187186 matches found
PT-2026-53765
Summary When parsing a WSDL or XSD document, python-zeep follows transitive references — xsd:import, xsd:include, wsdl:import, and lxml entity/DTD resolution — and will fetch http/https URLs found in those references. The Settings.forbid external option, intended to disable this transitive remote...
PT-2026-50959
Name of the Vulnerable Software and Affected Versions JoomRecipe version 1.0.3 Description An SQL injection allows unauthenticated attackers to manipulate database queries by injecting SQL code through the category parameter. This is achieved by sending GET requests to the 'all-recipes' endpoint...
PT-2026-50848
Name of the Vulnerable Software and Affected Versions WP Hotel Booking versions prior to 2.3.1 Description Several AJAX handlers do not enforce capability checks, which allows authenticated users with Subscriber-level access to read booking line items of other users, enumerate active coupons, and...
PT-2026-51003
Name of the Vulnerable Software and Affected Versions Joomla com booking component version 2.4.9 Description An information disclosure issue allows unauthenticated attackers to enumerate user accounts. By exploiting the getUserData function in the customer controller, attackers can send GET...
PT-2026-51631
Name of the Vulnerable Software and Affected Versions Gogs versions prior to 0.14.3 Description Gogs contains a path traversal flaw where organization names containing relative path sequences e.g., ../ are accepted without proper sanitization. This occurs because the internal/database/org.go file...
PT-2026-50912
Name of the Vulnerable Software and Affected Versions AnyDesk version 2.5.0 Description An unquoted service path issue exists in the service installation, allowing local users to execute arbitrary code with SYSTEM privileges. This occurs when a service path contains spaces and is not enclosed in...
PT-2026-50940
Name of the Vulnerable Software and Affected Versions Joomla! Component FocalPoint Pro/Free version 1.2.3 Description An SQL injection allows unauthenticated attackers to execute arbitrary SQL queries. This is achieved by injecting malicious code through the id parameter. Attackers can send GET...
PT-2026-50906
Name of the Vulnerable Software and Affected Versions Comodo Chromodo Browser version 52.15.25.664 Description The ChromodoUpdater service runs with SYSTEM privileges and contains an unquoted service path. This allows a local attacker to place a malicious executable within the service path to...
PT-2026-50988
Name of the Vulnerable Software and Affected Versions Joomla! Component J-BusinessDirectory version 4.9.7 Description An SQL injection allows unauthenticated attackers to execute arbitrary SQL queries. This is achieved by injecting malicious code into the type parameter via GET requests to the...
PT-2026-50838
Name of the Vulnerable Software and Affected Versions Blocksy Companion versions prior to 2.1.46 Description The Blocksy Companion plugin for WordPress contains a Stored Cross-Site Scripting issue within the admin settings caused by insufficient input sanitization and output escaping. This allows...
PT-2026-50833
Name of the Vulnerable Software and Affected Versions Hitachi Virtual Storage Platform E990, E1090, E1090H versions prior to DKCMAIN Ver.93-07-21-80/00-05, CHBiSCSI Ver.88-01-02-04 Hitachi Virtual Storage Platform E390, E590, E790, E390H, E590H, E790H versions prior to DKCMAIN...
PT-2026-50834
Name of the Vulnerable Software and Affected Versions WP DSGVO Tools GDPR versions prior to 3.1.40 Description An authorization bypass exists because the plugin fails to properly verify if a user is authorized to perform specific actions. Unauthenticated attackers can provide an arbitrary victim...
PT-2026-51120
Name of the Vulnerable Software and Affected Versions Python Liquid versions prior to 2.2.1 Description A denial of service issue exists where the engine hangs in an infinite loop during parse time. This occurs when a malformed % case % tag is used without an associated % when % or % else % block...
PT-2026-50879
Name of the Vulnerable Software and Affected Versions Apache APISIX versions 2.12.0 through 3.16.0 Description Improper Input Validation in the forward-auth plugin allows an attacker to spoof identity headers by leveraging specific configurations. Recommendations Upgrade to version 3.17.0...
PT-2026-51080
Name of the Vulnerable Software and Affected Versions CoreWCF versions prior to 1.8.1 CoreWCF versions prior to 1.9.1 Description WS-Security signature verification fails to ensure that the selected ds:Signature covers the expected Security header target. This allows an attacker who has captured ...
PT-2026-51115
Name of the Vulnerable Software and Affected Versions go.qbee.io/transport versions prior to v1.26.25 Description The extractTar routine in the go.qbee.io/transport library contains a symlink-chain path traversal issue. Because path validation is strictly lexical and does not account for on-disk...
