PT-2026-40600

ELECOM wireless LAN access point devices do not check if language parameter has an appropriate value. If a user views a malicious page while logged in, the admin page on the user's web browser may become broken...

PT-2026-40602

The Custom Twitter Feeds plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 2.5.4. This is due to insufficient output escaping in the CTF Display Elements::get post text function when rendering cached tweet text. The plugin's ctf get more posts AJAX...

PT-2026-40598

Name of the Vulnerable Software and Affected Versions ELECOM wireless LAN access point devices affected versions not specified Description An OS command injection exists in the processing of the username parameter. This allows an unauthenticated attacker to execute arbitrary OS commands by sendin...

PT-2026-40601

ELECOM wireless LAN access point devices implement CSRF protection mechanism, but with inadequate handling of CSRF tokens. If a user views a malicious page while logged in, the user may be tricked to do unintended operations...

PT-2026-40593

ELECOM wireless LAN access point devices use a hard-coded cryptographic key when creating backups of configuration files. An attacker who knows the encryption key can tamper the configuration file of the product, and a victim administrator may be tricked to use a crafted configuration file...

PT-2026-40599

Stored cross-site scripting vulnerability exists in ELECOM wireless LAN access point devices. If one of the administrators input malicious data, an arbitrary script may be executed in another administrative user's web browser...

PT-2026-40606

An arbitrary file upload vulnerability in the ShopOrderImportController.java component of qihang-wms commit 75c15a allows attackers to execute arbitrary code via uploading a crafted file...

PT-2026-40604

qihang-wms commit 75c15a was discovered to contain a SQL injection vulnerability via the datascope parameter in the SysDeptMapper.xml file. This vulnerability allows attackers to access sensitive database information, including users' Personally Identifiable Information PII...

PT-2026-40608

Name of the Vulnerable Software and Affected Versions bandit versions 1.6.1 through 1.11.0 Description An infinite loop in the do read chunked data!/5 function within lib/bandit/http1/socket.ex allows unauthenticated remote attackers to cause a denial of service via worker process exhaustion. The...

PT-2026-40611

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the pm invite user function in all versions up to, and including, 5.9.8.4. This makes it possible for authenticated attackers, with Subscriber-lev...

PT-2026-40605

qihang-wms commit 75c15a was discovered to contain a SQL injection vulnerability via the datascope parameter in the SysUserMapper.xml file. This vulnerability allows attackers to access sensitive database information, including users' Personally Identifiable Information PII via a crafted SQL...

PT-2026-40609

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 5.9.8.4. This is due to the plugin not properly verifying that a user is authorized to perform an action via the pm set group order, pm set grou...

PT-2026-40610

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to blind SQL Injection via the 'rid' parameter in all versions up to, and including, 5.9.8.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQ...

PT-2026-40612

Improper Input Validation in the NAT64 translator in The OpenThread Authors OpenThread before commit 26a882d on all platforms allows an attacker on the adjacent IPv4 network to inject corrupted IPv6 packets into the Thread mesh or bypass security checks via crafted IPv4 packets with options...

PT-2026-40603

Name of the Vulnerable Software and Affected Versions Crypt::Argon2 versions 0.017 through 0.030 Description A heap out-of-bounds read occurs in the argon2 verify function when processing empty encoded input. The auto-detect form of argon2 verify passes encoded len - 1 as the length argument to...

PT-2026-40684

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the drm/i915/vrr component where writing to TRANS VRR VMAX or FLIPLINE before enabling TRANS DDI FUNC CTL can cause a system hang with a Machine Check Exception MCE on...

PT-2026-40672

Name of the Vulnerable Software and Affected Versions BIG-IP SSL Orchestrator affected versions not specified Description A directory traversal issue allows an authenticated attacker with high privileges to overwrite, delete, or corrupt arbitrary local files. Directory traversal is a flaw that...

PT-2026-40696

In the Linux kernel, the following vulnerability has been resolved: liveupdate: luo file: remember retrieve status LUO keeps track of successful retrieve attempts on a LUO file. It does so to avoid multiple retrievals of the same file. Multiple retrievals cause problems because once the file is...

