187352 matches found
PT-2026-50707
Name of the Vulnerable Software and Affected Versions HAProxy versions prior to 3.4.0 Description An integer overflow exists in the drl field of the fcgi conn structure within the FastCGI parser. When the contentLength is 65535 and the paddingLength is 1 or more, the drl field wraps to 0. This...
PT-2026-50708
Name of the Vulnerable Software and Affected Versions HAProxy versions prior to 3.4.0 Description A null pointer dereference occurs in the hpack dht insert function within src/hpack-tbl.c because the return value of hpack dht defrag is not validated when the memory pool is exhausted. An attacker...
PT-2026-50639
The Customize My Account For Woocommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'sysbasics user avatar' shortcode in versions up to, and including, 4.3.6. This is due to insufficient input sanitization and output escaping on user supplied attributes min height,...
PT-2026-50820
Name of the Vulnerable Software and Affected Versions AVer PTC500S affected versions not specified AVer PTC115 affected versions not specified AVer PTC500+ affected versions not specified AVer PTC115+ affected versions not specified Description Improper input validation in these networked...
PT-2026-50795
Name of the Vulnerable Software and Affected Versions mcp-pinot versions prior to 3.1.0 Description mcp-pinot is a Python-based Model Context Protocol MCP server for interacting with Apache Pinot. The software defaults to running an HTTP MCP server bound to 0.0.0.0:8080 without authentication. Th...
PT-2026-50743
Name of the Vulnerable Software and Affected Versions opentelemetry-collector-contrib affected versions not specified Description The githubreceiver webhook handler fails to enforce the required headers configuration. While these headers are validated during startup, they are not checked on...
PT-2026-50788
Name of the Vulnerable Software and Affected Versions Node.js versions prior to 26.3.1-1.1 Description Security issues were identified in Node.js that could compromise server infrastructure. Recommendations Update to version 26.3.1-1.1...
PT-2026-50738
Name of the Vulnerable Software and Affected Versions ZITADEL versions 4.0.0 through 4.11.0 ZITADEL versions 3.0.0 through 3.4.11 Description An authentication bypass exists in the external JWT Identity Provider IdP implementation. While the system validates the cryptographic signature and the...
PT-2026-50339
Unauthenticated PHP Object Injection in Thrive Apprentice 10.8.10.2 versions...
PT-2026-50565
Name of the Vulnerable Software and Affected Versions Steeltoe.Management.Endpoint versions prior to 4.2.0 Steeltoe.Management.EndpointCore versions prior to 3.4.0 Description Steeltoe actuator endpoints default to EndpointPermissions.Restricted, which maps to Cloud Foundry's read basic data...
PT-2026-50571
Name of the Vulnerable Software and Affected Versions ThingsBoard affected versions not specified Description Prototype pollution occurs when an attacker can manipulate the prototype of an object, potentially leading to arbitrary code execution within a sandboxed context. This issue can be...
PT-2026-50523
Hermes WebUI before 0.51.443 contains an authorization bypass vulnerability in the session export endpoint that allows authenticated users to access sessions from other profiles. The handle session export handler in api/routes.py fails to verify active-profile ownership before serializing session...
PT-2026-50251
Name of the Vulnerable Software and Affected Versions Trivy versions prior to 0.71.1 Description Trivy improperly trusts the org.opencontainers.image.title annotation in an OCI artifact manifest, using it as the destination filename when downloading content without proper validation or...
PT-2026-50547
Today I received a public security credit for a vulnerability I responsibly disclosed: CVE-2026-54683 – Improper authorization in NL Portal The vulnerability allowed any authenticated portal user to download documents belonging to other users when they had access to a valid document identifier. A...
PT-2026-50272
Unauthenticated Cross Site Scripting XSS in Sonaar = 4.27.4 versions...
PT-2026-50301
Unauthenticated Local File Inclusion in Mikado Core = 1.6 versions...
PT-2026-50412
Unauthenticated Arbitrary File Deletion in WorkScout-Core = 1.7.11 versions...
PT-2026-50601
Name of the Vulnerable Software and Affected Versions Deno versions prior to 2.7.5 Description A Deno program opening a client WebSocket connection can be crashed by a remote server. During the WebSocket handshake response, Deno parsed the 'Sec-WebSocket-Protocol' and 'Sec-WebSocket-Extensions'...
PT-2026-50310
Unauthenticated Cross Site Scripting XSS in WPZOOM Addons for Elementor = 1.3.4 versions...
PT-2026-50332
Unauthenticated Privilege Escalation in LoginPress Pro = 6.2.2 versions...
PT-2026-50344
Unauthenticated Arbitrary File Upload in SigmaForms Pro – AI Generated Forms = 1.4.5 versions...
