Lucene search
+L
PtsecurityRecent

187186 matches found

ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.7 views

PT-2026-53779

Lokka versions prior to 2.1.2 constructed Azure Resource Manager request URLs using direct string concatenation with user-controlled path input. Specially crafted path values could alter URL authority parsing and cause Azure Resource Manager bearer tokens to be sent to an unintended host. Version...

8.7CVSS5.8AI score
Exploits0References3
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.9 views

PT-2026-53783

SurrealDB fetches the JWKS document for a JWT or record access method using a bare reqwest client that follows HTTP redirects by default. The network capability check in core/src/iam/jwks.rs check capabilities url is applied only to the originally configured URL; redirect targets are not...

4.1CVSS5.9AI score
Exploits0References3
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.11 views

PT-2026-53767

Summary EnvironmentManager.backup recursively collects files using collectBackupFiles. collectBackupFiles uses statSyncfull, which follows symlinks. If data/ contains a symlink to a directory outside the environment root, backup recursion follows the symlink and copies external files into...

5.5CVSS5.8AI score
Exploits0References5
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.4 views

PT-2026-53766

Summary On a multi-tenant stigmem node, a caller holding a write credential for one tenant can run a decay sweep that acts on every tenant's facts. The candidate-selection queries in lifecycle/decay.py select ttl candidates, select confidence candidates carried no tenant id predicate, and the...

7.2CVSS5.5AI score
Exploits0References4
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.11 views

PT-2026-51094

Summary convert builds the nested tree by using each flat record's id and parent field values directly as object keys, with no guard against proto / constructor / prototype. A record whose parent is the string " proto " makes tempparent resolve to Object.prototype, and the following initPush...

7.5CVSS6AI score
Exploits0References4
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.18 views

PT-2026-50987

Name of the Vulnerable Software and Affected Versions J-ClassifiedsManager version 3.0.5 Description An SQL injection allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through POST parameters. By submitting crafted payloads to the 'displayads' component...

8.8CVSS6.2AI score0.00366EPSS
Exploits0References8
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.13 views

PT-2026-53768

Summary The Order::setPaymentAmount method accepts any float value without enforcing a minimum positive amount. The PaymentsController casts the user-supplied 'paymentAmount' parameter directly to float with no lower-bound check. Details When the store has 'Allow Partial Payment on Checkout'...

6.9CVSS5.7AI score
Exploits0References4
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.4 views

PT-2026-54526

Уязвимость интегрированной среды разработки программного обеспечения GoLand связана с некорректным внешним управлением именем или путем файла. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, выполнить произвольный код...

7.5CVSS5.8AI score
Exploits0References2
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.8 views

PT-2026-53330

Summary agentic-flow versions = 2.0.13 MCP server tools interpolated attacker-influenceable tool parameters e.g. agent, task, name, language, agentdb arguments directly into shell command strings passed to execSync. A malicious value reaching any of the affected MCP tools could break out of the...

8.8CVSS5.9AI score
Exploits0References9
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.14 views

PT-2026-51067

Name of the Vulnerable Software and Affected Versions Oj versions prior to 3.17.3 Description When Oj::Doceach child is invoked recursively over a deeply nested JSON document, it can cause a fixed-size stack buffer overflow, leading to a denial of service DoS that aborts the process. This occurs...

7.5CVSS6AI score0.00263EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.5 views

PT-2026-53776

EverOS versions 1.0.0 and earlier are vulnerable to path traversal in the POST /api/v1/memory/add ingestion endpoint. The per-message sender id field was not validated as a path-safe identifier unlike app id / project id, which already enforced this. During user-memory extraction, sender id is us...

8.2CVSS5.9AI score
Exploits0References4
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.14 views

PT-2026-51091

Name of the Vulnerable Software and Affected Versions concurrent-ruby versions prior to 1.3.7 Description Concurrent::ReentrantReadWriteLock can incorrectly grant a write lock after a single thread acquires the read lock 32,768 times. The lock manages a thread's local read and write hold counts...

5.5CVSS5.9AI score0.00106EPSS
Exploits0References8
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.13 views

PT-2026-50918

Name of the Vulnerable Software and Affected Versions Winstep version 18.06.0096 Description The Winstep Xtreme Service contains an unquoted service path issue. This occurs when a service path contains spaces and is not enclosed in quotes, allowing a local attacker to place a malicious executable...

