184491 matches found
PT-2026-57547
Capgo before 12.128.2 contains an information disclosure vulnerability in the Supabase PostgREST global stats endpoint that allows unauthenticated attackers to read sensitive financial and operational metrics using only the public apikey. Remote attackers can query the /rest/v1/global stats...
PT-2026-57554
Capgo before 12.128.2 allows email address changes without requiring current password re-authentication or verification of the existing email address. An attacker with access to a valid session cookie or authenticated browser can change the account email to gain control of account recovery and...
PT-2026-57548
Capgo before 12.128.2 contains a privilege escalation vulnerability where demoted super admin users retain access to delete non compliant bundles and count non compliant bundles RPCs due to stale org users.user right column not being cleared during role binding deletion. Attackers can exploit thi...
PT-2026-57556
Capgo before 12.128.2 contains an information disclosure vulnerability in the unauthenticated /private/sso/check-domain endpoint that returns internal org id and provider id values. Attackers can enumerate email domains to build mappings of domains to organization UUIDs and SSO provider...
PT-2026-57561
A security vulnerability has been detected in AstrBotDevs AstrBot up to 4.25.2. Affected by this issue is the function ToolsRoute.test mcp connection of the file astrbot/dashboard/routes/tools.py of the component MCP Test Endpoint. The manipulation of the argument mcp server config.url leads to...
PT-2026-57545
A weakness has been identified in AstrBotDevs AstrBot up to 4.25.2. Affected by this vulnerability is the function get online plugins of the file astrbot/dashboard/routes/plugin.py of the component market list Endpoint. Executing a manipulation of the argument custom registry can lead to...
PT-2026-57544
A security flaw has been discovered in AstrBotDevs AstrBot up to 4.25.2. Affected is the function FutureTaskTool.call of the file astrbot/core/tools/cron tools.py of the component Scheduled Task Handler. Performing a manipulation of the argument payload"note" results in improper authorization...
PT-2026-57542
A vulnerability was determined in SonicCloudOrg sonic-agent up to 2.7.2. This affects an unknown function of the file sonic-server-controller/src/main/java/org/cloud/sonic/controller/controller/ExchangeController.java of the component JWT Authentication Filter. This manipulation causes code...
PT-2026-57555
Capgo before 12.128.2 contains a cross-organization account disruption vulnerability in the SSO prelink endpoint that allows enterprise administrators to delete password identities of users in foreign organizations. Attackers with org.update settings permission and an active SSO provider can call...
PT-2026-57557
OpenWrt luci-app-samba4 read ACL grants file.exec permission on /usr/sbin/smbd, allowing authenticated delegated users to execute the Samba daemon with caller-controlled command-line arguments. Attackers can pass arbitrary Samba global options such as message command to a root smbd process,...
PT-2026-57558
filebrowser versions before 2.63.17 fail to normalize paths before querying the share index in DeleteWithPathPrefix, allowing authenticated users to leave stale public shares behind. Attackers can delete a shared directory using a trailing-slash path, then recreate the same directory to expose ne...
PT-2026-57562
A vulnerability was detected in AojiaoZero Antaris 1.0. This affects the function rewardPurchase of the file /ipn.php of the component PayPal IPN Payment Handler. The manipulation of the argument item number results in sql injection. The attack may be performed from remote. The vendor was contact...
PT-2026-57563
We have just added an important vulnerability affecting Comfast CF-WR631AX V3 CVE-2026-15511 https://t.co/vjkHzT9i6C...
PT-2026-57518
A vulnerability was identified in Eleveo Call Recording Software 9.7.0. This issue affects some unknown processing of the file /callrec/restoreCallAction.do of the component Recorded Calls Page. The manipulation leads to improper authorization. The attack is possible to be carried out remotely. T...
PT-2026-57524
A vulnerability was found in H3C NX15 V100R017. Affected by this vulnerability is the function change passwd of the file /api/login/modify of the component Administrator Password Modification Endpoint. The manipulation of the argument newPass results in weak password recovery. The attack may be...
PT-2026-57525
A security flaw has been discovered in Trendnet TEW-635BRM up to 1.00.03. This vulnerability affects the function ipoa test of the file /sbin/rc of the component IPoA WAN Connection Setup. Performing a manipulation of the argument ipoa ipaddr results in command injection. The attack is possible t...
PT-2026-57528
A vulnerability was detected in TRENDnet TEW-821DAP 1.12B01. The affected element is the function sub 41EC14 of the file /goform/tools nslookup of the component ssi. The manipulation results in buffer overflow. It is possible to launch the attack remotely. The vendor explains: "We are unable to...
