176044 matches found
PT-2026-40106
Name of the Vulnerable Software and Affected Versions YAML::Syck versions prior to 1.38 Description An out-of-bounds read exists in the base60 sexagesimal parsing code within perl syck.h. Specifically, the intbase60 and floatbase60 handlers contain a buffer underflow bug. When processing the...
PT-2026-40076
Uncontrolled search path for some IntelR Server Firmware Update Utility Software before version 16.0.12. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity attack may enable escalation of...
PT-2026-40075
Use after free for some Linux kernel driver for the IntelR Ethernet 800 series before version 2.3.14 within Ring 0: Kernel may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may...
PT-2026-40088
Improper conditions check in some firmware for some IntelR NPU Drivers within Ring 1: Device Drivers may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via...
PT-2026-40093
Name of the Vulnerable Software and Affected Versions IntelR Data Center Graphics Driver for VMware ESXi versions prior to 2.0.2 Description A buffer overflow in the Ring 1: Device Drivers may allow a privileged local attacker to escalate privileges and execute arbitrary code. This issue can be...
PT-2026-40099
Missing Authorization vulnerability in WPMU DEV Hustle allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Hustle: through 7.8.10.1...
PT-2026-40102
JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, plugin-shell's run command wrapped every agent-supplied command in 'sh -c' / 'cmd /C' and passed the full argument string to the shell's parser, allowing shell metacharacters in agent-supplied arguments to be...
PT-2026-40105
JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, the WAVS bridge's computeDataVerify called fetch on agent-supplied URLs without validating scheme, port, or resolved IP, resulting in an SSRF vulnerability. This vulnerability is fixed in 0.x.y-security-1...
PT-2026-40094
Out-of-bounds write for the IntelR Data Center Graphics Driver for VMware ESXi software before version 2.0.2 within Ring 1: Device Drivers may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable data corruption. This result...
PT-2026-40080
Name of the Vulnerable Software and Affected Versions Intel Display Virtualization for Windows OS affected versions not specified Description Improper buffer restrictions within the Ring 2: Device Drivers may allow a denial of service. An authenticated, unprivileged software adversary can exploit...
PT-2026-40081
Uncontrolled search path for some AI Playground software before version 3.0.0 alpha within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This...
PT-2026-40100
Zulip is an open-source team collaboration tool. Prior to 12.0, With message edit history visibility policy set to "moves", /api/v1/messages/id/history still returns historical content values, allowing low-privilege users to recover text that was edited away from other users' messages. This...
PT-2026-40103
JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, substring-based blocklist in plugin-shell's command-safety check could be bypassed by adversarial argument constructions, allowing unauthorized command execution on the host when combined with the companion...
PT-2026-40089
Null pointer dereference for some IntelR QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result...
PT-2026-40091
Buffer overflow for some IntelR QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may...
PT-2026-40082
An issue in Open Source Kubectl MCP Server v1.1.1 allows attackers to execute arbitrary code on a victim system via user interaction with a crafted HTML page...
PT-2026-40083
Improper input validation for some IntelR QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result...
PT-2026-40060
PyTorch-Lightning versions 2.6.0 and earlier contain an insecure deserialization vulnerability CWE-502 in the checkpoint loading mechanism. The LightningModule.load from checkpoint method, which is commonly used to load saved model states, internally calls torch.load without setting the...
PT-2026-40055
Name of the Vulnerable Software and Affected Versions nexent version 1.7.5.2 Description The backend service contains an issue in its file management API where the 'DELETE /storage/object name:path' endpoint lacks authentication, authorization, and input validation. Unauthenticated remote attacke...
PT-2026-40050
Cross-Site Request Forgery vulnerability allows an attacker to perform unauthorized actions via crafted web page. This issue affects Pandora FMS: from 777 through 800...
PT-2026-40063
The snorkel library thru v0.10.0 contains an insecure deserialization vulnerability CWE-502 in the MultitaskClassifier.load method of the MultitaskClassifier class. The method loads model weight files using torch.load without enabling the security-restrictive weights only=True parameter. This...
