187186 matches found
PT-2026-50845
Name of the Vulnerable Software and Affected Versions The Royal Addons for Elementor – Addons and Templates Kit for Elementor versions 1.7.1058 through 1.7.1059 Description An arbitrary file read issue exists due to the wpr get csv handle helper function. When the settings.table upload csv.url...
PT-2026-51065
Name of the Vulnerable Software and Affected Versions jupyterlab-git affected versions not specified Description A stored cross-site scripting XSS issue exists in the PlainTextDiff.ts component of the jupyterlab-git extension. The createHeader function passes Git filenames directly to innerHTML...
PT-2026-50884
Name of the Vulnerable Software and Affected Versions Apache APISIX versions 2.3 through 3.16.0 Description The openid-connect plugin under default configuration contains an issue where insufficient verification of data authenticity allows an attacker to spoof identity headers. This can lead to...
PT-2026-51022
Name of the Vulnerable Software and Affected Versions Node.js version 22 Node.js version 24 Node.js version 26 Description A flaw in the Node.js HTTP Agent allows a client to accept a response as valid even if it was sent before the client transmitted the request. This issue has caused real-world...
PT-2026-52064
Name of the Vulnerable Software and Affected Versions Node.js versions 26.0.0 through 26.3.0 Description A flaw in the Node.js Permission API allows a local server to be started via a Unix domain socket, bypassing the requirement for the --allow-net permission. Recommendations Update to version...
PT-2026-52057
Name of the Vulnerable Software and Affected Versions Node.js versions 22.x Node.js versions 24.x Node.js versions 26.0.0 through 26.3.0 Description An issue in proxy tunnel error handling may lead to the exposure of proxy credentials within ERR PROXY TUNNEL error messages. This occurs when...
PT-2026-50893
Name of the Vulnerable Software and Affected Versions Node.js versions 22.x through 26.3.0 Description A flaw in TLS hostname handling occurs when Node.js processes unicode dot separators, leading to a mismatch between resolver and verifier hostname normalization. This discrepancy can result in a...
PT-2026-52058
Name of the Vulnerable Software and Affected Versions Node.js versions 22.x, 24.x, and 26.x prior to 26.3.1-1.1 Description A flaw in the Node.js HTTP/2 client enables a server to send an unlimited number of ORIGIN frames, potentially causing an Out of Memory error on the client side...
PT-2026-52063
Name of the Vulnerable Software and Affected Versions Node.js versions 22.x Node.js versions 24.x Node.js versions 26.x Description A flaw in the Node.js Permission API allows file metadata to be modified even when a path is configured as read-only, such as when using the --allow-fs-read flag...
PT-2026-52060
Name of the Vulnerable Software and Affected Versions Node.js versions 22.x and earlier Node.js versions 24.x and earlier Node.js versions 26.0.0 through 26.3.0 Description An inconsistency in hostname matching can lead to a trust-policy bypass within multi-context mTLS mutual Transport Layer...
PT-2026-52061
Name of the Vulnerable Software and Affected Versions Node.js versions 22.x and earlier Node.js versions 24.x and earlier Node.js versions 26.x and earlier Description A flaw in TLS hostname handling allows embedded-nul hostnames to cause silent authority rebinding. This occurs due to c-string...
PT-2026-52062
Name of the Vulnerable Software and Affected Versions Node.js versions 22.x through 26.3.0 Description A flaw in the TLS host verification process allows an attacker to bypass certification validation. Recommendations Update Node.js to version 26.3.1 or later...
PT-2026-50927
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The vti6 init net function fails to set the netns immutable flag on the per-netns fallback tunnel device 'ip6 vti0'. This flag is intended to prevent the device from being moved to anoth...
PT-2026-50952
Name of the Vulnerable Software and Affected Versions Joomla StreetGuessr Game version 1.1.8 Description An SQL injection allows unauthenticated attackers to execute arbitrary SQL queries. This is achieved by sending GET requests to the 'index.php' endpoint with the parameters option=com...
PT-2026-50996
Name of the Vulnerable Software and Affected Versions Joomla! Component Easy Shop version 1.2.3 Description A local file inclusion issue allows unauthenticated attackers to read arbitrary files by providing base64-encoded file paths. This is achieved by sending GET requests to the 'index.php'...