8.5CVSS5.8AI score0.00109EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.11 views

PT-2026-51064

Name of the Vulnerable Software and Affected Versions Oj versions prior to 3.17.2 Description Oj.dump is subject to a stack-based buffer overflow when a large :indent value is provided. The fill indent function in dump.h utilizes memset to fill a buffer without validating the size of the indent...

8.7CVSS6.2AI score0.00257EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.11 views

PT-2026-51084

Name of the Vulnerable Software and Affected Versions oj gem affected versions not specified Description A heap use-after-free occurs in Oj::Parserparse when a SAJ/SAJ2 callback mutates the input JSON string during the parsing process. The C engine maintains a raw pointer to the Ruby string's...

8.7CVSS6AI score0.00117EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.13 views

PT-2026-51086

Name of the Vulnerable Software and Affected Versions Oj versions prior to 3.17.2 Description When operating in usual mode with create id enabled, the Oj::Parserparse function is susceptible to heap corruption. This occurs when a JSON object key is exactly 65,535 bytes long, leading to an integer...

8.7CVSS5.8AI score0.00253EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.12 views

PT-2026-51105

Summary When passing an unknown service name to embedvideo, an error message is rendered containing the invalid service name. The service name is not sanitized and can contain HTML. Details There is a hardcoded list of allowed services in a switch statement inside EmbedServiceFactorynewFromName...

7.5CVSS6AI score
Exploits0References5
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.14 views

PT-2026-51028

Name of the Vulnerable Software and Affected Versions libde265 versions prior to 1.1.0 Description An open source implementation of the h.265 video codec contains a signed integer overflow in the de265 image get buffer function. This occurs when processing a crafted H.265 bitstream with 16-bit bi...

7.1CVSS5.9AI score0.00227EPSS
Exploits1References9
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.20 views

PT-2026-50974

Name of the Vulnerable Software and Affected Versions OpenFGA versions prior to 1.18.0 Description The OIDC authenticator fails to validate the JWT audience aud claim when no audience is configured. In environments where a single identity provider issues tokens for multiple services, a token...

6.8CVSS5.8AI score0.00301EPSS
Exploits0References9
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.14 views

PT-2026-50973

Summary The public GraphQL resolvers getFormDefinitionByObjectenApiUrlurl and the deprecated getFormDefinitionByIdid fetch a caller-supplied URL using the privileged Objecten-API token. Because the /graphql endpoint is permitAll and these resolvers do not declare a CommonGroundAuthentication...

5.3CVSS6AI score
Exploits0References4
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.15 views

PT-2026-51027

Name of the Vulnerable Software and Affected Versions libde265 versions prior to 1.0.20 Description An issue in the h.265 video codec implementation allows a crafted sequence of H.265 NAL units to cause the decoder context::read slice NAL function to attach slice headers to a finished picture...

4.3CVSS5.8AI score0.00194EPSS
Exploits0References16
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.17 views

PT-2026-51000

Name of the Vulnerable Software and Affected Versions Statamic versions prior to 5.73.23 Statamic versions prior to 6.20.0 Description An incomplete fix for a previous issue in this Laravel and Git powered content management system CMS left in-memory collection sorting unprotected, although the...

7.4CVSS5.8AI score0.0027EPSS
Exploits0References11
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.19 views

PT-2026-51017

Name of the Vulnerable Software and Affected Versions ProxySQL versions 3.0.0 through 3.0.8 Description The GenAI/MCP run sql readonly tool violates its read-only contract for MySQL targets. The tool validates input using a substring blacklist and a first-keyword allowlist, but executes the SQL...

7.5CVSS5.9AI score0.00226EPSS
Exploits0References8
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.14 views

PT-2026-50885

Name of the Vulnerable Software and Affected Versions Apache APISIX versions 3.0.0 through 3.16.0 Description An Open Redirect issue exists in the default configuration of the cas-auth plugin, where unsanitized cookie values can lead to URL redirection to untrusted sites. This flaw can be leverag...

6.1CVSS5.8AI score0.004EPSS
Exploits0References6
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.15 views

PT-2026-50984

Name of the Vulnerable Software and Affected Versions libaom affected versions not specified Description Insufficient bounds validation in the AV1 encoder's SVC Scalable Video Coding layer ID control allows an attacker to provide crafted video frame pixels that overlap with internal encoder layer...

