PT-2026-47274

A flaw was found in Quay. The filedrop endpoint accepts any mime type without validation, allowing an authenticated user with repository write access to upload a malicious SVG file containing JavaScript. The file is stored and served inline through the CDN, enabling stored cross-site scripting wh...

PT-2026-47276

Name of the Vulnerable Software and Affected Versions Check Point Remote Access VPN, Mobile Access, and Spark firewalls versions R80.20.X through R82.10 Description A logic flow weakness in the certificate validation of the deprecated IKEv1 key exchange allows an unauthenticated remote attacker t...

PT-2026-47275

The Recipe Card Blocks Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the recipe block's 'summary' and 'notes' attributes in all versions up to, and including, 3.4.13. This is due to the 'WPZOOM Helpers::deserialize block attributes' method converting unicode-encoded...

PT-2026-47273

A security flaw has been discovered in CodeAstro Leave Management System 1.0. This affects an unknown part of the file /admin/add leave.php. Performing a manipulation of the argument type of leave results in sql injection. It is possible to initiate the attack remotely. The exploit has been...

PT-2026-47267

Name of the Vulnerable Software and Affected Versions Tenda CX12L version 16.03.53.12 Description A stack-based buffer overflow can be triggered remotely via the Wi-Fi Schedule Configuration Endpoint. The issue exists within the setSchedWifi function located in the /goform/openSchedWifi file. Thi...

PT-2026-47271

A vulnerability was determined in CodeAstro Leave Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/search staff to assign pc.php. This manipulation of the argument Name causes sql injection. The attack is possible to be carried out remotely. The...

PT-2026-47268

A flaw has been found in GL.iNet A1300, AX1800, AXT1800, MT2500, MT3000, MT6000, X3000 and XE3000 4.8.x. This affects an unknown function of the component glnassys. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack may be launched remotely. The attack requires ...

PT-2026-47270

A vulnerability was found in CodeAstro Leave Management System 1.0. Affected is an unknown function of the file /admin/delete leave type.php. The manipulation of the argument leave type results in sql injection. The attack can be executed remotely. The exploit has been made public and could be us...

PT-2026-47269

A vulnerability has been found in CodeAstro Leave Management System 1.0. This impacts an unknown function of the file /admin/search staff for deletion.php. The manipulation of the argument Name leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed t...

PT-2026-47272

A vulnerability was identified in CodeAstro Leave Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/search staff for updation.php. Such manipulation of the argument Name leads to sql injection. The attack may be performed from remote...

PT-2026-47297

Shenzhen Tenda Technology Co., Ltd Tenda AC1206 v15.03.06.23 was discovered to contain multiple stack overflows in the fromGstDhcpSetSer function via the username and password parameters. These vulnerabilities allow attackers to cause a Denial of Service DoS via a crafted HTTP request...

PT-2026-47298

Name of the Vulnerable Software and Affected Versions ninenines gun versions 2.0.0 through 2.3.x Description An origin validation error in the gun http2 module allows cross-origin cookie injection through an unvalidated HTTP/2 PUSH PROMISE authority. In the push promise frame function, the...

PT-2026-47301

Name of the Vulnerable Software and Affected Versions Routinator affected versions not specified Description Routinator exits upon encountering any error while accepting incoming HTTP or RTR connections. This includes recoverable errors, such as exhausting available file descriptors. An attacker...

PT-2026-47295

A security vulnerability has been detected in Mohammed-eid35 bank-management-system-springboot up to 7b9bcc65ad7df3db29af71aed9bb500e5f24d948. This affects an unknown part of the file src/main/java/com/alien/bank/management/system/controller/TransactionController.java of the component Transaction...

PT-2026-47293

Name of the Vulnerable Software and Affected Versions SourceCodester Inventory System version 1.0 Description An improper authorization issue exists in the Account Creation Handler component within the file '/Product Inventory/api/users handler.php'. A remote attacker can manipulate the ROLE...

PT-2026-47291

Name of the Vulnerable Software and Affected Versions UTT HiPER 2610G versions prior to 3.0.0-171107 Description A remote buffer overflow can occur due to the use of the strcpy function within the /goform/formConfigDnsFilterGlobal file. This issue is triggered by manipulating the GroupName...

