Lucene search
K
PtsecurityRecent

184269 matches found

Positive Technologies
Positive Technologies
added 5 hours ago3 views

PT-2026-57373

The WP Grid Builder plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.3.3. This is due to missing authorization and meta key validation in the update handler for the /wp-json/wpgb/v2/metadata REST endpoint. This makes it possible for authenticated...

8.8CVSS6.1AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 5 hours ago3 views

PT-2026-57372

The UnderConstructionPage PRO plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 5.76. This is due to the plugin accepting arbitrary local file paths in the template thumbnail parameter and copying their contents into a publicly accessible uploads file...

6.5CVSS6.2AI score
Exploits0References3
Positive Technologies
Positive Technologies
added yesterday6 views

PT-2026-57310

Software installed and run as a non-privileged user may cause OOB kernel memory reads or writes through GPU API calls. When indexing pages larger than 4kB in the page freeing logic of the sparse memory implementation, incorrect buffer indexing leads to OOB access...

6.1AI score
Exploits0References2
Positive Technologies
Positive Technologies
added yesterday3 views

PT-2026-57336

v4.01 of our Windows client is at https://t.co/TMEEK4A4TM See attached for client-side fixes. Servers were updated to OpenVPN 2.7.5 on the 2nd, and v4.01 bundles 2.7.5, so we're good on CVE-2026-12996, CVE-2026-13117, CVE-2026-12932, and CVE-2026-13698. https://t.co/7VvcXvxk70...

6.1AI score
Exploits0References1
Positive Technologies
Positive Technologies
added yesterday7 views

PT-2026-57104

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Apache IoTDB. An attacker can write arbitrary files anywhere the IoTDB process has write permissions with unsafe API. This issue affects Apache IoTDB: from 1.0.0 before 2.0.10. Users are recommended to...

6.2AI score0.00157EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added yesterday5 views

PT-2026-57313

Kernel software installed and running inside a Host VM may post improper commands to the GPU Firmware to trigger a GPU register access which can lead to privilege escalation...

6.1AI score
Exploits0References2
Positive Technologies
Positive Technologies
added yesterday5 views

PT-2026-57179

phpMyFAQ before 4.1.5 contains a potential authenticated path traversal vulnerability in the concatenatePaths function within src/phpMyFAQ/Export/Pdf/Wrapper.php. A user with FAQ editing privileges can store HTML containing crafted image paths that are processed during PDF generation. The path...

5.1CVSS6.1AI score
Exploits0References2
Positive Technologies
Positive Technologies
added yesterday6 views

PT-2026-57183

In JetBrains IntelliJ IDEA before 2026.1.4, 2026.2 code execution via path traversal in project workspace ID handling was possible...

9.6CVSS6.4AI score
Exploits0References1
Positive Technologies
Positive Technologies
added yesterday6 views

PT-2026-57153

In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: preserve shared-frag marker in iptfs consume frags iptfs consume frags transfers paged fragments from one socket buffer to another but fails to propagate the SKBFL SHARED FRAG flag. This is the same class of bug that...

6AI score
Exploits0References4
Positive Technologies
Positive Technologies
added yesterday6 views

PT-2026-57152

SQL Injection vulnerability in elixir-ecto postgrex allows an attacker who can influence a LISTEN channel name to inject SQL into the reconnect replay query, causing a denial of service of the notification connection. Postgrex.Notifications sanitizes channel names with quote channel/1, which...

2.1CVSS6.3AI score
Exploits0References5
Positive Technologies
Positive Technologies
added yesterday5 views

PT-2026-57151

mtr is vulnerable to Out-of-bound read vulnerability in ipinfo lookup function. An attacker who can influence the TXT response used for AS lookups can trigger this bug by returning a DNS response that is larger than 512 bytes and uses a crafted compression pointer in the answer NAME field. ipinfo...

5.1CVSS6.1AI score
Exploits0References3
Positive Technologies
Positive Technologies
added yesterday6 views

PT-2026-57261

Prowler is a cloud security platform. Prior to 5.30.3, Prowler's SAML authentication flow trusted the email domain asserted in a SAMLResponse when deciding which tenant should receive the final token, and the ACS finish logic in api/src/backend/api/v1/views.py recalculated the tenant from...

