187100 matches found
PT-2026-51145
Name of the Vulnerable Software and Affected Versions Flowise versions prior to 3.0.8 Description Insufficient input filtering in chat messages and custom agent functions allows for cross-site scripting XSS, a flaw where malicious scripts are injected into trusted websites. An attacker can execut...
PT-2026-51127
Crypt::OpenSSL::PKCS12 versions before 1.96 for Perl permits a heap OOB read in print attribute UTF8STRING path. print attribute copies a UTF8STRING ASN.1 attribute value into a heap buffer sized exactly to its declared length via strncpy, leaving no NUL terminator. Downstream callers run strlen ...
PT-2026-51187
Name of the Vulnerable Software and Affected Versions Apache Atlas versions 2.4.0 and earlier Description An authenticated user can perform stored Cross-Site Scripting XSS, which is a technique where malicious scripts are permanently stored on the target server, on the Create Entity page...
PT-2026-51148
Capgo before 12.128.2 fails to enforce a maximum value on the minimum password length field in its password policy configuration. An authenticated organization administrator can set an extremely large numeric value e.g., billions of characters as the minimum password length, making compliance...
PT-2026-51171
vLLM versions = 0.6.3 and 0.9.0 contain multiple regular expression denial of service ReDoS vulnerabilities. Several regex patterns — in vllm/lora/utils.py, the phi4mini tool parser, and the OpenAI-compatible serving chat endpoint — are susceptible to catastrophic backtracking. An attacker...
PT-2026-51179
GNU Savannah Administration Savane through 3.17 uses untrusted data as part of authorization...
PT-2026-51146
Name of the Vulnerable Software and Affected Versions Capgo versions prior to 12.128.2 Description The software fails to strip EXIF metadata, which includes GPS geolocation data, from uploaded images. This leads to information disclosure, as attackers can download these images and extract precise...
PT-2026-51141
Name of the Vulnerable Software and Affected Versions WooCommerce version 7.1.0 Description A remote code execution flaw exists in the 'class-wc-meta-box-product-images.php' endpoint. The product-type parameter is processed without proper sanitization, allowing attackers to inject shell commands...
PT-2026-55717
bcrypt::verifypassword, hash and HashParts::from strhash panic in str::slice error fail when given a 60-byte &str containing a multi-byte UTF-8 character at certain byte positions. Impact Any Rust code that calls bcrypt::verify or HashParts::from str with an attacker-controlled hash string will...
PT-2026-51129
@socradar BUT... CVE-2026-42495 IS STILL UNPATCHED https://t.co/fSZ3GvAylZ...
PT-2026-51142
Name of the Vulnerable Software and Affected Versions Flowise versions prior to 2.1.4 Description Configuration can be injected into the Chainflow during execution through the overrideConfig option, which is available in the frontend web integration and the backend Prediction API. This feature is...
PT-2026-51194
Name of the Vulnerable Software and Affected Versions Ezbsystems UltraISO Premium Edition versions prior to 9.77 Description Improper access controls exist within the Kernel Driver component, specifically affecting the bootpt64.sys library. This issue allows for unauthorized access when manipulat...
PT-2026-51143
Name of the Vulnerable Software and Affected Versions Nuxt versions prior to 4.4.7 Nuxt versions prior to 3.21.7 Description A cross-site scripting issue exists in the NoScript component, which writes slot content to innerHTML without proper escaping. This allows attackers to inject malicious...
PT-2026-51193
Name of the Vulnerable Software and Affected Versions IM-Magic Partition Resizer versions prior to 7.9.0 Description Improper access controls in the Kernel Driver component, specifically within the MDA NTDRV.sys library, allow for local privilege escalation. This issue occurs when a local attacke...
PT-2026-51137
Name of the Vulnerable Software and Affected Versions iCagenda versions prior to 4.0.8 iCagenda versions prior to 3.9.15 Description A flaw in the iCagenda extension for Joomla allows unauthenticated users to upload arbitrary files through the attachment feature of the public event submission for...
PT-2026-51151
Name of the Vulnerable Software and Affected Versions Flowise versions prior to 3.1.2 Description A mass assignment issue exists in the 'PUT /api/v1/user' endpoint. This allows authenticated users to modify the credential field without proper validation. By providing a crafted password hash, an...
PT-2026-51190
Name of the Vulnerable Software and Affected Versions AOMEI Backupper versions prior to 8.3.0 Description An issue exists in the Kernel Driver component within the amwrtdrv.sys library. A local attacker can perform a manipulation of an unknown function to cause improper access controls...