PT-2026-51008
Name of the Vulnerable Software and Affected Versions @microsoft/kiota-http-fetchlibrary versions 1.0.0-preview.97 through 1.0.0-preview.101 Description The RedirectHandler in the library fails to properly remove sensitive headers during cross-origin redirects. While it is intended to strip...
PT-2026-50979
Name of the Vulnerable Software and Affected Versions Tilt versions 0.24.0 through 0.37.3 Description The Tilt HUD WebSocket endpoint /ws/view is susceptible to Cross-site WebSocket Hijacking CSWSH, a technique where an attacker tricks a victim's browser into establishing a WebSocket connection t...
PT-2026-50960
Name of the Vulnerable Software and Affected Versions Joomla Payage version 2.05 Description An SQL injection allows unauthenticated attackers to manipulate database queries by injecting SQL code through the aid parameter. Attackers can send GET requests to the 'index.php' endpoint with malicious...
PT-2026-50923
Name of the Vulnerable Software and Affected Versions AVAST Antivirus version 25.11 Description The SecureLine service contains an unquoted service path, which occurs when a service executable path contains spaces and is not enclosed in quotation marks. This allows local non-privileged users to...
PT-2026-50910
Name of the Vulnerable Software and Affected Versions NetDrive version 2.6.12 Description An unquoted service path issue exists in the Netdrive2 Service Netdrive2 service. This allows local users to execute arbitrary code with SYSTEM privileges by placing malicious executables in the system root...
PT-2026-51050
Name of the Vulnerable Software and Affected Versions Symfony UX Live Component versions prior to 2.x Symfony UX Live Component versions prior to 3.x Description The BatchActionController:: invoke function iterates over a client-supplied actions array and issues a full HttpKernel sub-request for...
PT-2026-50965
Name of the Vulnerable Software and Affected Versions PhpWeasyPrint versions prior to 2.5.1 Description PhpWeasyPrint is a PHP library used for generating PDFs from HTML pages or URLs. The software contains a shell command injection flaw occurring when the binary path for WeasyPrint is processed...
PT-2026-51099
Name of the Vulnerable Software and Affected Versions Langflow versions prior to 1.9.1 Description An Insecure Direct Object Reference IDOR issue exists in the /api/v1/responses endpoint. This occurs because the get flow by id or endpoint name function queries the database using a flow ID without...
PT-2026-50905
Name of the Vulnerable Software and Affected Versions Fortitude HTTP version 1.0.4.0 Description An unquoted service path issue exists, allowing local users to execute arbitrary code with elevated privileges. This occurs because the service binary path is not enclosed in quotes, enabling attacker...
PT-2026-50898
Name of the Vulnerable Software and Affected Versions Apache APISIX versions 3.0.0 through 3.16.0 Description A Cross-Site Request Forgery CSRF issue exists in the cas-auth plugin under default configurations. This allows a remote attacker to trick a victim into visiting a malicious webpage,...
PT-2026-50891
Name of the Vulnerable Software and Affected Versions NI grpc-device versions prior to 2.17.0 Description An unchecked enum cast issue exists in the BeginSidebandStream function. An attacker can trigger invalid enum states and undefined behavior by supplying a specially crafted message containing...
PT-2026-51055
Name of the Vulnerable Software and Affected Versions symfony/ux-autocomplete versions prior to 2.x symfony/ux-autocomplete versions prior to 3.x Description The Stimulus controller in the software renders AJAX response items into a dropdown by interpolating the text field directly into HTML...
PT-2026-50903
Realtek High Definition Audio Driver 6.0.1.6730 contains an unquoted service path vulnerability that allows local attackers to escalate privileges by placing a malicious executable in the service path. Attackers can insert an executable file in the unquoted path and restart the service to execute...
PT-2026-51098
Name of the Vulnerable Software and Affected Versions py7zr versions prior to 1.1.3 Description A denial of service issue exists where a crafted .7z archive with a large numstreams value causes excessive CPU consumption. This occurs because the PackInfo. read function in archiveinfo.py uses an On...
PT-2026-51167
Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.27.1 Description When clients are launched with the non-default /cache:codec:rfx option, the software passes the desktop stride and height to RemoteFX decoding for Cache Bitmap V3 data. However, in the gdi Bitmap...
PT-2026-56538
Name of the Vulnerable Software and Affected Versions Zeep versions 4.0.0 through 4.3.2 Description In this Python SOAP client, the Settings.forbid external setting is not enforced during the parsing of WSDL or XSD documents. This allows transitive xsd:import, xsd:include, wsdl:import, and lxml...
PT-2026-51097
Name of the Vulnerable Software and Affected Versions py7zr versions prior to 0.22.1 Description The Worker.decompress function in py7zr/worker.py extracts archive entries without tracking the total decompressed size. This allows a specially crafted .7z file to cause disk or memory exhaustion...