9.6CVSS6.1AI score
Exploits0References5
Positive Technologies
Positive Technologies
added yesterday6 views

PT-2026-57161

Improper Neutralization of Parameter/Argument Delimiters vulnerability in elixir-plug plug allows an attacker to inject or override HTTP cookie attributes. The Plug.Conn.Cookies.encode/2 function in lib/plug/conn/cookies.ex builds the Set-Cookie response header by interpolating the cookie value a...

2.1CVSS6.1AI score
Exploits0References5
Positive Technologies
Positive Technologies
added yesterday5 views

PT-2026-57178

Vikunja before 2.2.1 contains an authorization flaw where the LinkSharing.ReadAll endpoint exposes share hashes to users with read access, enabling permission escalation to admin-level shares. The GetTaskAttachment endpoint performs permission checks against user-supplied task IDs but fetches...

9.8CVSS6.1AI score
Exploits0References2
Positive Technologies
Positive Technologies
added yesterday4 views

PT-2026-57186

In JetBrains TeamCity before 2026.1.2 stored XSS via unauthenticated agent registration was possible...

8.1CVSS6.1AI score
Exploits0References1
Positive Technologies
Positive Technologies
added yesterday4 views

PT-2026-57185

In JetBrains TeamCity before 2026.1.2 stored XSS on the cloud profile page was possible via agent-reported data...

7.3CVSS6.1AI score
Exploits0References1
Positive Technologies
Positive Technologies
added yesterday9 views

PT-2026-57197

Grav before 2.0.2 contains a Twig sandbox bypass that allows a page author any admin.pages user, or anyone able to write to user/pages to exfiltrate configuration secrets. Although the sandbox replaces the 'config' variable with a redacted facade and strips Config::get/toArray from the method...

7.1CVSS6.1AI score
Exploits0References2
Positive Technologies
Positive Technologies
added yesterday4 views

PT-2026-57200

In JetBrains YouTrack before 2026.2.17394 stored XSS via article titles in digest emails was possible...

3.5CVSS6.1AI score
Exploits0References1
Positive Technologies
Positive Technologies
added yesterday6 views

PT-2026-57196

PraisonAI versions before 4.6.78 contain a code injection vulnerability in deploy/api.py where the agents file parameter is directly interpolated into an f-string without sanitization. Attackers can inject arbitrary Python code that executes when the generated server code runs via subprocess.Pope...

9.4CVSS6.2AI score
Exploits0References2
Positive Technologies
Positive Technologies
added yesterday6 views

PT-2026-57156

Dell PowerFlex Manager, Version prior to 5.1.0.1, contains an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure...

7.7CVSS6.1AI score
Exploits0References2
Positive Technologies
Positive Technologies
added yesterday5 views

PT-2026-57158

Plug.Parsers.MULTIPART, the multipart request-body parser used to handle file uploads and multipart forms, does not enforce its :length budget against all consumed resources, allowing an unauthenticated remote attacker to cause denial of service. The parser charges the :length limit only for part...

6.9CVSS6.1AI score
Exploits0References10
Positive Technologies
Positive Technologies
added yesterday4 views

PT-2026-57162

FlaskBB through 2.2.0, fixed in commit acc88cf, contains an authorization bypass vulnerability that allows authenticated moderators to perform unauthorized actions on topics in forums they do not control by submitting crafted topic ID lists. Attackers can include a low-ID topic from a permitted...

8.1CVSS6.2AI score
Exploits0References4
Positive Technologies
Positive Technologies
added yesterday4 views

PT-2026-57168

Crawl4AI before 0.8.7 contains a server-side request forgery SSRF vulnerability in the Docker API server's /crawl/job and /llm/job endpoints, which accept webhook URLs without destination validation. An attacker can supply webhook URLs pointing to private or internal IP ranges, Docker networks, o...

9.2CVSS6.1AI score
Exploits0References3
Positive Technologies
Positive Technologies
added yesterday8 views

PT-2026-57189

PraisonAI pip package praisonaiagents before 1.6.78 automatically loads defaults from a project-local .praisonai/config.toml when constructing an Agent, and does not validate the defaults.output.output file path. A repository-controlled config file can set output file to an absolute or '..'...

