184382 matches found
PT-2026-56338
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description High-privilege processes directly execute executable files that can be controlled by the user. This allows low-privilege users to elevate their privileges to NT...
PT-2026-56606
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.9.1-alpha.12 and 8.6.82, deeply nested $or, $and, and $nor query condition operators in the REST API or LiveQuery query handling could trigger exponential-time processing in the...
PT-2026-56855
These are all security issues fixed in the libmbedtls23-4.2.0-1.1 package on the GA media of openSUSE Tumbleweed...
PT-2026-56328
The Appointment Booking Calendar Plugin and Scheduling Plugin WordPress plugin through 1.1.28 does not validate data before passing it to a PHP deserialization function, allowing unauthenticated attackers to inject arbitrary PHP objects; where a suitable gadget chain is present on the site this c...
PT-2026-56485
AFFiNE's histories GraphQL field fails to validate Doc.Read permission before exposing document edit history, allowing authenticated workspace members to retrieve restricted content timelines. Attackers can supply arbitrary document GUIDs to access full edit histories including user names, emails...
PT-2026-56602
OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to 7.260401.0, the OpenCTI GraphQL API exposes a script filter operator in its FilterOperator enum that allows any authenticated user with the KNOWLEDGE capability to pass user-supplied...
PT-2026-56619
BLF file parser in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows possible information disclosure...
PT-2026-56857
These are all security issues fixed in the libIex-3 4-33-3.4.13-1.1 package on the GA media of openSUSE Tumbleweed...
PT-2026-56851
These are all security issues fixed in the libIex-3 4-33-3.4.13-1.1 package on the GA media of openSUSE Tumbleweed...
PT-2026-56858
These are all security issues fixed in the libIex-3 4-33-3.4.13-1.1 package on the GA media of openSUSE Tumbleweed...
PT-2026-56859
These are all security issues fixed in the libIex-3 4-33-3.4.13-1.1 package on the GA media of openSUSE Tumbleweed...
PT-2026-56286
sftp in OpenSSH before 10.4 does not properly constrain the location of downloaded files when "sftp server:/path ." is used with an attacker-controlled server...
PT-2026-56287
scp in OpenSSH before 10.4 may place a file in the parent directory of an intended directory when the copy occurs between two remote destinations...
PT-2026-56291
Name of the Vulnerable Software and Affected Versions OpenSSH versions prior to 10.4 Description The sshd component allows remote attackers to cause a denial of service through resource consumption. This occurs due to the mishandling of the MaxAuthTries variable during GSSAPIAuthentication, which...
PT-2026-56289
sshd in OpenSSH before 10.4 has an undocumented security-relevant behavior: GSSAPIStrictAcceptorCheck has no value if the server is in Windows Active Directory...
PT-2026-56292
sshd in OpenSSH before 10.4 does not always honor the minimum authentication delay...
PT-2026-56293
Name of the Vulnerable Software and Affected Versions OpenSSH versions prior to 10.4 Description A use-after-free issue exists in the ssh client. This occurs when a server changes its host key during a key re-exchange, which is a process where the client and server negotiate new session keys to...
PT-2026-56290
Name of the Vulnerable Software and Affected Versions OpenSSH versions prior to 10.4 Description In sshd, the configuration setting DisableForwarding=yes failed to take precedence over PermitTunnel=yes, allowing tunnel forwarding even when it should have been disabled. Recommendations Update to...
PT-2026-56288
internal-sftp in sshd in OpenSSH before 10.4 recognizes only the first 9 command-line arguments, which can be important if a later command-line argument would have helped to ensure the intended security properties of an SFTP connection...
PT-2026-56558
A Network UPS Tools RCE CVE-2026-54161 lets a malicious upsd trigger upsmon command injection as root. No patch exists yet, so mitigate now. NetworkUPSTools NUT upsmon CommandInjection RCE CVE202654161 CyberSecurity https://t.co/Ynckqw3wZp...