PT-2026-40700

aria2c accepts a server certificate with incorrect Extended Key Usage EKU. If the attackers compromise a certificate with the associated private key issued for a different purpose, they may be able to reuse it for TLS server authentication...

PT-2026-40665

Name of the Vulnerable Software and Affected Versions BIG-IP versions prior to 17.1.3.1 BIG-IQ versions prior to 17.5.1.4 Description An authenticated remote code execution issue exists in the BIG-IP and BIG-IQ Configuration utility. This flaw is caused by deserialization, a process where data is...

PT-2026-40691

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the mmc core where the host-claimed bit shares a word with retune flags. This configuration leads to Read-Modify-Write RMW side effects in asynchronous contexts...

PT-2026-40671

Name of the Vulnerable Software and Affected Versions F5 BIG-IP affected versions not specified BIG-IP Next SPK affected versions not specified BIG-IP Next CNF affected versions not specified BIG-IP Next for Kubernetes affected versions not specified Description Undisclosed requests can cause the...

PT-2026-40695

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the xHCI controller where a Host Controller Error HCE occurs during UAS Storage Device plug/unplug scenarios on Android devices. The xhci irq function checks for HCE,...

PT-2026-40676

Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions prior to 17.1.3.1 F5 BIG-IP versions prior to 17.5.1.4 F5 BIG-IP versions prior to 21.0.0.1 Description An authenticated attacker with the Resource Administrator or Administrator role can create SNMP configuration objects...

PT-2026-40687

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The acp3x 5682 init function fails to check the return value of clk get, which can lead to the dereferencing of error pointers within the rt5682 clk enable function. Recommendations Upda...

PT-2026-40677

Name of the Vulnerable Software and Affected Versions NGINX Open Source versions prior to 1.30.0 Description When configured to proxy HTTP/2 traffic by setting proxy http version to 2 and utilizing proxy set body, an attacker may inject frame headers and payload bytes to the upstream peer...

PT-2026-40673

Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions prior to 17.1.3.1 F5 BIG-IP versions prior to 17.5.1.4 F5 BIG-IP versions prior to 21.0.0.1 Description When embedded Packet Velocity Acceleration ePVA is configured, undisclosed local ethernet traffic can trigger an infinit...

PT-2026-40680

Name of the Vulnerable Software and Affected Versions BIG-IP affected versions not specified BIG-IQ affected versions not specified Description Incorrect permission assignment issues exist in the BIG-IP and BIG-IQ TMOS Shell tmsh 'arp' and 'ndp' commands, as well as in BIG-IP iControl REST. These...

PT-2026-40668

Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions prior to 17.1.3.2 F5 BIG-IP versions prior to 17.5.1.6 F5 BIG-IP versions prior to 21.0.0.2 Description An authenticated attacker with the Resource Administrator or Administrator role can download sensitive files via iContro...

PT-2026-40669

Name of the Vulnerable Software and Affected Versions BIG-IP versions prior to 17.1.3.2 BIG-IP versions prior to 17.5.1.6 BIG-IP versions prior to 21.0.0.2 BIG-IQ versions prior to 17.1.3.2 BIG-IQ versions prior to 17.5.1.6 BIG-IQ versions prior to 21.0.0.2 Description A highly privileged,...

PT-2026-40693

In the Linux kernel, the following vulnerability has been resolved: arm64: contpte: fix set access flags no-op check for SMMU/ATS faults contpte ptep set access flags compared the gathered ptep get value against the requested entry to detect no-ops. ptep get ORs AF/dirty from all sub-PTEs in the...

PT-2026-40670

Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions prior to 17.1.3.1 F5 BIG-IP versions prior to 17.5.1.4 Description When BIG-IP DNS is provisioned, a flaw in an undisclosed TMOS Shell tmsh command may allow a highly privileged authenticated attacker to view sensitive...

PT-2026-40674

Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions prior to 17.1.3.1 F5 BIG-IP versions prior to 17.5.1.4 F5 BIG-IP versions prior to 21.0.0.1 Description A stack-based overflow exists in F5 BIG-IP, which is a condition where a program writes more data to a buffer located on...

PT-2026-40667

Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions prior to 17.1.3.2 F5 BIG-IP versions prior to 17.5.1.6 F5 BIG-IP versions prior to 21.0.0.2 Description An authenticated attacker can send undisclosed requests to the 'iControl REST' endpoint, which may result in an...

