175429 matches found
PT-2026-42806
HP ENVY 5000 series printers VERBASPP1N003.2237A.00 do not properly manage concurrent TCP connections to port 9100 JetDirect/RAW printing. An unauthenticated remote attacker on the same network can establish a persistent connection to port 9100 and send keep-alive packets, causing the printer's...
PT-2026-42818
TypeBot is a chatbot builder tool. Versions 3.15.2 and prior contain an SSRF via Open Redirect Bypass as the HTTP Request block and Code block validate the initial request URL via validateHttpReqUrl to block private IPs and cloud metadata hostnames. However, the HTTP clients ky and fetch follow 3...
PT-2026-42805
Buffer Overflow vulnerability in Easy Chat Server 3.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via the chat message functionality...
PT-2026-42819
Name of the Vulnerable Software and Affected Versions Arm ArmNN versions prior to 2026-03-28 Description An integer overflow exists in the TensorShape::GetNumElements function within armnn/Tensor.cpp. This occurs when tensor dimensions are multiplied using 32-bit unsigned arithmetic without...
PT-2026-42810
Name of the Vulnerable Software and Affected Versions YesWiki versions prior to 4.6.4 Description An unauthenticated SQL injection exists in the Bazar form-import functionality. An unauthenticated visitor can inject arbitrary SQL into an INSERT statement via the FormManager::create function. This...
PT-2026-42816
Name of the Vulnerable Software and Affected Versions Kiro CLI versions prior to 1.28.0 Description Missing input source validation in the tool authorization prompt allows a local attacker to execute arbitrary tools, including shell commands, without user approval. This is achieved by crafting...
PT-2026-42801
Sunshine is a self-hosted game stream host for Moonlight. In versions prior to 2026.516.143833, the client-certificate authentication can be bypassed because of how OpenSSL verification results are handled. In src/crypto.cpp, the custom verify callback treats X509 V ERR UNABLE TO GET ISSUER CERT...
PT-2026-42829
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description The NewNTUnicodeString function does not check for string length overflow. When provided with a string that exceeds the maximum size of a NTUnicodeString a 16-bi...
PT-2026-42831
Name of the Vulnerable Software and Affected Versions Docker Model Runner on macOS affected versions not specified Description The MLX inference backend uses the MLX-LM library, which imports and executes arbitrary Python files from model directories via the model file configuration field in the...
PT-2026-42827
Name of the Vulnerable Software and Affected Versions authentik versions prior to 2025.12.5 authentik versions 2026.2.0-rc1 through 2026.2.2 Description The 'PATCH /api/v3/core/users/pk/' API allows a caller with change user permissions on a target user to assign arbitrary groups via...
PT-2026-42824
Name of the Vulnerable Software and Affected Versions TypeBot versions prior to 3.16.0 Description An issue in the bot engine's findResult query fails to filter results by typebotId. This allows an authenticated user to load result data, including user answers and variable values, from a differen...
PT-2026-42830
Name of the Vulnerable Software and Affected Versions Docker Model Runner on macOS affected versions not specified Description The vllm-metal inference backend unconditionally sets trust remote code=True when loading model tokenizers and operates without sandboxing. This allows the...
PT-2026-42828
Name of the Vulnerable Software and Affected Versions PCManFM-Qt versions 1.1.0 and later Description An issue exists where PCManFM-Qt delegates to a different program based on file type without user confirmation when a regular file path is passed as a URI in the...
PT-2026-42825
Name of the Vulnerable Software and Affected Versions TypeBot versions prior to 3.17.0 Description The WhatsApp Cloud API webhook endpoint 'POST /v1/workspaces/workspaceId/whatsapp/credentialsId/webhook' fails to verify the x-hub-signature-256 HMAC signature provided by Meta. Because the...
PT-2026-42826
Name of the Vulnerable Software and Affected Versions authentik versions prior to 2025.12.5 authentik versions 2026.2.0-rc1 through 2026.2.2 Description Authenticated non-admin users possessing at least one OAuth2 access token can retrieve the client secret of confidential OAuth2 providers they...
PT-2026-42849
Name of the Vulnerable Software and Affected Versions Microsoft Entra ID affected versions not specified Description An origin validation error in Microsoft Entra ID allows an unauthorized attacker to elevate privileges over a network. Recommendations At the moment, there is no information about ...