6.9CVSS6.1AI score
Exploits0References3
Positive Technologies
Positive Technologies
added yesterday5 views

PT-2026-57191

PraisonAI before 4.6.78 contains a path traversal vulnerability in ContextGatherer that fails to validate include paths in .praisoncontext and .praisoninclude files. Attackers can supply absolute paths or parent directory traversal sequences to read arbitrary files outside the workspace and inclu...

6.8CVSS6.2AI score
Exploits0References3
Positive Technologies
Positive Technologies
added yesterday7 views

PT-2026-57192

PraisonAI praisonaiagents before 1.6.78 contains a path traversal vulnerability in the FastContext feature praisonaiagents.context.fast. FastContextAgent.execute tool prepends the configured workspace path only for relative paths and neither rejects absolute paths nor canonicalizes joined paths...

6.9CVSS6.1AI score
Exploits0References3
Positive Technologies
Positive Technologies
added yesterday7 views

PT-2026-57193

PraisonAI versions before 4.6.78 contain an allowlist bypass vulnerability in shell command execution that allows attackers to execute restricted commands via find's built-in -exec, -execdir, and -delete actions. Attackers can craft find commands with these built-in actions to read blocked files,...

8.8CVSS6.3AI score
Exploits0References2
Positive Technologies
Positive Technologies
added yesterday4 views

PT-2026-57199

The Grav API plugin getgrav/grav-plugin-api before 1.0.3 fails to sanitize SVG files uploaded through the POST /api/v1/media endpoint. The HandlesMediaUploads::processUploadedFile method validates only the file extension and never invokes Security::sanitizeSVG, so an authenticated attacker with t...

5.1CVSS6.2AI score
Exploits0References2
Positive Technologies
Positive Technologies
added yesterday6 views

PT-2026-57159

Dell Unisphere for PowerMax, versions 10.3.0.5 and prior, contains a Deserialization of Untrusted Data vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges...

8.8CVSS6.3AI score
Exploits0References2
Positive Technologies
Positive Technologies
added yesterday5 views

PT-2026-57300

RabbitMQ is a messaging and streaming broker. Prior to 3.13.15, 4.0.20, 4.1.11, and 4.2.6, RabbitMQ allows foreign bindings to amq.rabbitmq.reply-to destinations because volatile direct-reply-to queues can be accepted at bind and route time but are missing from Khepri-backed deletion checks,...

7CVSS6.1AI score
Exploits0References7
Positive Technologies
Positive Technologies
added yesterday6 views

PT-2026-57121

The Hostel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wphostel-book' shortcode in all versions up to and including 1.1.7. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes. Specifically, the second shortcode...

6.4CVSS6.2AI score0.00206EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added yesterday5 views

PT-2026-57102

The Hide My WP Lite plugin for WordPress is vulnerable to Arbitrary File Read in versions up to and including 1.3 via the he wrapper js and he wrapper css query parameters processed by the elementor assets filter function. This is due to the function concatenating user-supplied input directly ont...

7.5CVSS6.1AI score0.00512EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added yesterday5 views

PT-2026-57141

The Logo Slider – Logo Carousel, Client Logo Slider & Brand Showcase for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'lgx tooltip position' parameter in all versions up to, and including, 5.5 due to insufficient input sanitization and output escaping. This...

6.4CVSS6.2AI score0.00331EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added yesterday6 views

PT-2026-57050

The Post Export Import with Media plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 1.13.1 via the import media file secure function. This is due to insufficient file extension validation caused by a trailing-dot filename bypass, where the extension...

7.2CVSS6.6AI score0.00615EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added yesterday6 views

PT-2026-57116

The GDPR Cookie Consent plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check and missing nonce verification on the gdpr cookie consent ajax save schedule scan function the wp ajax gcc save schedule scan AJAX action in versions up to, and...

4.3CVSS6.1AI score0.00196EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added yesterday7 views

PT-2026-57115

The Eventin – Event Calendar, Event Registration, Tickets & Booking AI Powered plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'etn faq content' parameter in all versions up to, and including, 4.1.15 due to insufficient input sanitization and output escaping. This makes ...

