Lucene search
K
PtsecurityRecent

186967 matches found

Positive Technologies
Positive Technologies
added 21 hours ago4 views

PT-2026-60203

Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.36.0, Vaultwarden's /icons/domain/icon.png endpoint used src/http client.rs checks including should block address and post resolve that missed decimal, hexadecimal, and octal IP representations, allowing SSRF through the...

5.8CVSS6.1AI score0.00048EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 21 hours ago5 views

PT-2026-60150

ImageMagick before 7.1.2-26 and 6.9.13-x before 6.9.13-51 contains a policy bypass vulnerability in the -script operation due to missing security policy checks. This allows reading files from paths that are otherwise disallowed by the configured security policy...

4.8CVSS6.1AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 21 hours ago7 views

PT-2026-58882

The Quotes llama WordPress plugin before 3.1.6 does not properly sanitize and escape a user-supplied parameter before using it in a SQL query, allowing unauthenticated attackers to perform UNION-based SQL injection and read arbitrary data from the database, including password hashes...

6.2AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 21 hours ago6 views

PT-2026-60145

The Grav API plugin grav-plugin-api before 1.0.4 does not validate the origin of the client-supplied admin base url field in the POST /api/v1/auth/forgot-password endpoint. The sanitizeHttpUrl function only checks that the URL scheme is http/https and never verifies the host against the server's...

9.6CVSS6.2AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 21 hours ago5 views

PT-2026-60118

ImageMagick through 7.1.2-18 contains a memory leak vulnerability in the ASHLAR coder when an action fails. Attackers can trigger failed actions to exhaust memory resources and cause denial of service...

4.8CVSS6.1AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 21 hours ago5 views

PT-2026-60135

PraisonAI before 4.6.78 exposes the MCP HTTP-stream transport without authentication by default: the CLI --api-key option defaults to None, and the server only enforces Authorization/Bearer checks when an API key is configured. When an operator runs 'praisonai mcp serve --transport http-stream'...

7.3CVSS6.1AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 21 hours ago5 views

PT-2026-58883

A flaw was found in the OpenShift GitOps operator. The ClusterRole reconciler does not validate resource ownership when reconciling ClusterRole objects. A namespace-scoped Argo CD instance can trigger deletion of a ClusterRole owned by a cluster-scoped Argo CD instance by crafting a name collisio...

7.7CVSS6AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 21 hours ago5 views

PT-2026-60115

n8n before version 2.10.0 contains an input validation vulnerability in the Guardrail node that allows attackers to bypass default guardrail instructions. End users can craft malicious inputs to circumvent guardrail protections and compromise workflow integrity...

6.3CVSS6.1AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 21 hours ago6 views

PT-2026-60114

Capgo Cap-go/capgo before 12.128.2 contains an information disclosure vulnerability in the Supabase PostgREST SECURITY DEFINER RPC function public.rescind invitation that allows unauthenticated attackers to enumerate organization existence. The function returns distinct error messages NO ORG vs N...

8.7CVSS6.1AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 21 hours ago8 views

PT-2026-60158

ImageMagick before 7.1.2-26 and 6.9.x before 6.9.13-51 contains a memory leak in the YUV decoder that occurs when opening of the blob fails. Repeated triggering can lead to resource exhaustion denial of service...

6.3CVSS6.1AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 21 hours ago5 views

PT-2026-60134

PraisonAI before 1.6.78 caches tool approval decisions by tool name only, allowing attackers to reuse initial approvals for subsequent calls with arbitrary arguments. Attackers can exploit this by obtaining approval for a benign operation and then executing dangerous file write operations with...

6.9CVSS6.2AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 21 hours ago5 views

PT-2026-60126

Out-of-bounds read vulnerability in the image codec module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

5.1CVSS6.1AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 21 hours ago4 views

PT-2026-60200

Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.234, Tabby inserts dropped file paths from tabby-electron/src/pathDrop.ts into the active shell without neutralizing command substitution metacharacters such as $… and …, so the incomplete CVE-2026-45038 fix for...

7.8CVSS6.4AI score0.00025EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 21 hours ago4 views

PT-2026-60207

Nixpkgs is a collection of software packages that can be installed with the Nix package manager. Prior to the 25.11 and 26.05 channel fixes, the NixOS module for MySQL services.mysql initializes the MySQL database in a way that allows local users, such as unprivileged web or CGI processes on the...

8.5CVSS6.1AI score
Exploits0References8
Positive Technologies
Positive Technologies
added 21 hours ago4 views

PT-2026-60173

Running SharePoint? There are at least 4 vulns you want to pay attention to: CVE-2026-55040, CVE-2026-52522, CVE-2026-58644, CVE-2026-56164 unauthenticated RCE, exploits available etc. https://t.co/9moTd0gNju...

9.8CVSS7AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 21 hours ago4 views

PT-2026-60202

Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.36.0, Vaultwarden's SSO discovery and pre-validation flow returned organization-related SSO metadata including organizationIdentifier values for arbitrary email addresses and allowed a valid pre-validation JWT to be obtained...

6.9CVSS6.2AI score0.00046EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 21 hours ago5 views

PT-2026-60171

DoS vulnerability in the vibration service. Impact: Successful exploitation of this vulnerability may affect availability...