7.1CVSS6AI score0.00414EPSS
Exploits0References36
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.39 views

PT-2026-50850

Name of the Vulnerable Software and Affected Versions Dell Server Hardware Manager versions prior to 3.2.2 Description Improper Access Control allows a low privileged attacker with local access to potentially achieve Elevation of privileges, which is the act of gaining higher-level permissions th...

7.8CVSS5.9AI score0.001EPSS
Exploits0References8
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.5 views

PT-2026-54533

Уязвимость программного обеспечения управления аккаунтами JetBrains Hub связана с ошибками в коде генератора псевдослучайных чисел при генерации ключей хоста. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, получить полный контроль над приложением...

10CVSS5.8AI score
Exploits0References2
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.20 views

PT-2026-50995

Name of the Vulnerable Software and Affected Versions Joomla! Component vBizz version 1.0.7 Description An SQL injection allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the payid parameter. This is achieved by submitting POST requests to the...

7.1CVSS6.2AI score0.00221EPSS
Exploits0References8
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.18 views

PT-2026-50882

Name of the Vulnerable Software and Affected Versions FlexNet Manager Suite 2025 R1 FlexNet Manager Suite 2025 R2 Description Insufficient access control in the software could allow unauthorized access to attachment files. Recommendations At the moment, there is no information about a newer versi...

7.1CVSS5.8AI score0.00207EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.16 views

PT-2026-50935

Name of the Vulnerable Software and Affected Versions RPC Responsive Portfolio version 1.6.1 Description An SQL injection allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. This is achieved by sending GET requests to the...

8.8CVSS6.2AI score0.00334EPSS
Exploits0References7
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.17 views

PT-2026-50880

Name of the Vulnerable Software and Affected Versions Apache APISIX versions 2.2 through 3.16.0 Description An authentication bypass by spoofing exists in the jwt-auth plugin. This flaw allows an attacker to completely bypass authentication by using a spoofed token when certain configurations of...

9.1CVSS5.9AI score0.00386EPSS
Exploits0References16
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.15 views

PT-2026-51021

Name of the Vulnerable Software and Affected Versions Mercator versions prior to 2025.05.19 Description A Server-Side Request Forgery SSRF exists in the CVE configuration panel at the '/admin/config/parameters' endpoint. The testProvider method in ConfigurationController passes user-supplied inpu...

5.3CVSS6.3AI score0.0054EPSS
Exploits0References8
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.23 views

PT-2026-50829

Name of the Vulnerable Software and Affected Versions Mitsubishi Electric MELSEC iQ-F Series FX5-ENET/IP Ethernet Module FX5-ENET/IP affected versions not specified Description An Expected Behavior Violation allows a remote attacker to cause a denial-of-service DoS condition. By continuously...

8.7CVSS5.9AI score0.00367EPSS
Exploits0References7
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.20 views

PT-2026-50932

Name of the Vulnerable Software and Affected Versions Joomla! Component JB Visa version 1.0 Description An SQL injection allows unauthenticated attackers to execute arbitrary SQL queries. This is achieved by injecting malicious code into the visatype parameter via GET requests to the 'index.php'...

8.8CVSS6.2AI score0.00334EPSS
Exploits0References7
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.21 views

PT-2026-50871

Name of the Vulnerable Software and Affected Versions FFmpeg affected versions not specified Description A use-after-free issue exists in the RASC video decoder. The decode move function initializes a read pointer into a decompressed buffer; however, a subsequent reallocation of that buffer durin...

6.5CVSS6AI score0.00245EPSS
Exploits0References8
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.12 views

PT-2026-51095

Name of the Vulnerable Software and Affected Versions miniflux-v2 affected versions not specified Description URL restrictions can be bypassed, leading to an open redirect. The application uses the IsRelativePath function to validate redirect URLs by requiring relative paths and prohibiting host ...

5.1CVSS5.9AI score
Exploits0References4
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.33 views

PT-2026-50897

Name of the Vulnerable Software and Affected Versions Line Desktop MCP versions prior to 1.1.2 Description Line Desktop MCP allows users to operate the LINE Desktop application on Windows or Mac via Model Context Protocol MCP. When using the --http-mode Streamable HTTP transport, the server binds...

8.8CVSS5.9AI score0.00323EPSS
Exploits0References8
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.18 views

PT-2026-50970

Summary The agent sandbox gates shell commands behind an allowlist SandboxPolicy.isCommandAllowed, which THREAT MODEL.md calls the main control against a compromised agent Adversary 3.2. The allowlist glob-matches the whole command string, but ShellExecutor runs that string through /bin/sh -c. So...

