PT-2026-40915

Authorization bypass through User-Controlled key vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. Library Automation System allows Exploitation of Trusted Identifiers. This issue affects Library Automation System: from v.21.6 befor...

PT-2026-40906

Name of the Vulnerable Software and Affected Versions Apache Commons versions 2.2 through 2.14.x Description An uncontrolled recursion issue exists when processing untrusted configuration files. Specifically, the software throws a StackOverflowError—a runtime error that occurs when the call stack...

PT-2026-41062

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.168 Description A use after free issue in Accessibility allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape by using a crafted HTML page. Use afte...

PT-2026-41137

Summary A gym trainer can escalate their session to any higher-privileged account gym manager, general manager by chaining two calls to the trainer-login endpoint. Once a trainer performs a legitimate switch into a low-privileged user, the session flag trainer.identity is set and this flag alone...

PT-2026-40855

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 18.5 through 18.9.6 GitLab CE/EE versions 18.10 through 18.10.5 GitLab CE/EE versions 18.11 through 18.11.2 Description An issue exists where an unauthenticated user can cause a denial of service by sending specially...

PT-2026-40904

An integer overflow vulnerability in the simdjson document-builder API allows incorrect buffer size calculations in "string builder::escape and append" when processing very large input strings on platforms with limited "size t" width e.g., 32-bit builds. The overflow can cause insufficient buffer...

PT-2026-41045

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.168 Description Insufficient validation of untrusted input in DataTransfer allows a remote attacker to obtain potentially sensitive information from process memory. This occurs when a user is convince...

PT-2026-40914

Authorization bypass through User-Controlled key vulnerability in Im Park Information Technology, Electronics, Press, Publishing and Advertising, Education Ltd. Co. DijiDemi allows Privilege Abuse. This issue affects DijiDemi: from v4.5.12.1 before v4.5.13.0...

PT-2026-41091

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.168 Description Side-channel information leakage in Navigation allows a remote attacker to leak cross-origin data through the use of a crafted HTML page. Side-channel attacks are methods used to extra...

PT-2026-41132

An internal regex in the Svelte runtime can take exponential time to test in . You are only vulnerable to this if you allow tags of unconstrained length. If your application only allows a predetermined list of tags or trims their length before passing them to svelte:element, you are safe...

PT-2026-41151

Name of the Vulnerable Software and Affected Versions go-billy versions prior to 5.9.0 Description Multiple path traversal issues exist across different components of the software due to insufficient path sanitization and boundary enforcement. This allows crafted paths, such as those using .., to...

PT-2026-41169

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.3 Description The "POST /api/v1/notes/id/pin" endpoint performs a write operation by toggling the is pinned field but incorrectly validates only for read permission. This allows users who have read-only access ...

PT-2026-41129

Summary A command injection vulnerability was identified in shivammathur/setup-php when the action resolves the PHP version from repository-controlled files and uses that value while generating the platform setup script. In affected versions, setup-php may read the PHP version from: - .php-versio...

PT-2026-41057

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.168 Description Insufficient validation of untrusted input in SiteIsolation allows a remote attacker who has compromised the renderer process to bypass Site Isolation using a crafted HTML page. Site...

PT-2026-41136

Summary Any authenticated user can read another user's private workout session notes, exercise history, and training statistics by calling the /logs/ and /stats/ actions on a routine they do not own. The RoutinePermission class grants read access to any authenticated user when a routine has is...

PT-2026-41155

Name of the Vulnerable Software and Affected Versions ApostropheCMS versions prior to 4.29.0 Description The password reset flow in the resetRequest route of the modules/@apostrophecms/login/index.js component constructs the reset URL using req.hostname. When apos.baseUrl is not explicitly...

PT-2026-40724

Name of the Vulnerable Software and Affected Versions claude-code-cache-fix versions 3.5.0 through 3.5.1 Description The tools/quota-statusline.sh script interpolates the Claude Code hook stdin payload directly into a Python triple-quoted string literal. A ''' byte sequence in any user-controlled...