PT-2026-57516
A vulnerability was determined in Eleveo Call Recording Software 9.7.0. This vulnerability affects unknown code of the file /callrec/composeEmailAction.do. Executing a manipulation can lead to improper authorization. The attack can be executed remotely. The exploit has been publicly disclosed and...
PT-2026-57530
One of my responsible security disclosures has been assigned CVE-2026-59959. The vulnerability has been fixed, and the advisory is now public: https://t.co/8v5PsiHSCO...
PT-2026-57521
A security vulnerability has been detected in QILING Disk Master 6.0.0.0. The impacted element is an unknown function in the library diskbckp.sys of the component Kernel Driver. Such manipulation leads to improper access controls. The attack can only be performed from a local environment. The...
PT-2026-57526
A weakness has been identified in Aster Telecom Azcall 10/11. This issue affects some unknown processing of the file /azcall/adm/gestao loja/sis.php?t=consultar of the component HTTP Handler. Executing a manipulation of the argument nome/perfil/status can lead to sql injection. The attack may be...
PT-2026-57550
Crawl4AI before 0.8.8 contains credential exfiltration vulnerabilities in the Docker API server that allow attackers to redirect LLM API calls to attacker-controlled endpoints and read arbitrary environment variables. Attackers can exploit the unauthenticated /md, /llm, and /llm/job endpoints by...
PT-2026-57522
A vulnerability was detected in Bahmni bahmnicore up to 0.93. This affects the function additionalParams of the file /openmrs/ws/rest/v1/bahmnicore/sql of the component Search Endpoint. Performing a manipulation of the argument test results in sql injection. The attack can be initiated remotely...
PT-2026-57523
A flaw has been found in IceHRM up to 35.0.1. This impacts an unknown function of the file core/src/Reports/User/Reports/EmployeeAttendanceReport.php of the component UserReport Endpoint. Executing a manipulation of the argument employeeList can lead to sql injection. The attack can be launched...
PT-2026-57560
LuCI versions fail to properly encode DHCPv6 lease hostnames before rendering in status tables, allowing adjacent network attackers to inject HTML markup. Attackers can send a DHCPv6 Client FQDN containing script tags that execute in the administrator's browser when viewing DHCP lease pages...
PT-2026-57549
Capgo before 12.128.2 contains a scope isolation vulnerability in the POST /webhooks/test endpoint that allows app-scoped API keys to invoke org-scoped webhook operations. Attackers with app-scoped credentials can trigger signed outbound webhook deliveries for arbitrary organization webhooks...
PT-2026-57515
A vulnerability was found in Eleveo Call Recording Software 9.7.0. This affects an unknown part of the file /callrec/pci dss status.jsp. Performing a manipulation results in improper authorization. Remote exploitation of the attack is possible. The exploit has been made public and could be used...
PT-2026-57543
A vulnerability was identified in sergomanov SmartHomeAdatum up to cf495353d81b680675eb8d9aa14a318aa45ce12c. This impacts an unknown function of the file users.php of the component Login. Such manipulation of the argument Login leads to sql injection. The attack may be launched remotely. This...
PT-2026-57553
Capgo before 12.128.2 contains a sql injection vulnerability in the POST /private/admin stats endpoint where the limit parameter is destructured from unvalidated request body and interpolated directly into Cloudflare Analytics Engine SQL queries via template literals. An attacker with platform...
PT-2026-57559
luci-app-upnp contains a stored cross-site scripting vulnerability that allows unauthenticated LAN clients to inject JavaScript via UPnP IGD AddPortMapping SOAP requests. Attackers can send malicious HTML in the NewPortMappingDescription field, which miniupnpd stores and luci-app-upnp renders...
PT-2026-57541
A vulnerability was found in SonicCloudOrg sonic-agent up to 2.7.2. The impacted element is the function evalIsFailed of the file sonic-agent/src/main/java/org/cloud/sonic/agent/tests/script/GroovyScriptImpl.java of the component Groovy Script Handler. The manipulation results in os command...
PT-2026-57539
A flaw has been found in AMTT Hotel Broadband Operation System 1.0. Impacted is an unknown function of the file manager/network/switch status.php. Executing a manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published an...
PT-2026-57519
A security flaw has been discovered in Eleveo Call Recording Software 9.7.0. Impacted is an unknown function of the file /callrec/audio.jsp of the component Call Recording Handler. The manipulation of the argument callId results in improper authorization. The attack may be performed from remote...
PT-2026-57520
A weakness has been identified in MiniTool Partition Wizard up to 13.6. The affected element is an unknown function in the library pwdrvio.sys of the component Signed Kernel Driver. This manipulation causes improper access controls. The attack can only be executed locally. The exploit has been ma...
PT-2026-57536
A weakness has been identified in RafyMrX TOKO-ONLINE-ROTI up to ddfe1cd587be0a0b5135d8b6e85cce2ec3aece99. This affects an unknown part. This manipulation causes missing authentication. The attack is possible to be carried out remotely. This product adopts a rolling release strategy to maintain...
