184424 matches found
PT-2026-56628
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.115 Description An uninitialized use in ANGLE allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML page. Recommendations Update Google Chrom...
PT-2026-56646
Inappropriate implementation in WebGL in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: High...
PT-2026-56637
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.115 Description A use after free issue exists in the Input component. This occurs when a program continues to use a pointer after it has been freed, which can lead to memory corruption. A remote...
PT-2026-56383
Name of the Vulnerable Software and Affected Versions libXfont2 versions prior to 2.0.8 Description A heap-based buffer overflow exists in the BitmapScaleBitmaps function. The issue is caused by an integer overflow where a 32-bit size calculation wraps, resulting in an undersized heap allocation...
PT-2026-56391
Name of the Vulnerable Software and Affected Versions libXfont2 versions prior to 2.0.8 Description A heap buffer overflow occurs when parsing PCF files due to missing size checking in the property buffer within the ComputeScaledProperties function. Authenticated X clients can exploit this issue ...
PT-2026-56335
Name of the Vulnerable Software and Affected Versions xorg-server versions prior to 21.2.24 xwayland versions prior to 24.1.13 Description Local attackers with an X connection can cause a Heap Use After Free, a condition where the system continues to use a memory address after it has been freed,...
PT-2026-56398
The WCFM Membership – WooCommerce Memberships for Multivendor Marketplace plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.11.10. This is due to the 'wcfmvm membership change' AJAX action not validating user permission to modify other...
PT-2026-56402
The Tainacan plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'geoquery' parameter in all versions up to and including 1.0.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...
PT-2026-56410
Name of the Vulnerable Software and Affected Versions Mediküm Web versions prior to 08072026 Description Mediküm Web contains an SQL injection flaw resulting from improper neutralization of special elements used in SQL commands. This occurs due to inadequate input validation or parameterization,...
PT-2026-56400
Name of the Vulnerable Software and Affected Versions LatePoint – Calendar Booking Plugin for Appointments and Events versions prior to 5.4.1 Description Improper input validation in the Stripe Connect payment processor allows unauthenticated attackers to pay an arbitrary amount. This occurs...
PT-2026-56408
Name of the Vulnerable Software and Affected Versions VikBooking Hotel Booking Engine & PMS versions prior to 1.8.9 Description Insufficient input sanitization and output escaping allow unauthenticated attackers to perform Stored Cross-Site Scripting XSS, a technique where malicious scripts are...
PT-2026-56452
Improper Neutralization of Special Elements in Data Query Logic vulnerability in Progress MOVEit Transfer Custom Reports modules. This issue affects MOVEit Transfer: from 2025.0.0 before 2025.0.8, from 2025.1.0 before 2025.1.4, from 2026.0.0 before 2026.0.1...
PT-2026-56453
Missing release of memory after effective lifetime vulnerability in Progress MOVEit Transfer Custom Reports modules. This issue affects MOVEit Transfer: from 2025.0.0 before 2025.0.8, from 2025.1.0 before 2025.1.4, from 2026.0.0 before 2026.0.1...
PT-2026-56420
Name of the Vulnerable Software and Affected Versions Dell PowerProtect Data Domain versions 7.7.1.0 through 8.7 Dell PowerProtect Data Domain versions 8.6.1.0 through 8.6.1.10 Dell PowerProtect Data Domain versions 8.3.1.0 through 8.3.1.30 Dell PowerProtect Data Domain versions 7.13.1.0 through...
PT-2026-56358
Name of the Vulnerable Software and Affected Versions Foxit Reader affected versions not specified Description An XML External Entity XXE issue exists where the application processes files that are not strictly in a structurally valid PDF format. By opening a malicious document disguised as a PDF...
PT-2026-56422
Name of the Vulnerable Software and Affected Versions Dell PowerProtect Data Domain versions 7.7.1.0 through 8.7 Dell PowerProtect Data Domain versions 8.6.1.0 through 8.6.1.10 Dell PowerProtect Data Domain versions 8.3.1.0 through 8.3.1.30 Dell PowerProtect Data Domain versions 7.13.1.0 through...
