184419 matches found
PT-2026-56516
Astro is a web framework for content-driven websites. Version 6.4.7 performs authorization decisions on a partially decoded pathname after reaching the iterative URL decoder limit, while later rewrite route matching performs an additional decodeURI operation and can resolve the request to a...
PT-2026-56496
protobufjs compiles protobuf definitions into JavaScript JS functions. From 8.2.0 until 8.6.5, the protobufjs Text Format extension parsed string-keyed map entries using ordinary property assignment, allowing a map entry with key proto to change the prototype of the returned map object instead of...
PT-2026-56488
Name of the Vulnerable Software and Affected Versions Socket.IO versions 4.1.0 through 6.6.6 Description The Engine.IO protocol v4 polling transport fails to properly close the HTTP response when receiving invalid binary POST requests that use the Content-Type: application/octet-stream header. Th...
PT-2026-56502
Name of the Vulnerable Software and Affected Versions linkify-it versions prior to 5.0.2 Description The mailto: schema validator used by the .test and .match functions can be triggered at every occurrence of mailto: and scan the remaining input via src email name in lib/re.mjs. This behavior lea...
PT-2026-56506
Hono is a Web application framework that provides support for any JavaScript runtime. From 4.11.8 before 4.12.27, hono/jsx did not isolate context values per request during server-side rendering, allowing createContext, useContext, jsxRenderer, or useRequestContext data from a different in-flight...
PT-2026-56436
n8n before 2.8.0 contains a cross-site scripting vulnerability in the credential management flow where authenticated users can inject malicious JavaScript URLs into OAuth2 credential Authorization URL fields. Attackers can craft malicious credentials and trick victims into clicking the OAuth...
PT-2026-56443
n8n before 2.25.7 and 2.26.x before 2.26.2 contains an authorization bypass in the Public API execution retry endpoint, which authorizes access using the workflow:read scope instead of workflow:execute. An authenticated user with read-only access to a shared workflow can use the Public API to ret...
PT-2026-56678
Overview A path traversal vulnerability is possible via the COAR Notify / LDN service in DSpace. This vulnerability impacts DSpace versions 8.0 = 8.3, 9.0 = 9.2. The attacker MUST already have DSpace administrator credentials in order to perform the attack. When reading a file input stream of an...
PT-2026-56676
Overview The Curation Task feature allows an output path to be used by the reporter -r parameter, typically used to stream results and status of curation task operations. It is not restricted to any particular base path, meaning that any path writable by the DSpace often 'tomcat' user is allowed...
PT-2026-56677
Overview Remote Code Execution RCE is possible via Velocity Templates used by DSpace for COAR Notify/LDN messages. This vulnerability impacts DSpace versions 8.0 = 8.3, 9.0 = 9.2. The attacker MUST already have DSpace administrator credentials in order to perform the attack. This attack is relate...
PT-2026-56608
Appium is a cross-platform automation framework for all kinds of apps, built on top of the W3C WebDriver protocol. Prior to 10.7.0, Appium's base-driver unconditionally mounts the /test/guinea-pig, /test/guinea-pig-scrollable, and /test/guinea-pig-app-banner routes, and compileLodashTemplate...
PT-2026-56581
NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12, a client able to send account-scoped connection monitoring requests could crash the server by supplying Connz pagination Offset and Limit values that overflowed internal...
PT-2026-56561
NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.1 and 2.12.9, an MQTT client could include protocol control characters in subscription filters that were later forwarded as NATS protocol data to route or leafnode connections, corrupti...
PT-2026-56536
LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.27.1, the pop array filter at src/filters/array.ts allocated a full clone of its input array via ...toArrayv without calling this.context.memoryLimit.use..., allowing a template render such as huge arr...
PT-2026-56490
Name of the Vulnerable Software and Affected Versions js-yaml versions 3.0.0 through 3.14.x js-yaml versions 4.0.0 through 4.2.x Description js-yaml can consume quadratic CPU time when parsing a document that grows linearly in size. This occurs when a chain of mappings utilizes merge keys, where...
PT-2026-56487
Name of the Vulnerable Software and Affected Versions Socket.IO versions 6.5.0 through 6.6.6 Description Engine.IO servers with WebTransport enabled are susceptible to a denial of service. During WebTransport upgrade handling, the server can resolve a crafted session ID, such as proto , through a...
PT-2026-56489
js-yaml is a JavaScript YAML parser and dumper. From 5.0.0 before 5.2.0, when merge keys are enabled, js-yaml can spend quadratic CPU time parsing a document whose size grows only linearly when a chain of mappings uses merge keys where each mapping merges the previous one. This issue is fixed in...
PT-2026-56504
Name of the Vulnerable Software and Affected Versions @opentelemetry/propagator-jaeger versions prior to 2.9.0 Description The @opentelemetry/propagator-jaeger component decodes incoming uber-trace-id and uberctx- HTTP header values using the decodeURIComponent function without proper error...
PT-2026-56505
Hono is a Web application framework that provides support for any JavaScript runtime. From 4.0.0 before 4.12.27, cx in hono/css composes class names from plain strings but marks the result as already escaped without HTML-escaping the input, allowing untrusted className values used in a JSX class...
PT-2026-56442
n8n before 1.123.55, 2.25.7, and 2.26.2 contains an authorization bypass in the POST /workflows/workflowId/test-runs/new endpoint, which authorizes access using the workflow:read scope instead of workflow:execute. An authenticated user with read-only access to a workflow can trigger a real...
PT-2026-56448
n8n before 1.123.61, 2.x before 2.27.4, and 2.28.x before 2.28.1 contains a SQL injection vulnerability in the legacy MySQL v1 node's executeQuery operation. The operation substitutes evaluated ... expression values directly into the raw SQL string without parameterization. When a workflow uses...