PT-2026-51157
Name of the Vulnerable Software and Affected Versions Capgo versions prior to 12.128.2 Description An information disclosure issue exists in the 'GET /statistics/app/:app id' endpoint. This allows users with app-limited API keys to identify existing sibling app IDs by analyzing differential error...
PT-2026-51191
Name of the Vulnerable Software and Affected Versions EaseUS Partition Master versions prior to 14.5 Description An issue exists in the Kernel Driver component within the epmntdrv.sys library. A local attacker can manipulate an unknown function to cause improper access controls, which occurs when...
PT-2026-51133
Name of the Vulnerable Software and Affected Versions Simple File List versions prior to 6.3.8 Description The Simple File List plugin for WordPress contains a flaw where a missing authorization check on the frontmanage shortcode attribute allows authenticated attackers with contributor-level...
PT-2026-51177
AVideo TopMenu plugin through version 26.0 contains a stored cross-site scripting vulnerability in menu item rendering due to missing output encoding of icon classes, URLs, and text labels. Attackers can inject malicious JavaScript through unescaped menu item fields that execute for all site...
PT-2026-51044
Capgo before 12.128.2 contains an information disclosure vulnerability in Supabase PostgREST RPC endpoints is trial org and is paying org that allows unauthenticated attackers to enumerate organizations and disclose billing status using the public sb publishable key. Attackers can invoke these...
PT-2026-51042
Name of the Vulnerable Software and Affected Versions Capgo versions prior to 12.128.2 Description An authentication logic flaw exists where a user authorized to manage team or organization security settings can enforce mandatory two-factor authentication 2FA for all team members without having 2...
PT-2026-51188
Name of the Vulnerable Software and Affected Versions AOMEI Partition Assistant versions prior to 10.10.2 Description Improper access controls exist within the Kernel Driver component, specifically affecting unknown code in the ampa10.sys library. This issue allows a local attacker to manipulate...
PT-2026-51154
Capgo before 12.128.2 contains an authorization bypass vulnerability in webhook management endpoints that allows non-expiring API keys to bypass the require apikey expiration organization policy. The checkWebhookPermission function fails to call apikeyHasOrgRightWithPolicy, enabling attackers wit...
PT-2026-51045
Name of the Vulnerable Software and Affected Versions Capgo versions prior to 12.128.12 Description Authenticated users can modify the mutable public.users.email variable to arbitrary addresses. The SSO provisioning endpoint trusts this value as an account-merge key. This allows an attacker to...
PT-2026-51132
Name of the Vulnerable Software and Affected Versions Simple File List versions prior to 6.3.8 Description The Simple File List plugin for WordPress contains insufficient authorization checks that allow unauthenticated attackers to delete and modify files on the server. This issue occurs within t...
PT-2026-51140
Name of the Vulnerable Software and Affected Versions WordPress Time Capsule Plugin version 1.21.16 Description An authentication bypass allows unauthenticated attackers to gain administrative access by sending a crafted POST request containing the IWP JSON PREFIX header. This flaw enables the...
PT-2026-51175
Name of the Vulnerable Software and Affected Versions AVideo versions prior to 29.0 Description An authorization bypass exists in the Meet plugin's 'uploadRecordedVideo.json.php' endpoint. The system derives the target users id from the uploaded filename without proper verification. An attacker w...
PT-2026-51152
Name of the Vulnerable Software and Affected Versions Capgo versions prior to 12.128.2 Description An information disclosure issue exists in the unauthenticated '/replication' endpoint. This allows attackers to retrieve internal PostgreSQL replication telemetry without authentication, exposing...
PT-2026-51136
Name of the Vulnerable Software and Affected Versions SP LMS versions prior to 4.1.4 Description SP LMS com splms by JoomShaper contains a PHP Object injection flaw where user-controlled cookie data is deserialized without validation. Specifically, the application passes the lmsOrders cookie to a...
PT-2026-53939
Affected versionf of memmap2 did not perform enough validation on the offset and len parameters of Mmap::unchecked advise range, MmapMut::unchecked advise ranage and MmapMut::flush async range. This can cause undefined behavior due to invalid values being passed to pointer::offset and pointer::ad...
PT-2026-51153
Name of the Vulnerable Software and Affected Versions capacitor-native-biometric versions prior to 12.128.2 Description An authentication bypass exists because the onAuthenticationSucceeded function fails to validate CryptoObject parameters. This allows attackers to use dynamic instrumentation to...
PT-2026-51158
Name of the Vulnerable Software and Affected Versions Capgo versions prior to 12.128.2 Description An open redirect issue exists in the 'stripe portal' and 'stripe checkout' endpoints. These endpoints accept unvalidated callbackUrl, successUrl, and cancelUrl parameters. Authenticated attackers ca...