PT-2026-47290

Name of the Vulnerable Software and Affected Versions UTT HiPER 2610G versions prior to 3.0.0-171107 Description A buffer overflow occurs in the strcpy function within the /goform/formNatStaticMap file. This issue is triggered by manipulating the NatBinds argument. Recommendations Update to a...

PT-2026-47294

Name of the Vulnerable Software and Affected Versions SourceCodester Inventory System version 1.0 Description A weakness in the header.php file allows for remote cross-site scripting XSS, a technique where malicious scripts are injected into trusted websites. This issue involves unknown...

PT-2026-47299

Name of the Vulnerable Software and Affected Versions ninenines gun versions 1.0.0 through 2.3.x Description Uncontrolled Resource Consumption in the gun http module allows a malicious server to exhaust client memory through unbounded HTTP/1.1 response buffering. In the handle/5 function, three...

PT-2026-47300

Name of the Vulnerable Software and Affected Versions gun versions 2.0.0 through 2.3.x Description An issue in the gun http module allows a malicious HTTP server to force a client into raw protocol mode by sending an unsolicited 101 Switching Protocols response. In the handle inform/8 function, t...

PT-2026-47296

QloApps through 1.7.0 contains a stored cross-site scripting vulnerability in the admin file manager that allows authenticated administrators to inject malicious JavaScript by uploading crafted SVG files. Attackers can embed JavaScript event handlers such as onload within SVG files uploaded throu...

PT-2026-47278

Name of the Vulnerable Software and Affected Versions Bolt CMS versions prior to 3.7.6 Description An issue exists in the HTML Attribute Handler component within the file src/Storage/Field/Type/TextType.php. A remote attacker can perform HTML injection by manipulating the style argument. This...

PT-2026-47283

Name of the Vulnerable Software and Affected Versions Keycloak affected versions not specified Description An improper access control flaw exists where a limited administrator can bypass Fine-Grained Admin Permissions FGAP, which are detailed permissions that restrict administrative actions to...

PT-2026-47281

A flaw has been found in itsourcecode Hospital Management System 1.0. The affected element is an unknown function of the file /addpatient.php. This manipulation of the argument admissiontme causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used...

PT-2026-47280

A vulnerability was detected in itsourcecode Hospital Management System 1.0. Impacted is an unknown function of the file /adminaccount.php. The manipulation of the argument Date results in sql injection. The attack can be launched remotely. The exploit is now public and may be used...

PT-2026-47279

A security vulnerability has been detected in itsourcecode Hospital Management System 1.0. This issue affects some unknown processing of the file /billing.php. The manipulation of the argument patientid leads to cross site scripting. The attack can be initiated remotely. The exploit has been...

PT-2026-47286

Stored cross-site scripting in the global settings change log in Checkmk 2.5.0p5, 2.4.0p31, 2.3.0p48, and all 2.2.0 versions allows an administrator who can change global settings to store malicious HTML or JavaScript in changelog messages that executes in other users' browsers when they view the...

PT-2026-47287

Improper neutralization of HTML-encoded characters in the URL validation function in Checkmk 2.5.0p5, 2.4.0p31, 2.3.0p48, and all 2.2.0 versions allows an authenticated user to bypass URL validation and inject malicious URLs such as javascript: URIs, resulting in cross-site scripting when another...

PT-2026-47288

Stored cross-site scripting in the service discovery active check output in Checkmk 2.5.0p5, 2.4.0p31, 2.3.0p48, and all 2.2.0 versions allows an administrator who can configure active or custom checks to inject malicious HTML or JavaScript into check output that executes in the browser of an adm...

PT-2026-47284

Stored cross-site scripting in the URL dashboard widget in Checkmk 2.5.0p5, 2.4.0p31, 2.3.0p48, and all 2.2.0 versions allows a user with dashboard editing permissions to store a URL with a dangerous URI scheme such as javascript: that executes scripts in other users' browsers when they view the...

PT-2026-47285

Incorrect authorization in the User Messages dashboard widget in Checkmk 2.5.0p5 causes the message-fetching endpoints to return the dashboard creator's messages rather than the viewer's, allowing an attacker who knows a valid public dashboard share token to read the issuer's personal messages by...

PT-2026-47282

A vulnerability has been found in SourceCodester Barangay Resident Profiling and Information Management System 1.0. The impacted element is an unknown function of the file passsword reset.php of the component Password Reset Handler. Such manipulation of the argument new password with the input...