PT-2026-40057
The load model function in the neural magic training.py script of the optimate project in commit a6d302f912b481c94370811af6b11402f51d377f 2024-07-21 is vulnerable to insecure deserialization CWE-502. When loading a model state dictionary from a state dict.pt file via torch.load, the function does...
PT-2026-40053
The torch-checkpoint-shrink.py script in the ml-engineering project in commit 0099885db36a8f06556efe1faf552518852cb1e0 2025-20-27 contains an insecure deserialization vulnerability CWE-502. The script uses torch.load to process PyTorch checkpoint files .pt without enabling the security-restrictiv...
PT-2026-40072
Name of the Vulnerable Software and Affected Versions Apache Tomcat versions 11.0.0-M1 through 11.0.21 Apache Tomcat versions 10.1.0-M1 through 10.1.54 Apache Tomcat versions 9.0.0.M1 through 9.0.117 Apache Tomcat versions 8.5.0 through 8.5.100 Apache Tomcat versions 7.0.0 through 7.0.109...
PT-2026-40058
The load model function in the neural magic training.py script of the optimate project in commit a6d302f912b481c94370811af6b11402f51d377f 2024-07-21 is vulnerable to insecure deserialization CWE-502. When a user provides a single model file path e.g., .pt or .pth via the --model command-line...
PT-2026-40062
The snorkel library thru v0.10.0 contains a critical insecure deserialization vulnerability CWE-502 in the BaseLabeler.load method of the BaseLabeler class. The method loads serialized labeler models using the unsafe pickle.load function on user-supplied file paths without any validation or...
PT-2026-40065
The TinyZero project thru commit 6652a63c57fa7e5ccde3fc9c598c7176ff15b839 2025-58-24 contains a critical command injection vulnerability CWE-78 in its HDFS file operation utilities. The vulnerability arises from the unsafe construction and execution of shell commands via os.system without proper...
PT-2026-40073
Name of the Vulnerable Software and Affected Versions Apache Tomcat versions 11.0.0-M1 through 11.0.21 Apache Tomcat versions 10.1.0-M1 through 10.1.54 Apache Tomcat versions 9.0.0.M1 through 9.0.117 Apache Tomcat versions 8.5.0 through 8.5.100 Apache Tomcat versions 7.0.0 through 7.0.109 Apache...
PT-2026-40049
Insecure Default Initialization of Resource vulnerability allows Authentication Bypass via API access. This issue affects Pandora FMS: from 777 through 800...
PT-2026-40048
An insecure direct object reference in MK-Auth 23.01K4.9 allows attackers to access and send support calls for other users via manipulation of the chamado parameter through a crafted GET request...
PT-2026-40051
Session Fixation vulnerability allows Session Hijacking via crafted session ID. This issue affects Pandora FMS: from 777 through 800...
PT-2026-40059
PySyft Syft Datasite/Server versions 0.9.5 and earlier are vulnerable to remote code execution due to insufficient validation and sandboxing of user-submitted code. The system allows low-privileged users to submit Python functions via @sy.syft function for remote execution on the server. While a...
PT-2026-40069
Name of the Vulnerable Software and Affected Versions Apache Tomcat versions 11.0.0-M1 through 11.0.21 Apache Tomcat versions 10.1.0-M1 through 10.1.54 Apache Tomcat versions 9.0.0.M1 through 9.0.117 Apache Tomcat versions 10.0.0-M1 through 10.0.27 Description Improper Input Validation occurs in...
PT-2026-40033
A Stored Cross-Site Scripting XSS vulnerability was discovered in the File Management module of FluentCMS 1.2.3. The flaw allows an authenticated administrator to upload crafted SVG files containing malicious JavaScript code. Once uploaded, the script executes in the browser of any user who...
PT-2026-40047
An arbitrary file upload vulnerability in MK-Auth 23.01K4.9 allows attackers to execute arbitrary code via uploading a crafted PHP file...