PT-2026-40705

U-SPEED AC1200 Gigabit Wi-Fi Router Model: T18-21K V1.0 is vulnerable to Incorrect Access Control. The device exposes a UART interface that lacks authentication, authorization, or access control mechanisms. An attacker with physical access to the UART pins can connect to the interface and gain...

PT-2026-40703

striso-control-firmware 54c9722 is vulnerable to Buffer Overflow in function AuxJack...

PT-2026-40702

striso-control-firmware 54c9722 is vulnerable to Buffer Overflow in function ThreadReadButtons...

PT-2026-40706

U-SPEED AC1200 Gigabit Wi-Fi Router Model: T18-21K V1.0 is vulnerable to Command Injection. The Network Time Protocol NTP configuration interface does not properly sanitize user-supplied input. An authenticated user with permission to configure NTP settings can inject arbitrary system commands...

PT-2026-40634

Name of the Vulnerable Software and Affected Versions OpenPLC v3 2c82b0e79c53f8c1f1458eee15fec173400d6e1a Description A path injection issue exists in the binary program compiled from glue generator.cpp. The software fails to validate file path parameters passed via the command line, specifically...

PT-2026-40646

Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions prior to 17.1.3.2 F5 BIG-IP versions prior to 17.5.1.6 F5 BIG-IP versions prior to 21.0.0.2 Description When a SIP Session Initiation Protocol profile is configured on a virtual server, undisclosed traffic can cause the...

PT-2026-40651

Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions prior to 17.1.3.1 F5 BIG-IP versions prior to 17.5.1.4 BIG-IP Next SPK affected versions not specified BIG-IP Next CNF affected versions not specified BIG-IP Next for Kubernetes affected versions not specified Description Wh...

PT-2026-40620

Joomla com fabrik 3.9.11 contains a directory traversal vulnerability that allows unauthenticated attackers to list arbitrary files by manipulating the folder parameter. Attackers can send GET requests to the onAjax files method with path traversal sequences to enumerate files in system directori...

PT-2026-40647

Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions prior to 17.1.3.1 F5 BIG-IP versions prior to 17.5.1.4 Description IP-based access restrictions for httpd do not cover all endpoints, which may allow connections from blocked addresses. Recommendations Update to version...

PT-2026-40636

Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions prior to 17.1.3.2 F5 BIG-IP versions prior to 17.5.1.6 F5 BIG-IP versions prior to 21.0.0.2 Description An issue in scripted monitors allows an authenticated attacker with the Resource Administrator or Administrator role to...

PT-2026-40631

An authenticated iControl REST user with low privileges can create or modify arbitrary files through an undisclosed iControl REST endpoint on the BIG-IQ system. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

PT-2026-40624

IObit Uninstaller 9.5.0.15 contains an unquoted service path vulnerability in the IObitUnSvr service that allows local attackers to escalate privileges to SYSTEM level. Attackers can place a malicious executable named IObit.exe in the C:Program Files x86IObit directory and restart the service to...

PT-2026-40653

Name of the Vulnerable Software and Affected Versions BIG-IP versions prior to 17.1.3.2 BIG-IP versions prior to 17.5.1.6 BIG-IP versions prior to 21.0.0.2 BIG-IQ versions prior to 17.1.3.2 BIG-IQ versions prior to 17.5.1.6 BIG-IQ versions prior to 21.0.0.2 Description A privilege escalation issu...

PT-2026-40628

Buffer Overflow vulnerability in Ardupiot Copter Latest commit 92693e023793133e49a035daf37c14433e484778 allows a local attacker to cause a denial of service via the AP MSP::loop, AP MSP, AP MSP.cpp components...

PT-2026-40645

Name of the Vulnerable Software and Affected Versions BIG-IP APM affected versions not specified Description Undisclosed traffic can cause the apmd process to terminate when a BIG-IP APM access policy is configured on a virtual server. Recommendations At the moment, there is no information about ...

PT-2026-40627

Joomla J2 JOBS 1.3.0 contains an authenticated SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the 'sortby' parameter. Attackers can send POST requests to the administrator index with malicious 'sortby' values to extract...