PT-2026-56682
Unauthenticated Cross-Origin Plugin Upload Leads to RCE Joro ≤ v1.1.0 Severity: Critical CVSS v3.1: 9.6 AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H Affected versions: Joro ≤ v1.1.0, proxy mode default, Linux/macOS Reporter: cstover Date: 2026-05-27 --- Summary Joro's default proxy mode in versions = 1.1....
PT-2026-56564
NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.0, 2.12.7, and 2.11.16, an authenticated user could receive messages on denied subjects when a wildcard subscription overlapped with a configured wildcard deny rule but was not a subset...
PT-2026-56563
NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.12.8 and 2.11.17, an unauthenticated peer with network access to a leafnode listener with compression enabled could crash the server during the pre-authentication leafnode handshake by...
PT-2026-56559
NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12, MQTT retained message delivery and QoS1+ durable replay could deliver messages whose original topics matched a subscriber configured subscribe deny rule because these...
PT-2026-56555
The consul-template library before version 0.42.1 is vulnerable to a path redirection issue in the writeToFile template helper that may allow template output to be written outside the intended directory or to overwrite an existing file. This vulnerability CVE-2026-14361 is fixed in consul-templat...
PT-2026-56540
rpcx through 1.9.3, fixed in commit 047aec1, contains a denial-of-service vulnerability in protocol.Message.Decode protocol/message.go. When a message has the compression flag set, the payload is gzip-decompressed via util.Unzip with no limit on the decompressed output size. The only built-in siz...
PT-2026-56473
A flaw was found in the gorch service template, which is part of the trustyai-service-operator. Even when authentication is enabled, the gorch service exposes unproxied orchestrator and detector metrics ports. This allows any pod on the cluster network to directly access these ports, bypassing th...
PT-2026-56620
Improper authorization in the /tequilapi/config/user endpoint of Mysterium Node before v1.36.0 allows unauthenticated attackers to arbitrarily overwrite the node's configuration and achieve a full node takeover via supplying a crafted POST request...
PT-2026-56612
etcd is a distributed key-value store for the data of a distributed system. Prior to 3.5.32 and 3.6.13, when etcd is configured with --listen-client-http-urls to split HTTP and gRPC client endpoints onto separate listeners, the --client-crl-file Certificate Revocation List is not enforced on the...
PT-2026-56398
The WCFM Membership – WooCommerce Memberships for Multivendor Marketplace plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.11.10. This is due to the 'wcfmvm membership change' AJAX action not validating user permission to modify other...
PT-2026-56402
The Tainacan plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'geoquery' parameter in all versions up to and including 1.0.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...
PT-2026-56410
Name of the Vulnerable Software and Affected Versions Mediküm Web versions prior to 08072026 Description Mediküm Web contains an SQL injection flaw resulting from improper neutralization of special elements used in SQL commands. This occurs due to inadequate input validation or parameterization,...
PT-2026-56400
Name of the Vulnerable Software and Affected Versions LatePoint – Calendar Booking Plugin for Appointments and Events versions prior to 5.4.1 Description Improper input validation in the Stripe Connect payment processor allows unauthenticated attackers to pay an arbitrary amount. This occurs...
PT-2026-56408
Name of the Vulnerable Software and Affected Versions VikBooking Hotel Booking Engine & PMS versions prior to 1.8.9 Description Insufficient input sanitization and output escaping allow unauthenticated attackers to perform Stored Cross-Site Scripting XSS, a technique where malicious scripts are...
PT-2026-56452
Improper Neutralization of Special Elements in Data Query Logic vulnerability in Progress MOVEit Transfer Custom Reports modules. This issue affects MOVEit Transfer: from 2025.0.0 before 2025.0.8, from 2025.1.0 before 2025.1.4, from 2026.0.0 before 2026.0.1...
PT-2026-56453
Missing release of memory after effective lifetime vulnerability in Progress MOVEit Transfer Custom Reports modules. This issue affects MOVEit Transfer: from 2025.0.0 before 2025.0.8, from 2025.1.0 before 2025.1.4, from 2026.0.0 before 2026.0.1...