PT-2026-47289

Finally !!! - CVE-2026-50168 Angular 100k⭐️ https://t.co/gCwvYlXpR0 BugBounty GoogleVRP https://t.co/ViwfEVlp4R...

PT-2026-47325

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions 2.4.0 through 2.4.67 Description A buffer underwrite issue exists when using crafted regular expressions within the configuration. Recommendations Upgrade to version 2.4.68...

PT-2026-47324

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions 2.4.0 through 2.4.67 Description The mod proxy ftp module contains a loop with an unreachable exit condition, leading to an infinite loop when interacting with an attacker-controlled backend FTP server...

PT-2026-47328

Bludit is a content management system. Versions prior to 3.22.0 have a Broken Access Control flaw where active sessions remain valid even after the corresponding user account has been physically deleted from the database. This "Ghost Session" allows revoked users to maintain full unauthorized...

PT-2026-47323

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions 2.4.0 through 2.4.67 Description A buffer over-read occurs during outbound OCSP Online Certificate Status Protocol requests sent to an attacker-controlled OCSP server. A buffer over-read is a condition where a syste...

PT-2026-47305

OfflineIMAP before 8.0.3 trusts the server with their STARTTLS capability prior to authentication, which allows STRIPTLS/man-in-the-middle attacks, taking over the connection and extracting account credentials in cleartext...

PT-2026-47333

Improper Neutralization of CRLF Sequences 'CRLF Injection' vulnerability in wojtekmach Req allows multipart parameter smuggling via attacker-influenced part metadata. Req.Utils.encode form part/2 in lib/req/utils.ex builds the per-part headers by interpolating the caller-supplied name, filename,...

PT-2026-47330

phpMyFAQ is an open source FAQ web application. Prior to version 4.1.4, attachment passwords are hashed using SHA-1, a cryptographically broken algorithm. SHA-1 has been vulnerable to collision attacks since 2017 SHAttered. Version 4.1.4 fixes the issue...

PT-2026-47331

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions 2.4.55 through 2.4.67 Description A Use After Free issue exists in the mod http2 module of Apache HTTP Server, which occurs when file handles are already exhausted. Use After Free is a memory corruption flaw where a...

PT-2026-47320

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions 2.4.0 through 2.4.67 Description A heap-based buffer overflow occurs when processing untrusted content using the mod xml2enc module and the xml2StartParse function. A heap-based buffer overflow is a memory corruptio...

PT-2026-47317

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions 2.4.0 through 2.4.67 Description A heap-based buffer overflow occurs when interacting with malicious backend servers using ProxyPassReverseCookie. A heap-based buffer overflow is a memory corruption issue where data...

PT-2026-47308

A flaw has been found in Tenda W20E 15.11.0.6. This issue affects the function formPortalAuth of the file /goform/PortalAuth of the component Web Management Interface. Executing a manipulation of the argument gotoUrl can lead to stack-based buffer overflow. The attack can be launched remotely. Th...

PT-2026-47312

Software installed and run as a non-privileged user may conduct improper GPU system calls to corrupt kernel heap memory. By creating resources of certain types and presenting a set of parameters to the affected interface the exploit can be used to corrupt kernel memory...

PT-2026-47316

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions prior to 2.4.68 Description A buffer overflow occurs in the mod proxy html module, which can be triggered by an untrusted backend. Recommendations Upgrade to version 2.4.68...

PT-2026-47322

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions prior to 2.4.68 Description Improper Privilege Management allows local .htaccess authors to read files using the privileges of the httpd user. Recommendations Upgrade to version 2.4.68...

PT-2026-47309

A vulnerability has been found in Tenda W20E 15.11.0.6. Impacted is the function modifyWifiFilterRules of the file /goform/modifyWifiFilterRules of the component Web Management Interface. The manipulation of the argument wifiFilterListRemark leads to stack-based buffer overflow. The attack may be...

PT-2026-47306

In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Convert to DRM's vblank timer Replace vkms' vblank timer with the DRM implementation. The DRM code is identical in concept, but differs in implementation. Vblank timers are covered in vblank helpers and initializer...

PT-2026-47311

A vulnerability was determined in designcomputer mysql-mcp-server up to 0.2.2. The impacted element is the function read resource of the file src/mysql mcp server/server.py of the component mysql URI Handler. This manipulation of the argument uri str causes sql injection. Remote exploitation of t...