184569 matches found
PT-2026-51231
Craft CMS contains a stored cross-site scripting XSS vulnerability in the editableTable.twig component when using the 'Row Heading' column type. The application fails to sanitize input within row heading default values, allowing an attacker with an administrator account with allowAdminChanges...
PT-2026-51213
Name of the Vulnerable Software and Affected Versions BerriAI litellm versions prior to 1.82.3 Description Improper authorization occurs in the ui view users function located in the litellm/proxy/management endpoints/internal user endpoints.py file. This flaw allows a remote attacker to bypass...
PT-2026-51225
Capgo before 12.128.2 contains an authentication bypass vulnerability in the /build/upload/:jobId/ endpoint that allows unauthenticated attackers to trigger consistent 500 errors. Remote attackers can send OPTIONS requests to bypass authentication middleware and invoke tusProxy logic with invalid...
PT-2026-51269
Name of the Vulnerable Software and Affected Versions The product name cannot be determined. Description Information regarding the nature of the issue is not provided in the available sources. Recommendations At the moment, there is no information about a newer version that contains a fix for thi...
PT-2026-51239
Name of the Vulnerable Software and Affected Versions libexpat versions prior to 2.8.2 Description An integer overflow exists in the storeAtts function. An integer overflow occurs when an arithmetic operation attempts to create a numeric value that is outside of the range that can be represented...
PT-2026-54955
lopdf::Document::load mem and the other load entry points parses nested PDF arrays and dictionaries with unbounded recursion. A small crafted PDF whose Catalog contains a deeply nested array /X … , on the order of 10,000 levels exhausts the call stack and aborts the process with SIGABRT. Because...
PT-2026-51234
Name of the Vulnerable Software and Affected Versions Craft CMS versions 4.0.0-RC1 through 4.17.0-beta.1 Craft CMS versions 5.0.0-RC1 through 5.9.0-beta.1 Description Stored cross-site scripting occurs when settings names and field option labels are rendered without sanitization, specifically...
PT-2026-51264
Name of the Vulnerable Software and Affected Versions langflow-ai langflow versions prior to 1.9.4 Description An issue exists in the Bundle URL Loader component where manipulation of an unknown function allows for code injection. This attack must be performed locally. Recommendations At the...
PT-2026-51210
Name of the Vulnerable Software and Affected Versions BerriAI litellm versions prior to 1.82.3 Description An issue exists in the SSO Authentication Flow component within the get redirect response from openid function of the litellm/proxy/management endpoints/ui sso.py file. Remote manipulation o...
PT-2026-51229
Name of the Vulnerable Software and Affected Versions Craft CMS versions 5.0.0-RC1 and later Description A stored cross-site scripting issue exists in the User Permissions page. The software fails to properly perform HTML escaping when rendering user group names. This allows attackers with...
PT-2026-51252
Name of the Vulnerable Software and Affected Versions lemonldap-ng versions prior to 2.23.1 Description An issue exists in the SAML Common Domain Cookie Endpoint within the library lemonldap-ng-portal/lib/Lemonldap/NG/Portal/CDC.pm. A remote attacker can perform a manipulation of the url argument...
PT-2026-51256
A vulnerability was identified in Edimax BR-6478AC V2 1.23. Affected is the function wiz 5in1 redirect of the file /goform/wiz 5in1 redirect of the component POST Request Handler. Such manipulation of the argument newpass leads to command injection. The attack can be launched remotely. The exploi...
PT-2026-51203
Name of the Vulnerable Software and Affected Versions Edimax BR-6478AC V2 version 1.23 Description A buffer overflow can be triggered remotely via the POST Request Handler. The issue exists within the formWlSiteSurvey function located in the /goform/formWlSiteSurvey file, specifically through the...
PT-2026-51219
Capgo CLI before 12.128.2 contains arbitrary file overwrite vulnerabilities in login and build credentials operations that follow symlinks without validation. Attackers can create malicious symlinks in repositories to overwrite arbitrary files or expose credentials with world-readable permissions...
PT-2026-51230
Name of the Vulnerable Software and Affected Versions Craft CMS versions 5.5.0 through 5.9.13 Description An issue exists in the FieldsController::actionRenderCardPreview method where the fieldLayoutConfig POST parameter is passed directly to Fields::createLayout without being processed by...
PT-2026-51222
Name of the Vulnerable Software and Affected Versions Capgo versions prior to 12.128.2 Description A broken row level security RLS policy in the org users table allows authenticated users to elevate their privileges from admin to super admin. This insufficient RLS enforcement enables attackers to...