PT-2026-56420
Name of the Vulnerable Software and Affected Versions Dell PowerProtect Data Domain versions 7.7.1.0 through 8.7 Dell PowerProtect Data Domain versions 8.6.1.0 through 8.6.1.10 Dell PowerProtect Data Domain versions 8.3.1.0 through 8.3.1.30 Dell PowerProtect Data Domain versions 7.13.1.0 through...
PT-2026-56358
Name of the Vulnerable Software and Affected Versions Foxit Reader affected versions not specified Description An XML External Entity XXE issue exists where the application processes files that are not strictly in a structurally valid PDF format. By opening a malicious document disguised as a PDF...
PT-2026-56422
Name of the Vulnerable Software and Affected Versions Dell PowerProtect Data Domain versions 7.7.1.0 through 8.7 Dell PowerProtect Data Domain versions 8.6.1.0 through 8.6.1.10 Dell PowerProtect Data Domain versions 8.3.1.0 through 8.3.1.30 Dell PowerProtect Data Domain versions 7.13.1.0 through...
PT-2026-56424
Name of the Vulnerable Software and Affected Versions Dell PowerProtect Data Domain versions 7.7.1.0 through 8.6 Dell PowerProtect Data Domain versions 8.6.1.0 through 8.6.1.10 Dell PowerProtect Data Domain versions 8.3.1.0 through 8.3.1.30 Dell PowerProtect Data Domain versions 7.13.1.0 through...
PT-2026-56409
Name of the Vulnerable Software and Affected Versions My Calendar – Accessible Event Manager versions prior to 3.7.9 Description An issue exists where unauthenticated attackers can perform time-based blind SQL Injection. This occurs due to insufficient escaping of user-supplied input and a lack o...
PT-2026-56860
These are all security issues fixed in the fluidsynth-2.5.6-1.1 package on the GA media of openSUSE Tumbleweed...
PT-2026-56554
Name of the Vulnerable Software and Affected Versions PAN-OS affected versions not specified Description An issue in the dataplane of the software allows an unauthenticated attacker to bypass firewall security policy enforcement via IPv6 packet processing. This enables network traffic that should...
PT-2026-56528
pypdf is a free and open-source pure-python PDF library. Prior to 6.14.0, an attacker can craft a PDF with declared image size values that are much too large compared to the actual data, causing large memory usage in pypdf image parsing. This issue is fixed in version 6.14.0...
PT-2026-56518
Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, the Include directive in src/mistune/directives/include.py detects only direct self-includes and not indirect cycles, allowing two markdown files that include each other to trigger unbounded recursion, raise...
PT-2026-56519
Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, a Markdown document containing many repeated or distinct reference-link definitions causes quadratic work in src/mistune/block parser.py and the ref links environment dictionary handling, allowing denial of service...
PT-2026-56472
BBOT's github workflows module could be induced to write a downloaded artifact outside its configured output directory: its path-containment check did not resolve .., so a crafted CODE REPOSITORY URL could traverse out of the intended folder. The write is bounded to two directory levels above the...
PT-2026-56503
setuptools is a package that allows users to download, build, install, upgrade, and uninstall Python packages. Prior to 83.0.0, FileList applied MANIFEST.in exclude, global-exclude, recursive-exclude, and prune directives by matching compiled glob patterns against on-disk file names without Unico...
PT-2026-56471
BBOT's unarchive module rejects archives containing symlink entries before extraction, but for zip and 7z archives it failed to detect symlinks whose listing carries a DOS-attribute prefix before the unix mode, as produced by legacy versions of p7zip. Such an archive, downloaded and extracted...
PT-2026-56509
Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, HTMLRenderer.safe url does not block percent-encoded javascript URIs, allowing attacker-supplied Markdown links or images to bypass URL protections and execute script in rendered HTML. This issue is fixed in version...