PT-2026-42848
Name of the Vulnerable Software and Affected Versions M365 Copilot affected versions not specified Description Improper neutralization of special elements used in a command, known as command injection, allows an unauthorized attacker to disclose information over a network. Recommendations At the...
PT-2026-42846
Name of the Vulnerable Software and Affected Versions Microsoft Copilot affected versions not specified Description Improper neutralization of special elements used in a command, known as command injection, allows an unauthorized attacker to perform tampering over a network. Recommendations At th...
PT-2026-42839
Name of the Vulnerable Software and Affected Versions Azure Entra ID affected versions not specified Description Improper privilege management allows an unauthorized attacker to elevate privileges over a network. Recommendations At the moment, there is no information about a newer version that...
PT-2026-42843
Name of the Vulnerable Software and Affected Versions Azure Virtual Network Gateway affected versions not specified Description Improper input validation allows an authorized attacker to execute code over a network. Recommendations At the moment, there is no information about a newer version that...
PT-2026-42838
Name of the Vulnerable Software and Affected Versions Microsoft Power Pages affected versions not specified Description Improper neutralization of special elements used in a command allows an unauthorized attacker to execute code over a network via command injection, which is the execution of...
PT-2026-42844
Name of the Vulnerable Software and Affected Versions Azure Orbital Spatio affected versions not specified Description Unrestricted upload of files with dangerous types allows an unauthorized attacker to execute code over a network. Recommendations At the moment, there is no information about a...
PT-2026-42837
Name of the Vulnerable Software and Affected Versions RT versions 5.0.0 through 5.0.9 RT versions 6.0.0 through 6.0.2 Description An authenticated user can craft input that is incorporated into database queries without proper validation, potentially allowing them to read or modify data in the...
PT-2026-42840
Name of the Vulnerable Software and Affected Versions Azure Compute Gallery affected versions not specified Description Improper input validation allows an authorized attacker to disclose information over a network. Recommendations At the moment, there is no information about a newer version that...
PT-2026-42845
Name of the Vulnerable Software and Affected Versions RT versions prior to 5.0.10 RT versions 6.0.0 through 6.0.2 Description An authentication bypass exists in installations using LDAP/AD for user authentication. Under specific LDAP server configurations, an attacker can authenticate as any...
PT-2026-42841
Name of the Vulnerable Software and Affected Versions Microsoft Azure Active Directory B2C affected versions not specified Description An authentication bypass exists via an alternate path or channel, which allows an unauthorized attacker to elevate privileges over a network. Recommendations At t...
PT-2026-42847
Name of the Vulnerable Software and Affected Versions Microsoft Planetary Computer Pro affected versions not specified Description Deserialization of untrusted data allows an unauthorized attacker to disclose information over a network. Deserialization is the process of converting a data stream...
PT-2026-42835
Name of the Vulnerable Software and Affected Versions RT versions prior to 5.0.10 RT versions 6.0.0 through 6.0.2 Description User-controlled data in spreadsheet exports is not sanitized before being written to the output file. This allows spreadsheet applications to interpret crafted values as...
PT-2026-42834
Name of the Vulnerable Software and Affected Versions libheif versions prior to 1.22.0 Description A heap-buffer-overflow out-of-bounds read occurs in the SampleAuxInfoReader constructor when parsing a crafted HEIF sequence file. The issue arises because the constructor iterates over the number o...
PT-2026-42833
Name of the Vulnerable Software and Affected Versions libheif versions prior to 1.21.3 Description An out-of-bounds read can occur in the core sequence parsing logic when processing a malformed HEIF sequence file, leading to a Denial of Service DoS. This happens when a file has stco.entry count s...
PT-2026-42832
Name of the Vulnerable Software and Affected Versions TP-Link range extenders affected versions not specified Description An authentication logic flaw allows an unauthenticated attacker on an adjacent network to reset the administrator password due to insufficient validation of a login parameter...
PT-2026-42836
Name of the Vulnerable Software and Affected Versions RT versions 6.0.0 through 6.0.2 Description RT is an open source, enterprise-grade issue and ticket tracking system. A Cross-Site Request Forgery CSRF flaw allows an attacker to induce a logged-in user to visit a malicious web page, triggering...
