175941 matches found
PT-2026-41045
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.168 Description Insufficient validation of untrusted input in DataTransfer allows a remote attacker to obtain potentially sensitive information from process memory. This occurs when a user is convince...
PT-2026-41067
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.168 Description Insufficient validation of untrusted input in the GPU component allows a remote attacker who has compromised the renderer process to cause a denial of service using a specially crafted...
PT-2026-41042
Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 148.0.7778.168 Description A use after free issue in Input allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Use after...
PT-2026-41043
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.168 Description A use after free issue in Aura allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Use after free is a...
PT-2026-41071
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.168 Description A use after free issue in Core on Windows allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page. Use aft...
PT-2026-41111
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.168 Description An object lifecycle issue in Dawn allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML page. Recommendations Update to versi...
PT-2026-40866
Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 18.9.1 through 18.9.6 GitLab CE/EE versions 18.10 through 18.10.5 GitLab CE/EE versions 18.11 through 18.11.2 Description Improper authorization checks could allow an authenticated user to access confidential issue conten...
PT-2026-40923
Name of the Vulnerable Software and Affected Versions PostgreSQL versions prior to 18.4 PostgreSQL versions prior to 17.10 PostgreSQL versions prior to 16.14 PostgreSQL versions prior to 15.18 PostgreSQL versions prior to 14.23 Description A covert timing channel exists during the comparison of...
PT-2026-40924
Name of the Vulnerable Software and Affected Versions PostgreSQL versions prior to 18.4 PostgreSQL versions prior to 17.10 PostgreSQL versions prior to 16.14 PostgreSQL versions prior to 15.18 PostgreSQL versions prior to 14.23 Description Uncontrolled recursion during SSL and GSS negotiation...
PT-2026-40917
Name of the Vulnerable Software and Affected Versions PostgreSQL versions prior to 18.4 PostgreSQL versions prior to 17.10 PostgreSQL versions prior to 16.14 PostgreSQL versions prior to 15.18 PostgreSQL versions prior to 14.23 Description Missing authorization in the CREATE TYPE command allows a...
PT-2026-40920
Name of the Vulnerable Software and Affected Versions PostgreSQL versions prior to 18.4 PostgreSQL versions prior to 17.10 PostgreSQL versions prior to 16.14 PostgreSQL versions prior to 15.18 PostgreSQL versions prior to 14.23 Description Symlink following in pg basebackup plain format and in pg...
PT-2026-40925
Name of the Vulnerable Software and Affected Versions PostgreSQL versions 18.0 through 18.3 Description A buffer over-read occurs in the pg restore attribute stats function when it accepts array values of unmatched length. This causes query planning to read past the end of one array, allowing a...
PT-2026-40894
Name of the Vulnerable Software and Affected Versions User Registration & Membership plugin for WordPress versions prior to 5.1.6 Description An issue exists where the is admin creation process function relies exclusively on the presence of the action=createuser parameter within the $ REQUEST...
PT-2026-41020
Crabbox prior to v0.12.0 contains an authentication bypass vulnerability that allows non-admin shared-token callers to impersonate other owners or organizations by spoofing identity headers. Attackers can inject malicious X-Crabbox-Owner and X-Crabbox-Org headers in requests authenticated with a...
PT-2026-40892
The InfusedWoo Pro plugin for WordPress is vulnerable to privilege escalation via missing authorization in all versions up to, and including, 5.1.2. This is due to missing nonce verification and capability checks in the iwar save recipe AJAX handler. This makes it possible for unauthenticated...
PT-2026-40921
Name of the Vulnerable Software and Affected Versions PostgreSQL versions 17.0 through 17.9 PostgreSQL versions 18.0 through 18.3 Description SQL injection in the pg createsubscriber function allows an attacker with pg create subscription rights to execute arbitrary SQL commands with superuser...
PT-2026-40927
Name of the Vulnerable Software and Affected Versions PostgreSQL versions 16.0 through 16.13 PostgreSQL versions 17.0 through 17.9 PostgreSQL versions 18.0 through 18.3 Description SQL injection in logical replication occurs when using the 'ALTER SUBSCRIPTION ... REFRESH PUBLICATION' command. Thi...