PT-2026-40793

Name of the Vulnerable Software and Affected Versions Grafana affected versions not specified Description A flaw in SQL Expressions enables an authenticated attacker to read arbitrary files from the server's filesystem. This issue only affects instances where the sqlExpressions feature toggle is...

PT-2026-40794

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A race condition exists where a user may still be able to mint tokens for a service account for a few seconds after their access has been revoked. Recommendation...

PT-2026-40692

In the Linux kernel, the following vulnerability has been resolved: nouveau/gsp: drop WARN ON in ACPI probes These WARN ONs seem to trigger a lot, and we don't seem to have a plan to fix them, so just drop them, as they are most likely harmless...

PT-2026-40579

The JoomSport – for Sports: Team & League, Football, Hockey & more plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'sortf' parameter in all versions up to, and including, 5.7.7 due to insufficient escaping on the user supplied parameter and lack of sufficient...

PT-2026-40632

Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions prior to 17.1.3.2 F5 BIG-IP versions prior to 17.5.1.6 F5 BIG-IP versions prior to 21.0.0.2 Description When running in Appliance mode, a directory traversal issue exists in an undisclosed iControl REST endpoint. This allows...

PT-2026-40783

Name of the Vulnerable Software and Affected Versions Grafana affected versions not specified Description An authenticated user with access to the Grafana Live API can cause unbounded memory allocation by sending a large or streaming request body to the 'push' endpoint. This can lead to...

PT-2026-40707

Hiseeu C90 v5.7.15 is vulnerable to Insecure Permissions. The UART bootloader is accessible when battery is disconnected hidden/debug mode...

PT-2026-40833

Name of the Vulnerable Software and Affected Versions Strapi versions prior to 5.45.0 Description The rate-limit middleware in the users-permissions plugin incorrectly derives its rate-limit key using ctx.request.body.email, even on routes where the body schema does not require an email field, su...

PT-2026-40689

In the Linux kernel, the following vulnerability has been resolved: sched ext: Disable preemption between scx claim exit and kicking helper work scx claim exit atomically sets exit kind, which prevents scx error from triggering further error handling. After claiming exit, the caller must kick the...

PT-2026-40698

A potential vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow a remote authenticated user on the local network to execute arbitrary commands on the device...

PT-2026-40816

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to May 13, 2026 Description A local privilege escalation issue exists in the Linux kernel networking stack, specifically within the XFRM ESP-in-TCP subsystem. The problem stems from a logical error in several...

PT-2026-40694

In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Disable LPM on ST1000DM010-2EP102 According to a user report, the ST1000DM010-2EP102 has problems with LPM, causing random system freezes. The drive belongs to the same BarraCuda family as the ST2000DM008-2FR102...

PT-2026-40719

Name of the Vulnerable Software and Affected Versions Nautobot versions prior to 2.4.33 Nautobot versions prior to 3.1.2 Description The Webhook data model and associated feature set can be configured by users with sufficient access to perform requests to unauthorized hosts and IP addresses. This...

PT-2026-40633

Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions prior to 17.1.3.1 F5 BIG-IP versions prior to 17.5.1.4 Description When BIG-IP DNS is provisioned, the 'gtm add' and 'bigip add' iControl REST commands return the ssh-password parameter in cleartext within the iControl REST...

PT-2026-40757

Name of the Vulnerable Software and Affected Versions PAN-OS affected versions not specified Description Multiple command injection flaws in PAN-OS software allow an authenticated administrator to bypass system restrictions and execute arbitrary commands with root privileges. Exploitation require...

PT-2026-40573

Improper input validation in Routines prior to SMR May-2026 Release 1 allows physical attackers to launch privileged activity...

PT-2026-40802

Name of the Vulnerable Software and Affected Versions CPython affected versions not specified Description The ftpcp function in Lib/ftplib.py fails to use the actual peer address, instead trusting the host address supplied by the server during a PASV command. This occurs because ftpcp calls...