PT-2026-51253
Name of the Vulnerable Software and Affected Versions OFFIS DCMTK versions prior to 3.7.1 Description A heap-based buffer overflow can occur in the XMLNode::parseFile function within the ofstd/libsrc/ofxml.cc library. This issue allows a remote attacker to execute a manipulation that leads to the...
PT-2026-51259
Name of the Vulnerable Software and Affected Versions Radware Cyber Controller versions prior to 10.11.0 Description An issue exists within the HTML Report Generation component that allows for HTML injection. This flaw can be exploited remotely to inject malicious HTML code into reports...
PT-2026-51245
Name of the Vulnerable Software and Affected Versions libexpat versions prior to 2.8.2 Description The xmlwf tool contains an integer overflow related to the output filename when the -d outputDir option is utilized. An integer overflow occurs when a mathematical operation results in a value that...
PT-2026-51233
Name of the Vulnerable Software and Affected Versions Craft CMS versions 5.0.0-RC1 through 5.9.13 Craft CMS versions 4.0.0-RC1 through 4.17.7 Description An authorization bypass exists in the 'assets/preview-file' endpoint. The system fails to enforce per-asset view authorization before returning...
PT-2026-51218
Name of the Vulnerable Software and Affected Versions Capgo versions prior to 12.128.2 Description An authorization bypass exists in the '/build/status' and '/build/logs' endpoints. Attackers can access build jobs belonging to different applications by providing a mismatched app id and job id...
PT-2026-51236
Name of the Vulnerable Software and Affected Versions SiYuan versions prior to 3.6.1 Description SiYuan fails to sanitize package metadata and README content within the Bazaar marketplace. This allows malicious authors to inject arbitrary HTML and JavaScript into the displayName, description, or...
PT-2026-51263
A vulnerability was determined in FlowiseAI Flowise up to 3.1.2. The impacted element is an unknown function of the file packages/components/nodes/documentloaders/S3/S3.ts of the component S3 Document Loader. Executing a manipulation can lead to path traversal. It is possible to launch the attack...
PT-2026-51238
SiYuan before v3.6.1 fails to sanitize package metadata and README content in the Bazaar marketplace, allowing malicious package authors to inject arbitrary HTML and JavaScript. Attackers can achieve remote code execution on any user browsing the Bazaar by embedding XSS payloads in package...
PT-2026-51242
Name of the Vulnerable Software and Affected Versions libexpat versions prior to 2.8.2 Description An integer overflow occurs in the XML ParseBuffer function because it lacks a specific check that is implemented in the XML Parse function. Recommendations Update to version 2.8.2 or later...
PT-2026-51235
Name of the Vulnerable Software and Affected Versions Craft CMS versions 4.0.0-RC1 and later Description An authenticated path traversal flaw exists in the 'assets/icon' endpoint. The issue occurs because the extension parameter is not validated before the system performs file existence checks. A...
PT-2026-51247
Name of the Vulnerable Software and Affected Versions libexpat versions prior to 2.8.2 Description The xmlwf component contains an integer overflow in the endDoctypeDecl function. This issue is triggered via NOTATION declarations, which are used in XML to define the format of non-XML data...
PT-2026-51228
Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-15 ImageMagick versions prior to 6.9.13-40 Description A heap out-of-bounds read exists in the PCD coder's DecodeImage loop. A specially crafted PCD file can trigger a one-byte heap out-of-bounds read during...
PT-2026-51254
Name of the Vulnerable Software and Affected Versions Edimax BR-6478AC V2 version 1.23 Description Command injection can be triggered remotely via the POST Request Handler component. The issue exists within the setWAN function located in the '/goform/setWAN' endpoint. Manipulation of the...
PT-2026-51257
Name of the Vulnerable Software and Affected Versions Edimax BR-6478AC V2 version 1.23 Description A security flaw in the POST Request Handler component allows for remote command injection. This occurs through the manipulation of the command argument within the mp function of the '/goform/mp'...
PT-2026-51221
Name of the Vulnerable Software and Affected Versions Capgo versions prior to 12.128.2 Description An unauthenticated security definer RPC function get identity apikey only returns the owning user id for supplied API keys. This creates an API key validity oracle—a mechanism that allows an attacke...
PT-2026-51212
Name of the Vulnerable Software and Affected Versions BerriAI litellm versions prior to 1.82.3 Description A server-side request forgery SSRF exists in the MCP OpenAPI Spec Loader component. The issue occurs within the load openapi spec async function located in the litellm/proxy/ experimental/mc...
PT-2026-51261
Name of the Vulnerable Software and Affected Versions Comfast CF-WR631AX V3 versions prior to 2.7.0.8 Description A remote OS command injection flaw exists in the API Endpoint component. The issue occurs within the system function of the '/cgi-bin/mbox-config?section=ping config' endpoint when th...