6.4CVSS6.2AI score0.00206EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added yesterday6 views

PT-2026-57051

The Super Forms – Drag & Drop Form Builder plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 6.3.313 via the submit form function. This is due to missing file type validation and the absence of any capability check on the submit form nopriv AJAX...

9.8CVSS6.6AI score0.00523EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added yesterday6 views

PT-2026-57119

The BetterDocs – AI Documentation, Knowledge Base, Docs, Wikis, FAQ with Chatbot plugin for WordPress is vulnerable to generic SQL Injection via the 'lang' parameter in all versions up to, and including, 4.6.0 due to insufficient escaping on the user supplied parameter and lack of sufficient...

6.5CVSS6.1AI score0.0026EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added yesterday5 views

PT-2026-57052

The Salon Booking System – Free Version plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 10.30.32. This is due to missing or incorrect nonce validation on the setCustomText function. This makes it possible for unauthenticated attackers to inje...

8.8CVSS6.7AI score0.00259EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added yesterday8 views

PT-2026-57118

The Import and export users and customers plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.4.0 via the email template selected. This makes it possible for authenticated attackers, with subscriber-level access and above, to extract the po...

4.3CVSS6.2AI score0.00223EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added yesterday7 views

PT-2026-57142

The Jeg Kit for Elementor – Powerful Addons for Elementor, Widgets & Templates for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Box widget's 'sg body description' parameter in versions up to, and including, 3.2.6. This is due to insufficient input...

6.4CVSS6.2AI score0.00357EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added yesterday7 views

PT-2026-57088

Time-of-check time-of-use race condition in fabricKeymaster trustlet prior to SMR Jul-2026 Release 1 allows local privileged attackers to execute arbitrary code...

8.4CVSS6.3AI score0.00096EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added yesterday6 views

PT-2026-57103

Insufficient Session Expiration, Authentication Bypass by Capture-replay vulnerability in Apache IoTDB. REST Basic Authentication Accepts Stale Cached Credentials This issue affects Apache IoTDB: from 1.0.0 before 2.0.10. Users are recommended to upgrade to version 2.0.10, which fixes the issue...

6.1AI score0.00182EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added yesterday6 views

PT-2026-57111

The Happyforms – Form Builder for WordPress: Drag & Drop Contact Forms, Surveys, Payments & Multipurpose Forms plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.26.12 via the happyforms get form partial function. This makes it possible for...

6.6CVSS6.5AI score0.00516EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added yesterday7 views

PT-2026-57147

R-SOFT DMS is vulnerable to Insecure Direct Object Reference IDOR attack in multiple file download endpoints. The application fetches files from the database by ID and serves them to whoever requests them, relying only on session authentication, meaning any valid user can access any file. This...

7.1CVSS6.1AI score0.0047EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added yesterday7 views

PT-2026-57149

R-SOFT DMS is vulnerable to OS Command Injection in the Optical Character Recognition OCR module. Multiple command execution functions accept user-controllable file paths without proper sanitization before passing them to the system shell via SSH. In current infrastructure the URL encoding...

9CVSS6.2AI score0.01331EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added yesterday6 views

PT-2026-57057

The Fluent Forms plugin for WordPress is vulnerable to incorrect authorization via the 'subscription id' parameter in versions up to, and including, 6.2.1. This is due to insufficient ownership authorization checks in the payment cancellation AJAX flow. This makes it possible for authenticated...

5.4CVSS5.9AI score0.00176EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added yesterday7 views

PT-2026-57124

The ICS Calendar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'htmltagtitle' parameter in all versions up to, and including, 12.0.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary...

6.1CVSS6.2AI score0.00296EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added yesterday4 views

PT-2026-57150

The Invoice123 plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.7.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level access...

4.3CVSS6.1AI score0.00473EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added yesterday7 views

PT-2026-57329

OpenReplay is a self-hosted session replay suite. Prior to 1.27.0, the session search and analytics API in enterprise editions with multi-tenancy enabled built ClickHouse queries by inserting user input into the query string, including two positions that took input without escaping, allowing an...

5.4CVSS6.1AI score
Exploits0References5
Total number of security vulnerabilities184269