PT-2026-51173
AVideo through version 26.0 contains multiple unauthenticated list.json.php endpoints in payment plugins lacking authorization checks, exposing PayPal tokens, Authorize.Net webhooks, and Bitcoin transaction records. Unauthenticated attackers can retrieve all payment transaction data including...
PT-2026-51189
A vulnerability was found in AOMEI Dynamic Disk Manager up to 10.10.1. This issue affects some unknown processing in the library ddmdrv.sys of the component Kernel Driver. Performing a manipulation results in improper access controls. The attack must be initiated from a local position. The exploi...
PT-2026-51178
Name of the Vulnerable Software and Affected Versions GROCERY-STORE-MANAGEMENT-SYSTEM-USING-PHP-AND-MYSQL-PHPMYADMIN version 1.0 Description An issue exists where a crafted SQL statement can be used to access sensitive database information. This occurs via the scost parameter in the...
PT-2026-51130
Name of the Vulnerable Software and Affected Versions Gogs affected versions not specified Description A stored cross-site scripting issue exists due to the use of an outdated notebookjs library. While .ipynb previews are sanitized on the server side via the '/-/api/sanitize ipynb' endpoint,...
PT-2026-51043
Name of the Vulnerable Software and Affected Versions Capgo versions prior to 12.128.2 Description An authorization bypass exists in the public.upsert version meta SECURITY DEFINER function exposed via PostgREST RPC. This allows unauthenticated attackers to insert arbitrary rows into version meta...
PT-2026-51195
Name of the Vulnerable Software and Affected Versions Apache NiFi versions 0.0.1 through 2.9.0 Description Apache NiFi allows the construction of qualified URLs using several HTTP request headers that serve as alternatives to the standard Host header without validating the provided values. While ...
PT-2026-51072
Name of the Vulnerable Software and Affected Versions CoreWCF versions prior to 1.8.1 CoreWCF versions prior to 1.9.1 Description A CoreWCF service listening on a Kafka topic stops processing new records when the KafkaTransportPump receives a null-value tombstone record. A tombstone record is a...
PT-2026-51082
Name of the Vulnerable Software and Affected Versions Oj versions prior to 3.17.2 Description When operating in object mode, the Oj.dump function is susceptible to a heap buffer overflow during the serialization of Exception objects if a large :indent value is used. The issue occurs because the...
PT-2026-55979
Name of the Vulnerable Software and Affected Versions Hugo versions 0.60.0 through 0.163.2 Description The default code-block renderer fails to perform HTML escaping when writing the Markdown code-fence language or info-string into the code element's class and data-lang attributes. An attacker ca...
PT-2026-50922
Name of the Vulnerable Software and Affected Versions Chromacam version 4.0.3.0 Description An unquoted service path issue exists in the PsyFrameGrabberService. This allows local attackers with write access to C: or subdirectories such as C:Program Files x86Personify to execute arbitrary code. By...
PT-2026-51092
Name of the Vulnerable Software and Affected Versions concurrent-ruby versions prior to 1.3.7 Description A synchronization correctness issue exists in the public Concurrent::ReadWriteLock API. The function release write lock does not verify if the calling thread actually acquired the write lock,...
PT-2026-50889
Name of the Vulnerable Software and Affected Versions NI grpc-device versions prior to 2.17.0 Description An out-of-bounds read occurs in the NI grpc-device streaming API because of a missing bounds check. This issue can lead to a denial of service if an attacker provides a specially crafted writ...
PT-2026-50914
Name of the Vulnerable Software and Affected Versions Network Inventory Advisor version 5.0.26.0 Description The niaservice service is installed with an unquoted binary path. This configuration allows local attackers to escalate privileges by placing malicious executables in intermediate...
PT-2026-50985
Name of the Vulnerable Software and Affected Versions Joomla J-CruisePortal version 6.0.4 Description An SQL injection allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code. This is achieved by sending POST requests to the "cruises" endpoint using crafted SQL...
PT-2026-50835
Name of the Vulnerable Software and Affected Versions Canonical MicroCeph versions from the squid and tentacle track Description A path traversal issue exists in the remote-import API. Users possessing a join token or a trusted cluster mTLS certificate, such as enrolled cluster members, can...
PT-2026-51017
Name of the Vulnerable Software and Affected Versions ProxySQL versions 3.0.0 through 3.0.8 Description The GenAI/MCP run sql readonly tool violates its read-only contract for MySQL targets. The tool validates input using a substring blacklist and a first-keyword allowlist, but executes the SQL...