PT-2026-51016
Name of the Vulnerable Software and Affected Versions ProxySQL versions 2.0.18 through 3.0.8 Description ProxySQL contains a pre-authentication heap memory corruption issue within the MySQL and PostgreSQL protocol first-read paths. A remote unauthenticated client can trigger this by declaring an...
PT-2026-50953
Name of the Vulnerable Software and Affected Versions Joomla Ultimate Property Listing version 1.0.2 Description An SQL injection allows unauthenticated attackers to execute arbitrary SQL queries. This is achieved by injecting malicious code through the sf selectuser id parameter. Attackers can...
PT-2026-51006
Name of the Vulnerable Software and Affected Versions mcp-memory-service versions prior to 10.65.3 Description The HTTP MCP JSON-RPC endpoint at "/mcp" fails to properly validate OAuth scopes. It allows requests with only the read scope to be dispatched to handlers that include mutating tools...
PT-2026-55980
Name of the Vulnerable Software and Affected Versions Hugo versions 0.123.0 through 0.163.0 Description A regression in the virtual filesystem allows a symlink placed within a theme or local mount to read arbitrary files accessible to the user running the application. This occurs because the...
PT-2026-56267
Name of the Vulnerable Software and Affected Versions Anki versions prior to 25.09.3 Description Anki launches a local HTTP server to serve media files and web pages for its interface. The server does not sufficiently block requests from other origins, allowing a malicious website to trigger...
PT-2026-50900
Name of the Vulnerable Software and Affected Versions containerd versions prior to 2.3.2 containerd versions prior to 2.2.5 containerd versions prior to 2.1.9 containerd versions prior to 2.0.10 containerd versions prior to 1.7.33 Description The CRI checkpoint import process fails to validate...
PT-2026-55944
Name of the Vulnerable Software and Affected Versions pydantic-settings versions 2.12.0 through 2.14.1 Description The NestedSecretsSettingsSource reads secret values from files within a configured secrets dir. When the secrets nested subdir variable is set to true, the system follows symbolic...
PT-2026-55981
Name of the Vulnerable Software and Affected Versions Hugo versions 0.162.0 through 0.163.0 Description The default security.http.urls policy fails to properly block requests to loopback, internal, and cloud-metadata IPv4 literals because the deny rule only matches dotted-decimal notation...
PT-2026-56266
Name of the Vulnerable Software and Affected Versions Anki versions prior to 25.09.4 Description Webview-based pages communicate with the Rust backend via an internal localhost API. User scripts included through iframes in the editor can bypass protections to access this API. A malicious imported...
PT-2026-55979
Name of the Vulnerable Software and Affected Versions Hugo versions 0.60.0 through 0.163.2 Description The default code-block renderer fails to perform HTML escaping when writing the Markdown code-fence language or info-string into the code element's class and data-lang attributes. An attacker ca...
PT-2026-53800
Summary ChatterBot's UbuntuCorpusTrainer.extract uses a predictable, home-rooted output directory /ubuntu data/ubuntu dialogs with a check-then-create pattern if not os.path.exists: os.makedirs followed by tar.extractallpath=self.data path. A local attacker who pre-plants a symlink at the...
PT-2026-51014
Name of the Vulnerable Software and Affected Versions urllib3 version 2.6.3 Brotli version 1.2.0 Description A decompression bomb bypass exists in the streaming API preload content=False when Brotli support is used. This occurs because three independent code paths in response.py bypass the max...
PT-2026-51162
These are all security issues fixed in the freerdp-3.27.1-1.1 package on the GA media of openSUSE Tumbleweed...
PT-2026-51165
These are all security issues fixed in the freerdp-3.27.1-1.1 package on the GA media of openSUSE Tumbleweed...
PT-2026-51163
These are all security issues fixed in the freerdp-3.27.1-1.1 package on the GA media of openSUSE Tumbleweed...
PT-2026-51164
These are all security issues fixed in the freerdp-3.27.1-1.1 package on the GA media of openSUSE Tumbleweed...
PT-2026-51166
These are all security issues fixed in the freerdp-3.27.1-1.1 package on the GA media of openSUSE Tumbleweed...
PT-2026-50963
Name of the Vulnerable Software and Affected Versions Joomla! Component jCart for OpenCart version 2.0 Description An SQL injection allows unauthenticated attackers to manipulate database queries by injecting SQL code. This is achieved by sending GET requests to the 'index.php' endpoint using the...
