184508 matches found
PT-2026-55816
CVE ID :CVE-2026-50238 Published : July 3, 2026, 10:25 a.m. | 3 hours, 20 minutes ago Description :None Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
PT-2026-55636
Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based affected versions not specified Description An issue involving type confusion, which occurs when a program accesses a resource using an incompatible data type, allows an unauthorized attacker to execute arbitrary...
PT-2026-55530
Name of the Vulnerable Software and Affected Versions Dell PowerProtect Data Domain versions 7.7.1.0 through 8.6 Dell PowerProtect Data Domain versions 8.6.1.0 through 8.6.1.10 Dell PowerProtect Data Domain versions 8.3.1.0 through 8.3.1.30 Dell PowerProtect Data Domain versions 7.13.1.0 through...
PT-2026-55630
Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based affected versions not specified Description Improper authorization allows an unauthorized attacker to execute code over a network. Recommendations At the moment, there is no information about a newer version that...
PT-2026-55514
Name of the Vulnerable Software and Affected Versions Ad Inserter – Ad Manager & AdSense Ads versions prior to 2.8.17 Description An Insecure Direct Object Reference exists via the data attribute of the adinserter shortcode. The replace ai tags function processes a reusable-block-N tag pattern th...
PT-2026-55649
Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based affected versions not specified Description Insufficient UI warnings regarding dangerous operations allow an unauthorized attacker to perform spoofing over a network. Recommendations At the moment, there is no...
PT-2026-55525
Name of the Vulnerable Software and Affected Versions Kong Konnect MCP server versions prior to 1.0.0 Description An issue exists where the server fails to properly validate content returned to the Large Language Model LLM. This allows a remote attacker to perform an indirect prompt injection by...
PT-2026-55581
Name of the Vulnerable Software and Affected Versions RT-Thread versions prior to 5.0.3 Description A memory corruption issue exists in the sys getaddrinfo function within the components/lwp/lwp syscall.c file. A local attacker can trigger this by manipulating the ai addr argument. Recommendation...
PT-2026-55641
Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based affected versions not specified Description A type confusion issue occurs when a resource is accessed using an incompatible type. This flaw allows an unauthorized attacker to bypass a security feature over a...
PT-2026-55629
Access of resource using incompatible type 'type confusion' in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...
PT-2026-55587
Name of the Vulnerable Software and Affected Versions Gitea versions 1.5.0 through 1.26.2 Description A defect in the Time-based One-Time Password TOTP single-use enforcement allows a valid TOTP code to be accepted multiple times. This issue affects web two-factor authentication flows and the Bas...
PT-2026-55626
Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based affected versions not specified Description A use after free issue exists that allows an unauthorized attacker to execute arbitrary code over a network. Use after free is a memory corruption flaw that occurs when ...
PT-2026-55659
Name of the Vulnerable Software and Affected Versions Microsoft Edge for Android affected versions not specified Description Improper access control allows an unauthorized attacker to bypass a security feature over a network. Recommendations At the moment, there is no information about a newer...
PT-2026-55607
Name of the Vulnerable Software and Affected Versions Gitea versions prior to 1.26.3 Description Git LFS Large File Storage object reuse allows users with repository access to authorize private source objects even if they lack Code-unit access. Recommendations Update Gitea to version 1.26.3 or...
PT-2026-55588
Name of the Vulnerable Software and Affected Versions Gitea versions prior to 1.25.5 Description Insufficient permission checks occur when listing tracked time entries. Recommendations Update to version 1.25.5 or later...
PT-2026-55579
Name of the Vulnerable Software and Affected Versions RT-Thread versions prior to 5.0.3 Description A stack-based buffer overflow exists in the recvmsg function within the bsp/loongson/ls1cdev/libraries/ls1c can.h library of the ls1c CAN Handler component. This issue requires local access to be...
PT-2026-55637
Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based affected versions not specified Description An issue occurs when an operation is performed on a resource after it has expired or been released. This allows an unauthorized attacker to disclose information over a...
PT-2026-55631
Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based affected versions not specified Description An issue exists where access to a resource using an incompatible type, known as type confusion, allows an unauthorized attacker to execute code over a network. Type...