PT-2026-40919
Name of the Vulnerable Software and Affected Versions PostgreSQL versions prior to 18.4 PostgreSQL versions prior to 17.10 PostgreSQL versions prior to 16.14 PostgreSQL versions prior to 15.18 PostgreSQL versions prior to 14.23 Description An externally-controlled format string in the timeofday...
PT-2026-40918
Name of the Vulnerable Software and Affected Versions PostgreSQL versions prior to 18.4 PostgreSQL versions prior to 17.10 PostgreSQL versions prior to 16.14 PostgreSQL versions prior to 15.18 PostgreSQL versions prior to 14.23 Description Integer wraparound in multiple server features allows an...
PT-2026-40880
Name of the Vulnerable Software and Affected Versions Burst Statistics versions 3.4.0 through 3.4.1.1 Description An authentication bypass exists in the Burst Statistics plugin for WordPress due to incorrect return-value handling in the is mainwp authenticated function when validating application...
PT-2026-41153
Name of the Vulnerable Software and Affected Versions ApostropheCMS version 4.29.0 Description A stored cross-site scripting issue exists in the image widget functionality. A user with the Editor or Contributor role can configure an image widget link using a javascript: URL payload. Since editors...
PT-2026-41191
Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.5 Description An authenticated attacker can perform a mass assignment attack via the 'POST /api/v1/evaluations/feedback' endpoint. This is possible because the FeedbackForm uses a configuration that allows extr...
PT-2026-40909
The Database Backup for WordPress plugin for WordPress is vulnerable to unauthorized database export in all versions up to, and including, 2.5.2. This is due to the plugin not properly enforcing the return value of its authorization check. This makes it possible for unauthenticated attackers to...
PT-2026-40867
Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 11.10 through 18.9.6 GitLab CE/EE versions 18.10 through 18.10.5 GitLab CE/EE versions 18.11 through 18.11.2 Description Missing Cross-Site Request Forgery CSRF protection—a flaw where an attacker tricks a victim into...
PT-2026-40910
The Database Backup for WordPress plugin for WordPress is vulnerable to unauthorized arbitrary file read and deletion in all versions up to, and including, 2.5.2. This is due to the plugin not properly enforcing the return value of its authorization check combined with a user-controlled backup...
PT-2026-40885
The Essential Addons for Elementor – Popular Elementor Templates & Widgets plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 6.5.13. This is due to insufficient role validation in the 'register user' function, which only blocks the 'administrator'...
PT-2026-40869
The The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to stored cross-site scripting via the menu hover click parameter of the Navigation Menu Lite widget in all versions up to, and including, 6.4.11 due to...
PT-2026-40848
The Unlimited Elements for Elementor plugin for WordPress is vulnerable to SQL Injection via the 'datafilter search' parameter in the get cat addons AJAX action in versions up to and including 2.0.7. This is due to insufficient input sanitization and the use of deprecated escaping functions...
PT-2026-40870
The Fluent Forms plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in all versions up to, and including, 6.1.21. This is due to the SubmissionPolicy class authorizing submission-level actions read, modify, delete, add notes based on a user-supplied form id que...
PT-2026-40849
The Envira Gallery Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the REST API in versions up to and including 1.12.4. This is due to insufficient input sanitization in the update gallery data function and improper output escaping in the gallery init function. The...
PT-2026-40886
The LatePoint plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to and including 5.3.2. This is due to missing nonce verification on the request cancellation function. This makes it possible for unauthenticated attackers to cancel a logged-in customer's bookings...
PT-2026-40887
The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 6.2.0 via the exportEntries function due to missing validation on a user controlled key. This mak...
PT-2026-40888
The Taskbuilder – Project Management & Task Management Tool With Kanban Board plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'project search' parameter in all versions up to, and including, 5.0.6 due to insufficient escaping on the user supplied parameter and lack of...
PT-2026-40913
Unsafe object reference IDOR in Stel Order v3.25.1 and earlier versions, specifically in the ‘/app/FrontController’ endpoint, through manipulation of the ‘employeeID’ parameter. An authenticated attacker could exploit this vulnerability to access information about any employee first names, last...