PT-2026-50926
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the RDMA Remote Direct Memory Access component during the rereg mr process. When IB MR REREG ACCESS changes from read-only RO to read-write RW, the umem user memory mu...
PT-2026-50928
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the Linux kernel BPF reuseport program handling. When a UDP reuseport group uses a cBPF program and that program is replaced or detached via the setsocko...
PT-2026-50889
Name of the Vulnerable Software and Affected Versions NI grpc-device versions prior to 2.17.0 Description An out-of-bounds read occurs in the NI grpc-device streaming API because of a missing bounds check. This issue can lead to a denial of service if an attacker provides a specially crafted writ...
PT-2026-50828
Name of the Vulnerable Software and Affected Versions Mitsubishi Electric MELSEC iQ-F Series FX5-EIP EtherNet/IP module versions 1.000 and prior Description An integer overflow or wraparound in the EtherNet/IP function allows a remote attacker to cause a denial-of-service DoS condition. By rapidl...
PT-2026-50919
Wondershare PDFelement 5.2.9 contains a privilege escalation vulnerability due to an unquoted service path in the WsAppService Windows service. Local attackers can place a malicious executable in the service path and execute code with LocalSystem privileges upon service restart or system reboot...
PT-2026-50896
Name of the Vulnerable Software and Affected Versions Apache APISIX versions 3.5.0 through 3.16.0 Description An authentication bypass issue exists in the opa plugin. An attacker can relay spoofed identity headers to upstream services by exploiting non-default configurations in the opa plugin,...
PT-2026-50921
Name of the Vulnerable Software and Affected Versions Malwarebytes version 4.5 Description An unquoted service path issue exists in the MBAMService executable. This allows local attackers to escalate privileges by injecting malicious code into the system root path. Attackers can place executable...
PT-2026-51024
Name of the Vulnerable Software and Affected Versions Kestra versions prior to 1.3.19 Kestra versions prior to 1.2.19 Kestra versions prior to 1.1.19 Kestra versions prior to 1.0.43 Description Kestra is an open-source, event-driven orchestration platform. The inputFiles task writes rendered file...
PT-2026-50934
Name of the Vulnerable Software and Affected Versions Quiz Deluxe version 3.7.4 Description An SQL injection allows unauthenticated attackers to execute arbitrary SQL commands through the 'ajaxaction.flag question' task. Attackers can inject malicious SQL code via the stu quiz id or flag quest...
PT-2026-51087
Name of the Vulnerable Software and Affected Versions Oj versions prior to 3.17.2 Description Oj::Parser in usual mode fails to mark array class and hash class references during garbage collection GC, resulting in a Use-After-Free condition. If the GC executes after the class is assigned but befo...
PT-2026-50994
Name of the Vulnerable Software and Affected Versions Joomla! Component vBizz version 1.0.7 Description An unrestricted file upload issue allows authenticated attackers to upload arbitrary PHP files. This is achieved by submitting malicious files through the profile pic parameter via POST request...
PT-2026-51018
gin-vue-admin is an AI-assisted basic development platform. In version 2.9.1, an authenticated attacker with access to the code-generation feature and MCP management interface can exploit this vulnerability by injecting attacker-controlled Go source code through POST /autoCode/addFunc, and then...
PT-2026-51102
Name of the Vulnerable Software and Affected Versions Langflow versions prior to 1.9.2 Description An issue exists in components based on BaseFileComponent, including Docling DoclingInlineComponent, Docling Serve DoclingRemoteComponent, Read File FileComponent, NVIDIA Retriever Extraction...
PT-2026-51005
Name of the Vulnerable Software and Affected Versions Statamic versions prior to 5.73.23 Statamic versions prior to 6.20.0 Description An authenticated Control Panel user can view metadata and content for resources they lack permission to access. This includes entries, assets, users, roles, group...
PT-2026-50958
Name of the Vulnerable Software and Affected Versions JoomRecipe version 1.0.4 Description The JoomRecipe component for Joomla contains a blind SQL injection flaw. This allows attackers to inject SQL code via POST requests to the search endpoint using the search author parameter. This can be used...
PT-2026-50990
Name of the Vulnerable Software and Affected Versions Joomla Component vRestaurant version 1.9.4 Description An SQL injection allows unauthenticated attackers to execute arbitrary SQL queries. This is achieved by sending POST requests to the 'menu-listing-layout' endpoint with malicious code...
PT-2026-50968
Name of the Vulnerable Software and Affected Versions Tenda AC7 version 15.03.06.44 Description A stack buffer overflow occurs in the '/goform/AdvSetMacMtuWan' endpoint through the mac parameter. A stack buffer overflow is a condition where a program writes more data to a buffer located on the...