PT-2026-55585
Name of the Vulnerable Software and Affected Versions keras-team/keras version 3.14.0 Description Improper handling of deserialization in the Lambda layer allows for arbitrary OS-level code execution in the context of the server or user process. The raise for lambda deserialization function fails...
PT-2026-55645
Name of the Vulnerable Software and Affected Versions Microsoft Edge for Android affected versions not specified Description A time-of-check time-of-use TOCTOU race condition exists, which is a software bug where a system checks the state of a resource before using it, but the state changes betwe...
PT-2026-55493
Name of the Vulnerable Software and Affected Versions WP Import Export Lite versions prior to 3.9.31 Description An issue exists in the wpie import upload file from url AJAX action. The plugin initially uses wp safe remote get to download files, which blocks private IP ranges. However, if this ca...
PT-2026-55512
Name of the Vulnerable Software and Affected Versions LatePoint – Calendar Booking Plugin for Appointments and Events versions prior to 5.6.2 Description An authorization bypass exists because the plugin fails to properly verify if a user is authorized to perform specific actions. Unauthenticated...
PT-2026-55658
Name of the Vulnerable Software and Affected Versions Gitea affected versions not specified Description An HMAC ambiguity in Gitea Actions Artifacts V4 signed URLs allows for cross-repository artifact reading and cross-task upload-state writing. HMAC Hash-based Message Authentication Code is a...
PT-2026-55633
Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based affected versions not specified Description A use after free issue exists that allows an unauthorized attacker to execute arbitrary code over a network. Use after free is a memory corruption flaw that occurs when ...
PT-2026-55539
Name of the Vulnerable Software and Affected Versions Dell PowerProtect Data Domain versions 7.7.1.0 through 8.7 Dell PowerProtect Data Domain LTS2026 release versions 8.6.1.0 through 8.6.1.10 Dell PowerProtect Data Domain LTS2025 release versions 8.3.1.0 through 8.3.1.30 Dell PowerProtect Data...
PT-2026-55576
webpack-dev-server versions 5.2.5 and earlier terminate the whole Node.js process when an unauthenticated peer sends either a normal HTTP request with a malformed Host header or a WebSocket upgrade to the default /ws endpoint with a malformed Origin header. The malformed value causes an uncaught...
PT-2026-55440
Name of the Vulnerable Software and Affected Versions weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot versions prior to 2.3.1 Description The plugin contains a missing authorization flaw. The do migration function, registered as the wedocs migrate betterdocs to wedocs AJ...
PT-2026-55578
Name of the Vulnerable Software and Affected Versions GIMP affected versions not specified Description A heap buffer overflow exists in the Paint Shop Pro PSP file format parser. The issue occurs when the software incorrectly calculates buffer sizes while processing low bit-depth images, which...
PT-2026-55442
Name of the Vulnerable Software and Affected Versions weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot versions prior to 2.3.1 Description Insufficient input sanitization and output escaping allow authenticated attackers with contributor-level access and above to perform...
PT-2026-55593
Name of the Vulnerable Software and Affected Versions Gitea versions prior to 1.25.5 Description Insufficient visibility checks exist within organization permission APIs, which may affect hidden members and private organizations. Recommendations Update to version 1.25.5 or later...
PT-2026-55495
Name of the Vulnerable Software and Affected Versions NEX-Forms – Ultimate Forms Plugin for WordPress versions prior to 9.2.3 Description Insufficient input sanitization and output escaping allow unauthenticated attackers to perform Stored Cross-Site Scripting XSS, a technique where malicious...
PT-2026-55490
UNSUPPORTED WHEN ASSIGNED Improper Validation of Specified Quantity in Input in the ASUS AI Suite 3 driver allows a local user to bypass security validation and access restricted memory blocks via crafted IOCTL requests, leading to privilege escalation...
PT-2026-55505
Name of the Vulnerable Software and Affected Versions Apache Lucene.Net.Analysis.Common versions 4.8.0-beta00005 through 4.8.0-beta00017 Description Improper Restriction of XML External Entity Reference XXE in the Lucene.Net.Analysis.Common library, specifically within the PatternParser. XXE is a...