PT-2026-40872
Name of the Vulnerable Software and Affected Versions GitLab EE versions 18.7 through 18.9.6 GitLab EE versions 18.10 through 18.10.5 GitLab EE versions 18.11 through 18.11.2 Description An issue exists where improper input sanitization allows an authenticated user to execute arbitrary JavaScript...
PT-2026-40871
Name of the Vulnerable Software and Affected Versions GitLab EE versions 11.10 through 18.9.6 GitLab EE versions 18.10 through 18.10.5 GitLab EE versions 18.11 through 18.11.2 Description Improper access control allows an authenticated user with developer-role permissions to remove code owner...
PT-2026-40874
The GLS Shipping for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'failed orders' parameter in all versions up to, and including, 1.4.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...
PT-2026-40914
Authorization bypass through User-Controlled key vulnerability in Im Park Information Technology, Electronics, Press, Publishing and Advertising, Education Ltd. Co. DijiDemi allows Privilege Abuse. This issue affects DijiDemi: from v4.5.12.1 before v4.5.13.0...
PT-2026-40895
Name of the Vulnerable Software and Affected Versions CC Child Pages versions prior to 2.1.2 Description The CC Child Pages plugin for WordPress contains a Stored Cross-Site Scripting issue caused by insufficient input sanitization and output escaping. Authenticated attackers with Contributor-lev...
PT-2026-40912
Stored Cross-Site Scripting XSS in Stel Order v3.25.1 and earlier, located at the ‘/app/FrontController’ endpoint via the ‘legalName’ and ‘employeeID’ parameters. The lack of proper input sanitization allows an attacker to inject malicious code that is persistently stored in the database. When...
PT-2026-40890
The Career Section plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 1.7 via the CV upload handler. This is due to missing file type validation. This makes it possible for unauthenticated attackers to upload files that may be executable, which makes...
PT-2026-40922
Name of the Vulnerable Software and Affected Versions PostgreSQL versions prior to 18.4 PostgreSQL versions prior to 17.10 PostgreSQL versions prior to 16.14 PostgreSQL versions prior to 15.18 PostgreSQL versions prior to 14.23 Description The use of the dangerous function PQfn..., result is int=...
PT-2026-40873
Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 18.11 through 18.11.2 Description Improper sanitization in GitLab CE/EE allows an authenticated user to execute arbitrary code in another user's browser session. This is a Cross-site Scripting XSS issue, which occurs when...
PT-2026-40896
Name of the Vulnerable Software and Affected Versions MW WP Form versions prior to 5.1.3 Description Insufficient restrictions in the get post property from querystring function allow unauthenticated attackers to extract data from private, draft, or password-protected posts. Recommendations Updat...
PT-2026-40889
The Meta Field Block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'tagName' block attribute in all versions up to, and including, 1.5.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-lev...
PT-2026-40893
The Media Sync plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.4.9 via the 'sub dir' and 'media items' parameters. This is due to insufficient validation of user-supplied file paths, which are not checked for directory traversal sequences or restricted...
PT-2026-41030
Crabbox prior to v0.12.0 contains a privilege escalation vulnerability that allows users with shared visibility-only access to obtain Code, WebVNC, and Egress agent tickets by sending POST requests to ticket endpoints. Attackers can exploit insufficient access control checks on the...
PT-2026-40905
Name of the Vulnerable Software and Affected Versions plug versions 1.4.0 through 1.15.3 plug version 1.16.3 plug version 1.17.1 plug version 1.18.2 plug version 1.19.2 Description An unbounded buffer accumulation issue exists during multipart header parsing. The function read part headers/2 in...
PT-2026-40881
Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 8.3 through 18.9.6 GitLab CE/EE versions 18.10 through 18.10.5 GitLab CE/EE versions 18.11 through 18.11.2 Description An issue exists where an authenticated user can cause a denial of service through excessive memory...
PT-2026-40904
An integer overflow vulnerability in the simdjson document-builder API allows incorrect buffer size calculations in "string builder::escape and append" when processing very large input strings on platforms with limited "size t" width e.g., 32-bit builds. The overflow can cause insufficient buffer...