PT-2026-56424
Name of the Vulnerable Software and Affected Versions Dell PowerProtect Data Domain versions 7.7.1.0 through 8.6 Dell PowerProtect Data Domain versions 8.6.1.0 through 8.6.1.10 Dell PowerProtect Data Domain versions 8.3.1.0 through 8.3.1.30 Dell PowerProtect Data Domain versions 7.13.1.0 through...
PT-2026-56409
Name of the Vulnerable Software and Affected Versions My Calendar – Accessible Event Manager versions prior to 3.7.9 Description An issue exists where unauthenticated attackers can perform time-based blind SQL Injection. This occurs due to insufficient escaping of user-supplied input and a lack o...
PT-2026-56554
Name of the Vulnerable Software and Affected Versions PAN-OS affected versions not specified Description An issue in the dataplane of the software allows an unauthenticated attacker to bypass firewall security policy enforcement via IPv6 packet processing. This enables network traffic that should...
PT-2026-56528
pypdf is a free and open-source pure-python PDF library. Prior to 6.14.0, an attacker can craft a PDF with declared image size values that are much too large compared to the actual data, causing large memory usage in pypdf image parsing. This issue is fixed in version 6.14.0...
PT-2026-56518
Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, the Include directive in src/mistune/directives/include.py detects only direct self-includes and not indirect cycles, allowing two markdown files that include each other to trigger unbounded recursion, raise...
PT-2026-56519
Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, a Markdown document containing many repeated or distinct reference-link definitions causes quadratic work in src/mistune/block parser.py and the ref links environment dictionary handling, allowing denial of service...
PT-2026-56472
BBOT's github workflows module could be induced to write a downloaded artifact outside its configured output directory: its path-containment check did not resolve .., so a crafted CODE REPOSITORY URL could traverse out of the intended folder. The write is bounded to two directory levels above the...
PT-2026-56503
setuptools is a package that allows users to download, build, install, upgrade, and uninstall Python packages. Prior to 83.0.0, FileList applied MANIFEST.in exclude, global-exclude, recursive-exclude, and prune directives by matching compiled glob patterns against on-disk file names without Unico...
PT-2026-56471
BBOT's unarchive module rejects archives containing symlink entries before extraction, but for zip and 7z archives it failed to detect symlinks whose listing carries a DOS-attribute prefix before the unix mode, as produced by legacy versions of p7zip. Such an archive, downloaded and extracted...
PT-2026-56509
Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, HTMLRenderer.safe url does not block percent-encoded javascript URIs, allowing attacker-supplied Markdown links or images to bypass URL protections and execute script in rendered HTML. This issue is fixed in version...
PT-2026-56511
Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, render admonition in src/mistune/directives/admonition.py concatenates the Admonition directive :class: option into the HTML class attribute without escaping, allowing attribute injection and cross-site scripting even...
PT-2026-56510
Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, long sequences of well-formed double-asterisk or triple-asterisk emphasis pairs around a character cause quadratic work in src/mistune/inline parser.py because the parser scans forward for matching close markers from...
PT-2026-56417
A vulnerability was found in bentoml OpenLLM 0.6.30. This affects the function async run command of the file src/openllm/common.py of the component Model Repository Directory Name Handler. Performing a manipulation of the argument cmd results in command injection. Attacking locally is a...
PT-2026-56517
Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, Include.parse joins and normalizes user-supplied include paths without verifying that the result remains within the intended markdown directory, allowing crafted include paths to access files outside that directory wh...
PT-2026-56480
Copier is a library and CLI app for rendering project templates. In versions 9.5.0 through 9.15.1, the trust setting's prefix match copier/ settings.py compares the template URL against a trusted prefix with a raw str.startswith and no path normalization, while the URL is normalized when the...
PT-2026-56513
Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, the toc plugin and TableOfContents directive generate heading IDs as predictable toc N values without slugifying the heading text, allowing attacker-controlled id="toc N" content to collide with generated anchors and...
PT-2026-56512
Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, the safe url filter in src/mistune/renderers/html.py blocks only javascript:, vbscript:, file:, and data: schemes, allowing legacy or chained schemes such as feed:, view-source:, jar:, livescript:, mocha:, ms-its:, mk...