PT-2026-42857
Summary Flask-Security-Too 5.8.0's OAuth reauthentication flow can mark a session as fresh after verifying an OAuth account that belongs to a different user. If an attacker can operate an already-authenticated but stale victim session, they can complete OAuth verification using their own OAuth...
PT-2026-42856
A malicious archive with ../ path segments in its name allows escaping the current working directory. This is not desired behavior, and tar1 rejects such extractions, but ocaml-tar decompresses it anyway. The impact is that it allows arbitrary file write outside of the desired extraction director...
PT-2026-42930
CVE-2026-5297 - Here is a title for the vulnerability: Apache Struts Deserialization Remote Code Execution Vulnerability CVE ID :CVE-2026-5297 Published : May 21, 2026, 11:16 p.m. | 2 hours, 24 minutes ago Description :Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numberi...
PT-2026-42712
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description The in-memory keyring returned by the NewKeyring function silently accepted keys with the ConfirmBeforeUse constraint but failed to enforce it. This allowed keys...
PT-2026-42737
The AudioIgniter plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 2.0.2. This is due to the handle playlist endpoint function hooked to template redirect accepting a user-controlled playlist ID via the audioigniter playlist id query var or t...
PT-2026-42775
An improper certificate validation vulnerability in Ivanti Secure Access Client before 22.8R6 allows a remote unauthenticated attacker to execute arbitrary code...
PT-2026-42799
Mattermost versions 11.6.x = 11.6.0, 11.5.x = 11.5.3, 11.4.x = 11.4.4, 10.11.x = 10.11.14 fail to validate the OAuth token scope on the callback which allows an authenticated Mattermost user to gain access to private repositories via modifying the scope parameter in the GitHub authorization URL...
PT-2026-42820
TypeBot is a chatbot builder tool. In versions 3.15.2, the getLinkedTypebots API endpoint returns full bot definitions to any authenticated user who references a target bot ID in a Typebot Link block, regardless of workspace ownership, leading to IDOR. The authorization check uses Array.filter wi...
PT-2026-42779
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Parsing arbitrary HTML can consume excessive CPU time, which may lead to a denial of service a condition where a system becomes unavailable to its intended users...
PT-2026-42784
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Parsing arbitrary HTML that is subsequently rendered using the Render function can lead to the creation of an unexpected HTML tree. This behavior can be exploite...
PT-2026-42715
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A failure occurred where a revoked SignatureKey belonging to a Certificate Authority CA was not correctly checked for revocation. The issue involves the validati...
PT-2026-45157
Name of the Vulnerable Software and Affected Versions Twig affected versions not specified Description The TwigProfilerDumperHtmlDumper component fails to escape the output of Profile::getTemplate and Profile::getName when writing to HTML. If an attacker can control the template name—which may...
PT-2026-44547
Description The Mailtrap mailer bridge ships a webhook request parser used to authenticate and decode the event callbacks Mailtrap POSTs to an application's webhook endpoint. Its doParseRequest $request, SensitiveParameter string $secret method receives the configured webhook secret but never rea...
PT-2026-45158
Name of the Vulnerable Software and Affected Versions Twig affected versions not specified Description SandboxNodeVisitor fails to fully enforce SecurityPolicy::checkMethodAllowed for implicit toString calls because the set of wrapped AST nodes in CheckToStringNode is incomplete. This allows a...
PT-2026-42498
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in ics205.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the frm add str POST parameter directly into an HTML form hidden input value attribute...
PT-2026-42360
A missing authentication vulnerability exists in the Altium 365 SearchService. A legacy SOAP endpoint exposes search index operations without requiring authentication, session tokens, or any form of identity verification. An unauthenticated network attacker who can reference a target workspace's...
PT-2026-42359
Name of the Vulnerable Software and Affected Versions LiteSpeed User-End cPanel Plugin versions prior to 2.4.5 Description An issue exists due to the mishandling of Redis enable/disable features, specifically an incorrect privilege assignment in the lsws.redisAble function. This allows an...
PT-2026-42391
The Broadstreet plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.52.2 via the get sponsored meta AJAX action due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level...