PT-2026-56447
n8n before 2.28.0 contains an improper authorization vulnerability allowing authenticated users to assign workflows to folders in other projects. Attackers can bypass project and folder authorization boundaries by supplying crafted request payloads during workflow creation, causing logical...
PT-2026-56625
Name of the Vulnerable Software and Affected Versions Cline versions prior to 3.0.30 Description The Cline Hub dashboard server, initiated via the cline dashboard command, fails to validate the Origin header for WebSocket connections on the /browser endpoint. When the ROOM SECRET is unset for loc...
PT-2026-56582
NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12, a WebSocket listener could route requests for the MQTT-over-WebSocket path into MQTT handling even when MQTT was not configured, allowing an unauthenticated client with...
PT-2026-56342
During the process of page opening and form formatting, a JavaScript reentrancy results in an inconsistent document status. Subsequently, with outdated page information, the application attempts to access invalid addresses, causing the application to crash...
PT-2026-56570
IBM WebSphere Application Server is affected by a cross-site request forgery vulnerability CVE-2026-8408 https://t.co/dB0G7EZZaG...
PT-2026-56483
CyberChef is a web app for encryption, encoding, compression, and data analysis. Prior to 11.2.0, the Series Chart operation accepts proto as a key while parsing user-supplied CSV, allowing prototype pollution that can be chained with operations such as Parse UDP to inject malicious JavaScript in...
PT-2026-56418
Name of the Vulnerable Software and Affected Versions Tanium Server affected versions not specified Description A denial of service issue exists in Tanium Server that can be exploited over the network without authentication, potentially leading to service disruption. Recommendations At the moment...
PT-2026-56838
These are all security issues fixed in the libmbedtls23-4.2.0-1.1 package on the GA media of openSUSE Tumbleweed...
PT-2026-56835
These are all security issues fixed in the libmbedtls23-4.2.0-1.1 package on the GA media of openSUSE Tumbleweed...
PT-2026-56844
These are all security issues fixed in the libmbedtls23-4.2.0-1.1 package on the GA media of openSUSE Tumbleweed...
PT-2026-56846
These are all security issues fixed in the libmbedtls23-4.2.0-1.1 package on the GA media of openSUSE Tumbleweed...
PT-2026-56848
These are all security issues fixed in the libmbedtls23-4.2.0-1.1 package on the GA media of openSUSE Tumbleweed...
PT-2026-56847
These are all security issues fixed in the libmbedtls23-4.2.0-1.1 package on the GA media of openSUSE Tumbleweed...
PT-2026-56850
These are all security issues fixed in the libmbedtls23-4.2.0-1.1 package on the GA media of openSUSE Tumbleweed...
PT-2026-56849
These are all security issues fixed in the libmbedtls23-4.2.0-1.1 package on the GA media of openSUSE Tumbleweed...
PT-2026-56607
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.9.1-alpha.13 and 8.6.83, a LiveQuery subscriber could receive object field values they were not authorized to read when a single save changed both an object field and the subscriber'...
PT-2026-56285
Name of the Vulnerable Software and Affected Versions WebPros Plesk versions prior to 18.0.78.4 Description Incorrect authorization in the XML-RPC API allows a low-privileged authenticated customer to look up domains they do not own. This occurs because ownership is enforced only for specific...
PT-2026-56397
Name of the Vulnerable Software and Affected Versions Imager versions prior to 1.033 Description Imager for Perl incorrectly treats unsigned EXIF IFD Image File Directory entry counts as signed. When processing large entry count values, the software interprets them as negative numbers, which can...
PT-2026-56454
In Adalo’s no-code app builder, Versions 1 and 2 the attackers may extract full user records and correlate user behavior across multiple applications via dbId enumeration. The platform does not implement data minimization, privacy by design, or implement appropriate technical safeguards, allowing...
PT-2026-56535
A protection mechanism failure in the Code 27 Companion Hub allows an attacker with physical access to completely bypass kiosk restrictions via a factory reset...
PT-2026-56573
Incorrect Authorization vulnerability in Progress MOVEit Transfer Audit User module. This issue affects MOVEit Transfer: before 2025.0.7, from 2025.1.0 before 2025.1.3...
PT-2026-56571
Relative path traversal vulnerability in Progress MOVEit Transfer Admin Settings module. This issue affects MOVEit Transfer: before 2025.0.7, from 2025.1.0 before 2025.1.3...
PT-2026-56572
Limited authentication bypass by spoofing vulnerability in Progress MOVEit Transfer HTTPS module. This issue affects MOVEit Transfer: before 2025.0.7, from 2025.1.0 before 2025.1.3...
PT-2026-56599
pcapng file parser crash in Wireshark 4.6.0 to 4.6.6 allows denial of service...
PT-2026-56595
UMTS FP protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service...
PT-2026-56586
Name of the Vulnerable Software and Affected Versions PAN-OS versions prior to 12.1.8 PAN-OS versions prior to 11.2.13 PAN-OS versions prior to 11.1.16 PAN-OS versions prior to 10.2.18-h8 Description A command injection issue exists in the management plane of the software, specifically within the...
PT-2026-56597
SSH protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service...
PT-2026-56585
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.5 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user to create a repository where the content displayed in the web interface differed from t...
PT-2026-56538
Zeep is a Python SOAP client. From 4.0.0 before 4.3.3, Settings.forbid external is defined but not enforced when parsing WSDL or XSD documents, allowing transitive xsd:import, xsd:include, wsdl:import, and lxml entity or DTD references to fetch attacker-chosen HTTP or HTTPS URLs. This issue is...