PT-2026-56508
Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, a run of closed tilde, equals-sign, or caret marker pairs around a character causes quadratic work in src/mistune/plugins/formatting.py when the strikethrough, mark, or insert plugin scans for matching markers from ea...
PT-2026-56441
n8n before 1.123.55, 2.25.7, and 2.26.2 contains an authorization vulnerability in three mutating evaluation test-run endpoints that authorize state-changing actions using the workflow:read scope instead of the action-appropriate workflow:execute scope. On instances using Advanced Permissions...
PT-2026-56339
When the application opens a PDF file and JavaScript deletes the PDF fields, the subsequent logic still uses the old field pointers, resulting in invalid pointer references and causing the application to crash...
PT-2026-56357
The PRC file header parsing logic trusts the constructed file structure description information, assumes that the underlying array contains elements and reads them, leading to out-of-bounds reads and application crashes...
PT-2026-56323
The Bulk Order Update for WooCommerce plugin for WordPress is vulnerable to Arbitrary File Read in versions up to, and including, 1.6. This is due to the bouw fetch csv data AJAX handler being registered on the wp ajax nopriv hook with no capability or nonce check, and passing the attacker-suppli...
PT-2026-56681
Summary async-tar v0.6.0 mis-applies a buffered PAX size extension to an intermediary extension header a GNU longname L, a GNU longlink K, or a PAX x/g header instead of to the next file entry. POSIX requires a PAX extended-header record set to describe the next file entry, never an intervening...
PT-2026-56348
After the application opened the PDF file, the script first reset the annotation status, then triggered the reset form event by additional action. During the re-entry process, the application access invalid objects and crashed...
PT-2026-56351
When the application opens a PDF file, during the process of JavaScript deleting pages and removing attachment annotations, it will cause the attachment panel to continue accessing invalid pointers, eventually leading to the application crashing...
PT-2026-56531
We'll be publishing five security issues CVE-2026-55106, CVE-2026-54730, CVE-2026-57580, GHSA-rv9x-92g6-9cpf, GHSA-hmrg-vpp4-gj88 and accompanying fixes on 2026-07-15, 14:00 UTC with the Severity levels High and Moderate. For more info, see the authentik Security policy here:...
PT-2026-56532
We'll be publishing five security issues CVE-2026-55106, CVE-2026-54730, CVE-2026-57580, GHSA-rv9x-92g6-9cpf, GHSA-hmrg-vpp4-gj88 and accompanying fixes on 2026-07-15, 14:00 UTC with the Severity levels High and Moderate. For more info, see the authentik Security policy here:...
PT-2026-56332
Embedding JavaScript within a PDF file will cause the page to be deleted. Subsequent scripts will continue to access the relevant properties of the document view, eventually leading to the crash of the application...
PT-2026-56330
The embedded JavaScript in the PDF deleted the pages, making the object invalid. The application attempted to perform a write operation on the invalid pop-up annotations, resulting in the program crashing...
PT-2026-56336
When the application opens a PDF and JavaScript modifies the properties of form fields, it causes the state of the underlying objects referenced by the program to become invalid. Eventually, it reads an illegal memory address, which leads to the crash of the application...
PT-2026-56340
The application opens the PDF, and JavaScript performs operations on the page and the document, causing the page-related objects within the application to lose synchronization; however, the renderer still trusts the outdated page count, and eventually the application crashes due to out-of-bounds...
PT-2026-56345
When dealing with abnormally constructed objects, there is a lack of argument validation; JavaScript triggers signature verification, but the signature plugin does not perform validation when copying the abnormal string, causing the application to crash...
PT-2026-56322
The DoLogin Security plugin for WordPress is vulnerable to Authentication Bypass via Insufficient Randomness in all versions up to, and including, 4.3. The vulnerability exists because dologins::rrand seeds the Mersenne Twister with mt sranddouble microtime 1000000 — discarding the integer-second...
PT-2026-56329
An Improper Authentication vulnerability affecting DELMIA Apriso from Release 2020 through Release 2026 could allow an attacker to gain privileged access to the server...