PT-2026-55489
Name of the Vulnerable Software and Affected Versions ASUS AI Suite 3 affected versions not specified Description Improper validation of the specified quantity in the input of the ASUS AI Suite 3 driver allows a local user to access unintended memory regions. This is achieved through crafted IOCT...
PT-2026-55624
Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based affected versions not specified Description A Use-After-Free memory corruption issue exists in the Chromium engine of Microsoft Edge. This flaw allows an unauthorized remote attacker to execute arbitrary code over...
PT-2026-55543
Name of the Vulnerable Software and Affected Versions pardus-software versions prior to 1.0.5 Description A missing authorization issue allows for argument injection, which occurs when an application fails to properly sanitize user-supplied input used as arguments to a command or function,...
PT-2026-55509
Name of the Vulnerable Software and Affected Versions Quiz and Survey Master QSM – Easy Quiz and Survey Maker versions prior to 11.1.5 Description An authorization bypass exists because the plugin fails to properly verify if a user is authorized to perform specific actions. Authenticated attacker...
PT-2026-55647
Name of the Vulnerable Software and Affected Versions Microsoft Edge for Android affected versions not specified Description A relative path traversal issue exists in Microsoft Edge for Android. This flaw allows an unauthorized attacker to disclose information locally. Path traversal is a techniq...
PT-2026-55621
Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based affected versions not specified Description A Server-side request forgery SSRF issue exists, which allows an unauthorized attacker to perform spoofing over a network. SSRF is a flaw where an attacker can induce th...
PT-2026-55612
Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based affected versions not specified Description An issue exists where sensitive information is exposed to an unauthorized actor, which could allow a remote attacker to perform spoofing over a network. Recommendations ...
PT-2026-55517
Name of the Vulnerable Software and Affected Versions Zakra versions prior to 4.2.1 Description The Zakra theme for WordPress contains a Stored Cross-Site Scripting issue. This occurs because the theme registers three post meta fields—zakra menu item color, zakra menu item hover color, and zakra...
PT-2026-55605
Name of the Vulnerable Software and Affected Versions Gitea versions prior to 1.26.0 Description The software does not fail closed when encountering bufio.Scanner errors during the processing of pre-receive hook input. This behavior allows oversized input to bypass branch-protection checks...
PT-2026-55632
Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based affected versions not specified Description Improper access control allows an unauthorized attacker to perform spoofing over a network. Spoofing is a technique where a person or program successfully masquerades as...
PT-2026-55532
Name of the Vulnerable Software and Affected Versions Dell PowerProtect Data Domain versions 7.7.1.0 through 8.7 Dell PowerProtect Data Domain LTS2026 release versions 8.6.1.0 through 8.6.1.10 Dell PowerProtect Data Domain LTS2025 release versions 8.3.1.0 through 8.3.1.30 Dell PowerProtect Data...
PT-2026-55604
Name of the Vulnerable Software and Affected Versions Gitea versions prior to 1.25.5 Description The software accepts malformed or injected forwarded-proto values during the detection of public URLs. This flaw allows for the generation of spoofed canonical URLs. Recommendations Update Gitea to...
PT-2026-55617
Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based affected versions not specified Description An improper authorization flaw allows an unauthorized attacker to bypass a security feature over a network. This issue enables exploitation without prior authentication,...
PT-2026-55516
Name of the Vulnerable Software and Affected Versions Apache Lucene.Net.Replicator versions 4.8.0-beta00005 through 4.8.0-beta00017 Description A Path Traversal issue exists in the Lucene.Net.Replicator library, which allows an unauthenticated user to perform an arbitrary file read on the...
PT-2026-55654
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An unauthenticated Regular Expression Denial of Service ReDoS exists due to improper pattern matching within the CODEOWNERS file processing. This allows a remote...
PT-2026-55619
Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based affected versions not specified Description Improper input validation allows an unauthorized attacker to execute code over a network. Input validation is the process of ensuring that a program operates on clean,...
PT-2026-55577
Name of the Vulnerable Software and Affected Versions Open Asset Import Library Assimp versions prior to 6.0.5 Description A double free issue exists in the PLY Model Handler component within the Assimp::Exporter::ExportToBlob function located in the code/AssetLib/Ply/PlyLoader.cpp file. This fla...