9.9CVSS6.5AI score
Exploits0References3
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.19 views

PT-2026-50991

Joomla Component vReview 1.9.11 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the cmId parameter. Attackers can send POST requests to the editReview task endpoint with URL-encoded SQL UNION...

8.8CVSS6.3AI score0.00366EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.22 views

PT-2026-50842

Name of the Vulnerable Software and Affected Versions FileRise versions prior to 3.16.0 Description A path traversal issue exists in the shared-folder upload endpoint '/api/folder/uploadToSharedFolder.php'. The FolderController validates the upload filename using basename and REGEX FILE NAME, but...

9.8CVSS6.3AI score0.0072EPSS
Exploits0References9
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.7 views

PT-2026-53785

A record user could read field values hidden from them by field-level SELECT permissions by reaching the records through a graph-edge - or back-reference SELECT FROM knows, person:bobknows-SELECT FROM person — returned it intact. The root cause: the shared resolve record batch helper used by...

4.3CVSS5.8AI score
Exploits0References3
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.22 views

PT-2026-50836

Name of the Vulnerable Software and Affected Versions Bit integrations – Form Integration, Webhook, Spreadsheets, CRM, LMS & Email Automation versions prior to 2.8.8 Description An issue exists where unauthenticated attackers can perform Server-Side Request Forgery SSRF, a flaw that allows a serv...

6.5CVSS5.8AI score0.00312EPSS
Exploits0References18
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.19 views

PT-2026-50917

Name of the Vulnerable Software and Affected Versions Realtek Audio Service version 1.0.0.55 Description An unquoted service path issue exists in RtkAudioService64.exe. This allows local attackers to escalate privileges by placing malicious executable files in the unquoted service path directory,...

8.5CVSS5.9AI score0.00121EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.16 views

PT-2026-50977

Summary tract the tract-onnx crate resolves an ONNX tensor's external-data location by joining it onto the model directory without any sanitization. Because location comes from the untrusted .onnx file, a malicious model can make tract open and read an arbitrary local file at load time, with the...

6.1CVSS6AI score
Exploits0References3
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.21 views

PT-2026-50937

Name of the Vulnerable Software and Affected Versions Joomla! Component Price Alert version 3.0.2 Description An SQL injection allows unauthenticated attackers to execute arbitrary SQL queries. By sending requests to the 'subscribeajax' view with crafted payloads in the product id parameter,...

8.8CVSS6.2AI score0.00334EPSS
Exploits0References7
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.29 views

PT-2026-50899

Name of the Vulnerable Software and Affected Versions Apache APISIX versions 3.0.0 through 3.16.0 Description Improper Authentication occurs when the cas-auth plugin is used in a route, potentially allowing an attacker to authenticate using credentials from a different source. Recommendations...

8.1CVSS5.9AI score0.0032EPSS
Exploits0References6
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.27 views

PT-2026-51039

Name of the Vulnerable Software and Affected Versions Cap-go versions prior to 12.128.2 Description An authentication logic flaw allows an attacker to register and control an account linked to a victim's email address before the email is verified. By enabling two-factor authentication on this...

9.3CVSS5.9AI score0.00351EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.19 views

PT-2026-50943

Name of the Vulnerable Software and Affected Versions Joomla SP Movie Database version 1.3 Description An SQL injection allows unauthenticated attackers to execute arbitrary SQL queries. This is achieved by injecting malicious code into the searchword parameter when sending GET requests to the...

8.8CVSS6.2AI score0.00334EPSS
Exploits0References7
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.17 views

PT-2026-50954

Name of the Vulnerable Software and Affected Versions Joomla Event Registration Pro Calendar version 4.1.3 Description An SQL injection allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code. This is achieved by sending GET requests to the 'index.php' endpoi...

8.8CVSS6.2AI score0.00237EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.15 views

PT-2026-51116

Name of the Vulnerable Software and Affected Versions dbt-mcp version 1.19.1 Description The local OAuth helper FastAPI server bundled with dbt-mcp exposes the 'GET /dbt platform context' endpoint without authentication or host-origin validation. After a user completes the OAuth login flow, this...

6.8CVSS5.9AI score
Exploits0References8
Total number of security vulnerabilities187186