PT-2026-51205
A vulnerability was found in zhilink 智互联深圳科技有限公司 ADP Application Developer Platform 应用开发者平台 1.0.0. This affects an unknown part of the component testConnection Endpoint. The manipulation of the argument jdbcUrl results in deserialization. The attack may be performed from remote. The exploit has...
PT-2026-51208
Name of the Vulnerable Software and Affected Versions BerriAI litellm versions prior to 1.82.3 Description An authentication bypass exists in the SSO Debug Flow component. A remote attacker can manipulate the json.dumps function within the file litellm/proxy/management endpoints/ui sso.py, which...
PT-2026-51196
Name of the Vulnerable Software and Affected Versions BerriAI litellm versions prior to 1.82.3 Description A security flaw exists in the PROXY ADMIN database API Key Generator component within the authenticate user function of the litellm/proxy/auth/login utils.py file. A remote attacker can...
PT-2026-51244
Name of the Vulnerable Software and Affected Versions libexpat versions prior to 2.8.2 Description An integer overflow exists in the copyString function. An integer overflow occurs when an arithmetic operation attempts to create a numeric value that is outside of the range that can be represented...
PT-2026-51255
Name of the Vulnerable Software and Affected Versions Edimax BR-6478AC V2 version 1.23 Description Command injection is possible via the POST Request Handler component. A remote attacker can exploit this by manipulating the interface argument within the stainfo function of the '/goform/stainfo'...
PT-2026-51232
Name of the Vulnerable Software and Affected Versions Craft CMS versions 4.0.0-RC1 through 4.17.7 Craft CMS versions 5.0.0-RC1 through 5.9.13 Description A missing authorization issue exists in the 'assets/preview-thumb' endpoint. A Control Panel user lacking permissions to view a specific privat...
PT-2026-51206
A vulnerability was determined in zhilink 智互联深圳科技有限公司 ADP Application Developer Platform 应用开发者平台 1.0.0. This vulnerability affects unknown code of the file /adpweb/a/base/barcodeDetail/import of the component XML Parser. This manipulation causes xml external entity reference. It is possible to...
PT-2026-51265
Name of the Vulnerable Software and Affected Versions Browserbase versions prior to 20260526 Description An issue exists in the Autobrowse Trace Artifact Handler component where a flaw in an unknown function allows for the manipulation of default permissions, resulting in incorrect permission...
PT-2026-51201
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the ksmbd module, a flaw exists where the conn-binding flag remains set after a SESSION SETUP call. Because this flag is connection-wide, the global session lookup function ksmbd...
PT-2026-51243
Name of the Vulnerable Software and Affected Versions libexpat versions prior to 2.8.2 Description An integer overflow occurs in the doProlog function, specifically related to storeEntityValue and the entity textLen variable. An integer overflow is a condition where an arithmetic operation attemp...
PT-2026-51211
Name of the Vulnerable Software and Affected Versions BerriAI litellm versions prior to 1.82.6 Description An authorization bypass exists in the Completions Interface. The issue occurs within the async pre call hook function located in the enterprise/enterprise hooks/banned keywords.py file. Remo...
PT-2026-51186
Name of the Vulnerable Software and Affected Versions BerriAI litellm versions prior to 1.82.3 Description An issue in the M2M JWT Handler component, specifically within the file litellm/proxy/auth/user api key auth.py, leads to improper authorization. This flaw allows a remote attacker to bypass...
PT-2026-51248
Name of the Vulnerable Software and Affected Versions libexpat versions prior to 2.8.2 Description An issue exists where XML TOK DATA CHARS is not considered in the doCdataSection function. This leads to a lack of handler call depth tracking for various calls from within handlers during policy...
PT-2026-51260
Name of the Vulnerable Software and Affected Versions activepieces versions prior to 0.83.1 Description An issue exists in the File URL Handler component within the handleUrlFile function located in the packages/server/engine/src/lib/variables/processors/file.ts library. This flaw allows for remo...
PT-2026-51173
AVideo through version 26.0 contains multiple unauthenticated list.json.php endpoints in payment plugins lacking authorization checks, exposing PayPal tokens, Authorize.Net webhooks, and Bitcoin transaction records. Unauthenticated attackers can retrieve all payment transaction data including...
PT-2026-51129
@socradar BUT... CVE-2026-42495 IS STILL UNPATCHED https://t.co/fSZ3GvAylZ...
PT-2026-51149
Name of the Vulnerable Software and Affected Versions capgo versions prior to 12.128.2 Description An authorization bypass exists in several Supabase PostgREST RPC functions: get app metrics, get global metrics, and get total metrics. These functions are granted to the anon role without enforcing...