter to execute operating system command...

PT-2026-43375

Name of the Vulnerable Software and Affected Versions IBM Engineering Lifecycle Management versions 7.0.3 through Interim Fix 021 IBM Engineering Lifecycle Management versions 7.1.0 through Interim Fix 009 IBM Engineering Lifecycle Management versions 7.2.0 through Interim Fix 001 Description An...

PT-2026-43253

OpenKM 6.3.12 contains a local file inclusion vulnerability in the administrative scripting interface at /admin/Scripting that allows authenticated administrators to read arbitrary files by supplying an attacker-controlled filesystem path through the fsPath parameter with action=Load. Attackers c...

PT-2026-43293

Name of the Vulnerable Software and Affected Versions com tags affected versions not specified Description Improperly validated order clauses lead to a SQL injection, which occurs when an attacker can interfere with the queries that an application makes to its database. Recommendations At the...

PT-2026-43433

A Server-Side Request Forgery SSRF vulnerability was identified in GitHub Enterprise Server that allowed an attacker to cause the server to issue HTTP requests to internal services via the security advisories package lookup feature. By directing requests to an internal management service and...

PT-2026-43284

Name of the Vulnerable Software and Affected Versions Google Cloud Apigee affected versions not specified Description A flaw in the SetIntegrationRequest policy allows remote attackers to perform Server-Side Request Forgery SSRF, which is a technique where an attacker forces a server to make...

PT-2026-43291

Name of the Vulnerable Software and Affected Versions com users affected versions not specified Description Lack of Cross-Site Request Forgery CSRF token validation—a mechanism used to prevent unauthorized commands from being transmitted from a user the web application trusts—leads to a CSRF atta...

PT-2026-43204

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Dylan Kuhn Geo Mashup allows Stored XSS. This issue affects Geo Mashup: from n/a through 1.13.18...

PT-2026-43189

Missing password field masking vulnerability in Hitachi Ops Center Analyzer Hitachi Ops Center Analyzer detail view, Hitachi Ops Center Analyzer probe modules, Hitachi Ops Center Analyzer viewpoint, Hitachi Infrastructure Analytics Advisor Data Center Analytics, Analytics probe modules. This issu...

PT-2026-43382

Name of the Vulnerable Software and Affected Versions Easyelife App lock version 1.9.2 Description An issue in the application allows a local attacker with physical access to bypass the PIN lock. The lock is implemented as an overlay instead of utilizing Android's secure authentication APIs. By...

PT-2026-43244

IEC 60870-5-104 used in bidirectional mode is vulnerable for a NULL pointer dereferencing, if a specially crafted sequence of messages is sent for a certain time, causing Denial of Service impact. Product is only affected if IEC 60870-5-104 functionality in bidirectional mode BCI is configured...

PT-2026-43266

e107 is a content management system CMS. Prior to 2.3.4, a Broken Access Control vulnerability exists in the application, allowing an unauthorized authenticated user to edit comments posted by others. This stems from inadequate server-side access control validation, where the application depends...

PT-2026-47104

There's a flaw in openjpeg's t2 encoder in versions prior to 2.4.0. An attacker who is able to provide crafted input to be processed by openjpeg could cause a null pointer dereference. The highest impact of this flaw is to application availability...

PT-2026-43292

Name of the Vulnerable Software and Affected Versions com finder affected versions not specified Description Improperly built filter clauses lead to a SQL injection in the search query. SQL injection is a type of vulnerability that allows an attacker to interfere with the queries that an...

PT-2026-43305

Name of the Vulnerable Software and Affected Versions Bugsink versions prior to 2.2.0 Description Bugsink is a self-hosted error tracking tool. A project-boundary authorization issue exists where issue event pages accept a direct event identifier from the URL and retrieve the event without...

PT-2026-43360

A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process...

PT-2026-43199

The affected products perform improper length checking when parsing incoming HTTP requests, resulting in a size-limited out-of-bounds write. An unauthenticated remote attacker can exploit this flaw to cause a denial of service via a system crash on the affected device...

PT-2026-43343

NVIDIA vGPU software contains a vulnerability in the virtual GPU manager, where an attacker could cause a use-after-free for stack memory. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code executi...

PT-2026-43430

Crypt::ScryptKDF versions through 0.010 for Perl uses insecure random number source when no CSPRNG module is available. The random bytes function fell back to using the built-in rand function when none of the Perl modules Crypt::PRNG, Crypt::OpenSSL::Random, Net::SSLeay, Crypt::Random, or...

PT-2026-43187

A weakness has been identified in GNU LibreDWG up to 0.14. The impacted element is the function read 2004 compressed section of the file src/decode.c of the component Dwgbmp Utility. Executing a manipulation can lead to out-of-bounds read. The attack requires local access. The exploit has been ma...

PT-2026-47000

GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3. The earliest affected version is 3.6.4 2018-09-24 because of an error in a 2018-09-18 commit. Until the first key rotation, the TLS...

PT-2026-43332

Name of the Vulnerable Software and Affected Versions NVIDIA Display Driver for Windows and Linux affected versions not specified Description An issue exists where an attacker could leak held driver locks, which may lead to a denial of service a condition where users are unable to access a system...

PT-2026-43438

Name of the Vulnerable Software and Affected Versions Samba affected versions not specified Description A flaw exists in the handling of certificate auto-enrollment Group Policy. When this feature is enabled, Samba may retrieve a CA certificate via an unencrypted HTTP connection and install it in...