PT-2026-50225
In SettingsLib, there is a possible way to disable system components due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
PT-2026-50374
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themify Folo allows Reflected XSS. This issue affects Themify Folo: from n/a through 1.9.6...
PT-2026-50287
Subscriber Arbitrary File Download in Woocommerce Book Price = 1.3 versions...
PT-2026-50340
Unauthenticated Broken Authentication in wpForo Forum = 3.1.0 versions...
PT-2026-50327
Unauthenticated Cross Site Scripting XSS in Profile Builder Pro = 3.15.0 versions...
PT-2026-50241
In MmsSmsProvider of MmsSmsProvider.java, there is a possible way to retrieve sensitive information due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
PT-2026-50239
Name of the Vulnerable Software and Affected Versions Android affected versions not specified Description A logic error in the transfer function of the PackageInstaller.Session class within frameworks/base/services/core/java/com/android/server/pm/PackageInstallerSession.java allows for a memory...
PT-2026-50350
Unauthenticated Cross Site Scripting XSS in JetEngine = 3.8.10 versions...
PT-2026-50322
Unauthenticated Cross Site Scripting XSS in collectchat = 2.4.9 versions...
PT-2026-50424
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Webilia Inc. Listdom allows Blind SQL Injection. This issue affects Listdom: from n/a through 5.4.0...
PT-2026-50387
Deserialization of Untrusted Data vulnerability in EMV The Hospital nrghospital allows Object Injection. This issue affects The Hospital: from n/a through 1.8.1...
PT-2026-50400
Unauthenticated PHP Object Injection in Hiroshi = 1.5.1 versions...
PT-2026-50457
Name of the Vulnerable Software and Affected Versions Katello of Red Hat Satellite affected versions not specified Description Insufficient authorization checks in the ContentUploadsController within the content upload functionality allow authenticated users with the edit products permission to...
PT-2026-50379
Open redirection vulnerability in the authentication system allows an attacker to use manipulated values in the X-Forwarded-Host header to alter the URLs generated by the application. A successful exploit could redirect authenticated users to malicious sites following login procedures or...
PT-2026-50254
The Counter Box – Add Countdowns, Timers & Dynamic Counters to WordPress plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.0.13 via deserialization of untrusted input . This makes it possible for authenticated attackers, with administrator-level...
PT-2026-50279
Unauthenticated Local File Inclusion in Promo = 1.3.0 versions...
PT-2026-50390
Unauthenticated Cross Site Scripting XSS in Avante 3.0.5 versions...
PT-2026-50299
Unauthenticated Deserialization of untrusted data in Slimstat Analytics 5.4.0 versions...
PT-2026-50568
Name of the Vulnerable Software and Affected Versions Steeltoe.Configuration.Encryption versions 4.0.0 through 4.1.0 Description Steeltoe is an open source project providing libraries for building cloud-native applications. An issue exists where configuring the encrypt:rsa:algorithm variable with...
PT-2026-50356
Subscriber Privilege Escalation in SMS Alert Order Notifications = 3.9.4 versions...
PT-2026-50381
Quanos SCHEMA ST4 on-premises contains a local privilege escalation vulnerability in the Client Update Service. The update service runs as NT AUTHORITYSYSTEM and exposes a .NET Remoting interface over a named pipe without sufficient access controls or authorization. A local authenticated...
PT-2026-50270
Unauthenticated Local File Inclusion in Joly = 1.22.0 versions...
PT-2026-50311
Contributor Local File Inclusion in Element Pack Pro = 9.0.6 versions...
PT-2026-50273
Subscriber Privilege Escalation in Sonaar = 4.27.4 versions...
PT-2026-50317
Subscriber Arbitrary File Upload in Restaurant Zone = 0.7.8 versions...
PT-2026-50534
Name of the Vulnerable Software and Affected Versions Network-AI versions prior to 5.7.2 Description The MCP SSE server allows unauthenticated cross-origin MCP tool invocation because the server defaults to an empty secret and the isAuthorized function returns true when the secret is empty. While...
PT-2026-50605
Name of the Vulnerable Software and Affected Versions handlebars versions prior to 4.5.2 Description Applications that pass user-controlled input to the Handlebars.compile function using a FileTemplateLoader or ClassPathTemplateLoader are susceptible to arbitrary file read. This occurs when web...
PT-2026-50330
Name of the Vulnerable Software and Affected Versions JetSmartFilters versions prior to 3.8.2 Description An unauthenticated SQL Injection allows an attacker to interfere with the queries that an application makes to its database. This occurs in the JetSmartFilters WordPress plugin. Recommendatio...
PT-2026-50240
In Contacts Provider, there is a possible way to access the contacts database due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...