PT-2026-51048
Name of the Vulnerable Software and Affected Versions containerd versions prior to 2.3.2 containerd versions prior to 2.2.5 containerd versions prior to 2.1.9 containerd versions prior to 2.0.10 containerd versions prior to 1.7.33 Description A maliciously crafted image can cause a Denial of...
PT-2026-51057
Name of the Vulnerable Software and Affected Versions containerd versions prior to 2.1.9 containerd versions prior to 2.2.5 containerd versions prior to 2.3.2 Description A bug in the CRI plugin allows the restoration of container.log from a checkpoint image without validating a symlinked path...
PT-2026-51058
Name of the Vulnerable Software and Affected Versions containerd versions prior to 2.1.9 containerd versions prior to 2.2.5 containerd versions prior to 2.3.2 Description The CRI implementation improperly trusts Container Device Interface CDI annotations found within untrusted checkpoint image...
PT-2026-51056
Name of the Vulnerable Software and Affected Versions containerd versions prior to 2.3.2 containerd versions prior to 2.2.5 containerd versions prior to 2.1.9 containerd versions prior to 2.0.10 containerd versions prior to 1.7.33 Description A bug in the CRI plugin allows the propagation of labe...
PT-2026-51009
Name of the Vulnerable Software and Affected Versions gonic versions prior to 0.21.0 Description An authenticated Subsonic user can bypass ownership checks to read or delete playlists belonging to other users and probe arbitrary file paths on the host for existence or readability. This occurs...
PT-2026-50886
Name of the Vulnerable Software and Affected Versions Apache APISIX versions 2.14.1 through 3.16.0 Description An incorrect authorization issue exists in the authz-casdoor plugin when using the default configuration. This allows an attacker to authenticate using credentials from a different sourc...
PT-2026-50936
Joomla OSDownloads 1.7.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Attackers can send GET requests to index.php with option=com osdownloads&view=item&id=SQL to extract...
PT-2026-50941
Joomla! Component Sponsor Wall 8.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the wallid parameter. Attackers can send GET requests to index.php with the option=com sponsorwall&task=click&walli...
PT-2026-50621
The PressPrimer Quiz – AI Quiz Maker, Exam Builder & LMS Assessment Plugin plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.3.0 via the 'rule id' parameter due to missing validation on a user controlled key. This makes it possible for...
PT-2026-50779
Name of the Vulnerable Software and Affected Versions Coturn versions prior to 4.11.0 Description A stored cross-site scripting XSS issue exists in the web-admin HTTPS interface. An attacker can inject HTML or JavaScript by creating a TURN allocation with a crafted USERNAME value. This script...
PT-2026-50642
Cotonti 1.0.0 master branch, commit f43f1fc3 is vulnerable to Cross-Site Request Forgery in the administration configuration handler. In system/admin/admin.config.php, the configuration update action 'a=update' processes POST data via cot config update options without calling cot check xg to...
PT-2026-50637
The UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.2.63 via the 'user id' parameter due to missing validation on a user controlled key...
PT-2026-53179
Impact RSACrypt::decryptWithRSA15 used by the RSA1 5 key-encryption algorithm implements RSAES-PKCS1-v1 5 decryption by inspecting the padding after RSADP and throwing InvalidArgumentException as soon as the padding is malformed. It does not implement the implicit-rejection countermeasure require...
PT-2026-53150
Summary The published npm package praisonai exports SandboxExecutor, CommandValidator, and sandboxExec as "safe command execution with restrictions." When allowedCommands is configured, CommandValidator checks only the first whitespace-delimited token of the command string. SandboxExecutor then...
PT-2026-53121
Summary When the trusted proxies option is configured, heimdall extracts client IP addresses from the Forwarded for= parameter and X-Forwarded-For headers and exposes them as Request.ClientIPAddresses to the rule pipeline. However, extracted values are not validated to be syntactically valid IP...
PT-2026-54529
Уязвимость функции gf isom add track kind файла isomedia/isom write.c упаковщика MP4Box мультимедийной платформы GPAC связана с ошибками разыменования указателей. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, вызвать отказ в обслуживании с помощью специально созданног...
PT-2026-50812
Name of the Vulnerable Software and Affected Versions pgAdmin 4 versions 6.9 through 9.15 Description In server mode, two state-mutating endpoints in the SQL Editor blueprint are missing the @pga login required authentication decorator, allowing them to be accessed without an authenticated sessio...