PT-2026-43436

Name of the Vulnerable Software and Affected Versions Samba affected versions not specified Description A flaw exists in the handling of NTFS-style reparse points on shares configured with read only = yes. Due to missing SMB-layer access checks, authenticated users who possess underlying filesyst...

PT-2026-43242

Name of the Vulnerable Software and Affected Versions KubeVirt affected versions not specified Description A flaw in the virt-handler component allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation when connecting to virtual...

PT-2026-43247

A weakness has been identified in CodeAstro Leave Management System 1.0. The affected element is an unknown function of the file /admin/add staff.php. Executing a manipulation of the argument email id can lead to sql injection. The attack can be launched remotely. The exploit has been made...

PT-2026-43428

Name of the Vulnerable Software and Affected Versions JeecgBoot versions prior to 3.9.2 Description Improper access controls exist within the AiragModelController component. A remote attacker can exploit this by manipulating the list/queryById argument, leading to unauthorized access...

PT-2026-43416

A security flaw has been discovered in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This affects an unknown function. Performing a manipulation results in cross-site request forgery. The attack is possible to be carried out remotely. The exploit has been released ...

PT-2026-43308

Algernon is a small self-contained pure-Go web server. Prior to 1.17.8, when algernon is started with --domain or --letsencrypt, which silently turns on --domain at engine/flags.go:372, the request handler resolves the served directory by joining the configured --dir with the value of the...

PT-2026-43347

FACTION is a PenTesting Report Generation and Collaboration Framework. Prior to 1.8.3, Faction is vulnerable to stored cross-site scripting XSS via attachment filenames in assessment file preview flows. User-supplied filename values are persisted and later rendered into HTML/attribute contexts...

PT-2026-44503

CVE-2026-42347 - Apache HTTP Server Authentication Bypass CVE ID :CVE-2026-42347 Published : May 26, 2026, 3:16 p.m. | 53 minutes ago Description :Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-28496. Reason: This candidate is a duplicate of CVE-2026-28496. Notes:...

PT-2026-43279

IBM Cognos Analytics 11.2.0, 12.0, and 12.1.0 and IBM Cognos Transformer 12.0, 11.2.4, and 12.1.0 is vulnerable to stored cross-site scripting XSS in Cognos Adminstration. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended...

PT-2026-47115

Stack overflow in lua resume of ldo.c in Lua Interpreter 5.1.05.4.4 allows attackers to perform a Denial of Service via a crafted script file...

PT-2026-47003

A flaw was found in gnutls. A use after free issue in client send params in lib/ext/pre shared key.c may lead to memory corruption and other potential consequences...

PT-2026-43323

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Lack of input filtering in the HTML filter code leads to a Cross-Site Scripting XSS vector. XSS is a flaw that allows an attacker to inject malicious scripts int...

PT-2026-43368

Name of the Vulnerable Software and Affected Versions IBM HTTP Server version 8.5 IBM HTTP Server version 9.0 Description Remote code execution and denial of service are possible in configurations that utilize TLS mutual authentication, also known as client authentication, which is a process wher...

PT-2026-43369

Name of the Vulnerable Software and Affected Versions IBM HTTP Server version 8.5 IBM HTTP Server version 9.0 Description An issue exists that allows a denial of service in configurations where an attacker possesses write access to portions of the server configuration. Recommendations At the...

PT-2026-43238

When the DLP is active, the UserCheck Web Portal contains an input-handling issue in the UserChoice flow. Under specific conditions, an attacker who can access the UserCheck Ask page could attempt to manipulate the Security Gateway's stored DLP/UserCheck incident information. This could lead to...

PT-2026-47108

OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj t1 clbl decode processor in openjp2/t1.c because of lack of opj j2k update image dimensions validation...

PT-2026-43357

Name of the Vulnerable Software and Affected Versions Eppendorf BioFlo 320 affected versions not specified Description The VNC server uses a hard-coded password. A remote attacker who knows the network address of a device with remote access enabled can use this password to gain full control of th...

PT-2026-47099

jp2/opj decompress.c in OpenJPEG through 2.3.1 has a use-after-free that can be triggered if there is a mix of valid and invalid files in a directory operated on by the decompressor. Triggering a double-free may also be possible. This is related to calling opj image destroy twice...

PT-2026-43427

Name of the Vulnerable Software and Affected Versions SourceCodester eDoc Doctor Appointment System version 1.0 Description An issue exists in the '/admin/delete-session.php' endpoint where manipulation of the ID argument leads to missing authorization. This allows for remote exploitation of the...

PT-2026-43364

Name of the Vulnerable Software and Affected Versions IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty versions 8.5 through 9.0 Description Remote code execution is possible in the Web Server Plug-ins when processing a specially crafted request. This issue allows an...

PT-2026-43240

When Compliance is enabled on Check Point Multi-Domain Management, an authenticated administrator with read-write access to one Management Domain CMA can modify stored metadata associated with Compliance Best Practices in another Management Domain, where the administrator has no access permission...

PT-2026-43383

Missing Authorization vulnerability in bPlugins Tiktok Feed allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Tiktok Feed: from n/a through 1.0.24...

PT-2026-43211

Name of the Vulnerable Software and Affected Versions Xibo CMS versions prior to 4.4.2 Description A vulnerability chain involving Stored Cross-Site Scripting XSS and Iframe Sandbox escape exists in the Xibo CMS. Users with DataSet permissions can utilize the Data Connector functionality to craft...

PT-2026-47110

A flaw was found in the opj2 decompress program in openjpeg2 2.4.0 in the way it handles an input directory with a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls free on an uninitialized pointer, leading to a segmentation fault an...