PT-2026-57534
A vulnerability was identified in RafyMrX TOKO-ONLINE-ROTI up to ddfe1cd587be0a0b5135d8b6e85cce2ec3aece99. Affected by this vulnerability is an unknown functionality of the file proses/login.php. The manipulation of the argument Username leads to sql injection. Remote exploitation of the attack i...
PT-2026-57532
A vulnerability was found in TRENDnet TEW-821DAP 1.11B03. This impacts the function sub 41FBD0 of the file /goform/system ntp of the component Firmware Update Handler. Performing a manipulation of the argument Hostname results in os command injection. The attack may be initiated remotely. The...
PT-2026-57533
A vulnerability was determined in hcr707305003 shiroiAdmin 1.1/1.3. Affected is the function FileController::upload of the file app/common/controller/FileController.php. Executing a manipulation of the argument File can lead to unrestricted upload. The attack may be launched remotely. The exploit...
PT-2026-57537
A security vulnerability has been detected in igweze wizgrade up to b1d55f22b90cd7e7a6e5002f006d7c649e8086d6. This vulnerability affects unknown code of the file dashboard/studentConductManager.php. Such manipulation leads to cross site scripting. The attack may be performed from remote. The...
PT-2026-57538
A vulnerability was detected in Akpali9 Attendance-Management-System up to 70b91fe38f4195b701a45f0edcd4f42d5f64aeee. This issue affects some unknown processing of the file absent.php. Performing a manipulation of the argument export date results in cross site scripting. It is possible to initiate...
PT-2026-57527
A security vulnerability has been detected in TRENDnet TEW-821DAP 1.12B01. Impacted is the function sub 41EC14 of the file /goform/tools nslookup of the component ssi. The manipulation of the argument nslookup target leads to buffer overflow. It is possible to initiate the attack remotely. The...
PT-2026-57552
Flowise before 3.1.0 affected versions 3.0.13 and earlier uses weak hardcoded default JWT secrets 'auth token', 'refresh token' and default audience and issuer values 'AUDIENCE', 'ISSUER' in the enterprise passport authentication middleware...
PT-2026-57551
Crawl4AI before 0.8.7 contains an arbitrary file write vulnerability in the Docker API server's /screenshot and /pdf endpoints. The output path parameter accepts arbitrary filesystem paths without validation, allowing an attacker to supply absolute or path-traversal values to write to any locatio...
PT-2026-57540
A vulnerability has been found in SonicCloudOrg sonic-agent up to 2.7.2. The affected element is an unknown function of the file AndroidWSServer.java of the component Android WebSocket Server. The manipulation of the argument path leads to os command injection. The attack can be initiated remotel...
PT-2026-57535
A security flaw has been discovered in RafyMrX TOKO-ONLINE-ROTI up to ddfe1cd587be0a0b5135d8b6e85cce2ec3aece99. Affected by this issue is some unknown functionality of the file proses/add.php. The manipulation of the argument kode produk/kd cs results in sql injection. The attack can be executed...
PT-2026-57531
A vulnerability has been found in TRENDnet TEW-821DAP 1.11B03. This affects the function sub 42026C of the file /goform/tools ddns of the component Firmware Update Handler. Such manipulation of the argument hostname/username/password leads to os command injection. The attack can be launched...
PT-2026-57529
A flaw has been found in TRENDnet TEW-821DAP 1.11B03. The impacted element is the function sub 43F2C4 of the file /goform/tools nslookup of the component DNS Lookup Handler. This manipulation of the argument nslookup target/dns server causes os command injection. The attack can be initiated...
PT-2026-57566
The nRF70 Wi-Fi driver's power-save event handler nrf wifi event proc get power save info in drivers/wifi/nrf wifi/src/wifi mgmt.c copied TWT Target Wake Time flow entries from an nrf wifi umac event power save info event into the fixed-size twt flowsWIFI MAX TWT FLOWS 8-element array of a...
PT-2026-57568
parse ipv4 in subsys/net/ip/utils.c reached via net ipaddr parse for strings of the form "a.b.c.d:port" copies the port substring into a fixed 17-byte stack buffer char ipaddrNET IPV4 ADDR LEN + 1 using a length of str len - end - 1, where str len is the full, unbounded input length and end is on...
PT-2026-57570
The Nuvoton NuMaker HSUSBD USB device-controller driver drivers/usb/udc/udc numaker.c armed the control Data IN stage unconditionally base-CEPTXCNT = len in numaker hsusbd ep trigger. Because the HSUSBD hardware cannot disarm a control Data IN already armed for a previous transfer, a USB host tha...