PT-2026-40067
Name of the Vulnerable Software and Affected Versions Pandora FMS versions 777 through 800 Description Improper neutralization of special elements used in an SQL command allows SQL Injection via the graph container parameter. SQL Injection is a technique where an attacker inserts malicious SQL co...
PT-2026-40054
Name of the Vulnerable Software and Affected Versions nexent version 1.7.5.2 Description The backend service contains an unauthorized arbitrary file deletion issue within its ElasticSearch service interface. The 'DELETE /index name/documents' endpoint lacks proper authentication and authorization...
PT-2026-40056
Name of the Vulnerable Software and Affected Versions optimate versions prior to commit a6d302f912b481c94370811af6b11402f51d377f Description The load model function in the neural magic training.py script allows arbitrary code execution. When a directory path is supplied via the --model command-li...
PT-2026-40052
Server-Side Request Forgery vulnerability allows Privilege Escalation via API Checker extension. This issue affects Pandora FMS: from 777 through 800...
PT-2026-40066
The Adversarial Robustness Toolbox ART thru 1.20.1 contains a remote code execution vulnerability in its Kubeflow component. The robustness evaluation function for PyTorch models uses the unsafe eval function to dynamically evaluate user-supplied strings for the LossFn and Optimizer parameters...
PT-2026-40070
Name of the Vulnerable Software and Affected Versions Apache Tomcat versions 11.0.0-M1 through 11.0.21 Apache Tomcat versions 10.1.0-M1 through 10.1.54 Apache Tomcat versions 9.0.2 through 9.0.117 Apache Tomcat versions 8.5.24 through 8.5.100 Apache Tomcat versions 7.0.83 through 7.0.109...
PT-2026-40061
The snorkel library thru v0.10.0 contains an insecure deserialization vulnerability CWE-502 in the Trainer.load method of the Trainer class. The method loads model checkpoint files using torch.load without enabling the security-restrictive weights only=True parameter. This default behavior allows...
PT-2026-40064
The superduper project thru v0.10.0 contains a critical remote code execution vulnerability in its query parsing component. The parse op part function in query.py uses the unsafe eval function to dynamically evaluate user-supplied query operands without proper sanitization or restriction. Althoug...
PT-2026-40071
Name of the Vulnerable Software and Affected Versions Apache Tomcat versions 11.0.0-M1 through 11.0.21 Apache Tomcat versions 10.1.0-M1 through 10.1.54 Apache Tomcat versions 9.0.0.M1 through 9.0.117 Apache Tomcat versions 8.5.0 through 8.5.100 Apache Tomcat versions prior to 7.0.0 Description An...
PT-2026-40036
Name of the Vulnerable Software and Affected Versions consul-template versions prior to 0.42.0 Description A sandbox path bypass exists in the file template helper, which may allow an attacker to read files located outside of the intended sandbox directory. Recommendations Update to version 0.42....
PT-2026-40042
An exposed dangerous method on the Core Server of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to leak access credentials...
PT-2026-40043
Name of the Vulnerable Software and Affected Versions Ivanti Endpoint Manager versions prior to 2024 SU6 Description Incorrect permissions assignment in the agent allows a local authenticated attacker to escalate their privileges. Recommendations Update to version 2024 SU6 or later...
PT-2026-40034
Name of the Vulnerable Software and Affected Versions postgrex versions 0.16.0 through 0.22.1 Description An SQL Injection issue exists in the Elixir.Postgrex.Notifications module. The channel argument passed to the functions listen/3 and unlisten/3 is interpolated directly into SQL statements...
PT-2026-40041
Name of the Vulnerable Software and Affected Versions Ivanti Virtual Traffic Manager versions prior to 22.9r4 Description OS command injection allows a remote authenticated attacker with admin privileges to achieve remote code execution. Recommendations Update to version 22.9r4 or later...
PT-2026-40040
Name of the Vulnerable Software and Affected Versions Ivanti Xtraction versions prior to 2026.2 Description External control of a file name allows a remote authenticated attacker to read sensitive files and write arbitrary HTML files to a web directory. This can lead to information disclosure and...