PT-2026-40790

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An issue exists in the Auth Proxy feature where IPv6 allow-lists default to /32 addresses. This behavior is specific to the Auth Proxy and does not impact other...

PT-2026-40755

Name of the Vulnerable Software and Affected Versions Palo Alto Networks PAN-OS affected versions not specified Description A server-side request forgery SSRF issue in the IKEv2 implementation allows an unauthenticated attacker to force the firewall to send network requests to unintended...

PT-2026-40567

The ilGhera Support System for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'get ticket content callback' function in all versions up to, and including, 1.3.0. This makes it possible for unauthenticated attackers to view an...

PT-2026-40575

Improper privilege management in Samsung System Support Service prior to version 8.0.8.0 allows local attackers to trigger privileged functions...

PT-2026-40754

Name of the Vulnerable Software and Affected Versions PAN-OS versions prior to 10.2.7 PAN-OS version 10.2.8 PAN-OS version 10.2.9 PAN-OS version 10.2.10 PAN-OS version 10.2.11 Prisma Access affected versions not specified Description Authentication bypass issues in the GlobalProtect portal and...

PT-2026-40639

Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions prior to 17.1.3.1 F5 BIG-IP versions prior to 17.5.1.4 F5 BIG-IP versions prior to 21.0.0.1 Description An authenticated iControl SOAP user can obtain information regarding other accounts through a privilege assignment issue...

PT-2026-40529

Name of the Vulnerable Software and Affected Versions MongoDB Server versions prior to 7.0.34 MongoDB Server versions prior to 8.0.23 MongoDB Server versions prior to 8.2.9 MongoDB Server versions prior to 8.3.2 Description When schema validation is enabled on a collection, an update or insert...

PT-2026-40531

Name of the Vulnerable Software and Affected Versions MongoDB Server versions prior to 7.0.34 MongoDB Server versions prior to 8.0.23 MongoDB Server versions prior to 8.2.9 MongoDB Server versions prior to 8.3.2 Description An authenticated user can cause a denial-of-service by crashing mongod...

PT-2026-40530

Name of the Vulnerable Software and Affected Versions mongocryptd versions prior to 7.0.34 mongocryptd versions prior to 8.0.23 mongocryptd versions prior to 8.2.9 mongocryptd versions prior to 8.3.2 Description A use-after-free issue exists in the Field-Level Encryption FLE query analysis...

PT-2026-40528

Name of the Vulnerable Software and Affected Versions MongoDB Server versions prior to 7.0.34 MongoDB Server versions prior to 8.0.23 MongoDB Server versions prior to 8.2.9 MongoDB Server versions prior to 8.3.2 Description An authenticated user can cause excessive memory usage during the...

PT-2026-40552

Name of the Vulnerable Software and Affected Versions MongoDB Server versions prior to 7.0.34 MongoDB Server versions prior to 8.0.23 MongoDB Server versions prior to 8.2.9 MongoDB Server versions prior to 8.3.2 Description An authenticated user with aggregation permissions can cause CPU...

PT-2026-40559

The Broadstreet plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the create advertiser AJAX action in all versions up to, and including, 1.53.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to create...

PT-2026-40564

The Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More plugin for WordPress is vulnerable to generic SQL Injection via the 's' parameter in all versions up to, and including, 1.8.10.4 due to insufficient escaping on the user supplied parameter and lack of...

PT-2026-40561

The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'permission message' parameter in all versions up to, and including, 6.2.1 due to insufficient input sanitization and output escapin...

PT-2026-40565

Name of the Vulnerable Software and Affected Versions coreActivity: Activity Logging for WordPress versions prior to 3.1 Description The plugin is susceptible to PHP Object Injection, a condition where untrusted data is passed to a deserialization function, potentially allowing the execution of...

PT-2026-40557

The Cost Calculator Builder plugin for WordPress is vulnerable to Unauthenticated Price Manipulation and Insecure Direct Object Reference IDOR in all versions up to, and including, 4.0.1 only when used in combination with Cost Calculator Builder PRO. This is due to the ccb woocommerce payment AJA...