6.5CVSS6.1AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 21 hours ago5 views

PT-2026-60128

Out-of-bounds read vulnerability in the image codec module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

4CVSS6.1AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 21 hours ago5 views

PT-2026-58895

A boolean-based SQL Injection vulnerability exists in Apache Fineract's Client Search API GET /api/v1/clients in versions up to and including 1.14.0. The orderBy and sortOrder request parameters are concatenated into a SQL query without sufficient validation, allowing an authenticated user with...

6.1AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 21 hours ago6 views

PT-2026-60124

Out-of-bounds read vulnerability in the image codec module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

4CVSS6.1AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 21 hours ago6 views

PT-2026-58880

The Kali Forms — Contact Form & Drag-and-Drop Builder WordPress plugin before 2.4.17 does not perform a per-object capability check in its post-duplication AJAX action, allowing users with Contributor-level access or above to duplicate any post regardless of owner, post type, or status into a...

6.1AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 21 hours ago6 views

PT-2026-58884

A confused-deputy flaw in Grafana MCP Server allows an unauthenticated remote attacker to exfiltrate the server's environment-configured Grafana service-account token by supplying a crafted X-Grafana-URL request header. This also enables SSRF against arbitrary internal services, including cloud...

8.6CVSS6.2AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 21 hours ago5 views

PT-2026-60167

Permission control vulnerability in the Settings module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

6.6CVSS6.1AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 21 hours ago9 views

PT-2026-58871

Improper Neutralization of Special Elements used in an SQL Command "SQL Injection" in the web management interface of certain ASUS router models allows a remote authenticated user to disclose confidential information via a crafted request that bypasses existing input validation Refer to the ' ...

5.9CVSS6.1AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 21 hours ago5 views

PT-2026-60120

open-webui before 0.3.14 contains a cross-origin resource sharing misconfiguration allowing arbitrary origins with allow origins= and authenticated requests to the /api/v1/functions endpoint. Attackers can execute arbitrary code on the openwebui instance by crafting malicious cross-site requests...

9CVSS6.3AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 21 hours ago8 views

PT-2026-58876

Permissive Cross-domain Security Policy with Untrusted Domains in ASUS GameSDK allows a remote user to obtain a local user’s NTLM hash by convincing the user to visit a crafted web page that sends a request containing a UNC path to the application’s local service endpoint. This can result in...

7.2CVSS6.1AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 21 hours ago6 views

PT-2026-60157

ImageMagick before 7.1.2-26 contains a memory leak vulnerability in the TIFF encoder when memory allocation fails. Attackers can trigger allocation failures during TIFF image processing to cause memory exhaustion and denial of service...

2.9CVSS6.1AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 21 hours ago6 views

PT-2026-60228

RustFS Console is a web management console for the RustFS distributed file system. From 0.1.7 until 0.1.10, the RustFS Console components/object/preview-modal.tsx and components/object/pdf-viewer.tsx extension-based PDF preview path can render HTML content uploaded as .pdf, allowing stored...

9CVSS6AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 21 hours ago6 views

PT-2026-60225

Postiz is an AI social media scheduling tool. Prior to 2.21.8, Postiz fails to verify Nowpayments IPN callback authenticity against the payment provider shared secret and reads the target subscription identifier from the untrusted request body, allowing a low-privileged account to grant arbitrary...

7.7CVSS6.2AI score0.00022EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 21 hours ago5 views

PT-2026-60220

As part of Cisco's ongoing commitment to proactive security and product quality, the Cisco RoomOS engineering team has conducted a comprehensive internal security review. This review resulted in a software hardening release that addresses multiple internally discovered vulnerabilities. The...

7.5CVSS6.1AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 21 hours ago6 views

PT-2026-60224

As part of Cisco's ongoing commitment to proactive security and product quality, the Cisco RoomOS engineering team has conducted a comprehensive internal security review. This review resulted in a software hardening release that addresses multiple internally discovered vulnerabilities. The...

7.5CVSS6.1AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 21 hours ago4 views

PT-2026-60222

As part of Cisco's ongoing commitment to proactive security and product quality, the Cisco RoomOS engineering team has conducted a comprehensive internal security review. This review resulted in a software hardening release that addresses multiple internally discovered vulnerabilities. The...

7.5CVSS6.1AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 21 hours ago7 views

PT-2026-60253

ws before 8.21.1 contains a memory exhaustion vulnerability in lib/receiver.js where the fragment guard only triggers when fragment count reaches maxFragments, allowing attackers to exhaust memory by sending incomplete fragmented WebSocket messages. Attackers can send a text frame with FIN=0...

8.7CVSS6.1AI score
Exploits0References5
Positive Technologies
Positive Technologies
added 21 hours ago4 views

PT-2026-60238

FastGPT is a knowledge-based AI application platform. At commit 22ebfacbb43311e9b73294040ae0eb87390c6bba and earlier, artifacts built from untrusted pull request code in .github/workflows/preview-docs-build.yml and .github/workflows/preview-fastgpt-build.yml can be downloaded by privileged workfl...

9.3CVSS6.1AI score0.00012EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 21 hours ago6 views

PT-2026-60252

FastGPT is a knowledge-based AI application platform. From 4.14.17 until 4.15.0-beta5, an authenticated FastGPT user can save a workflow node that points to another user's private HTTP toolset by using a crafted saved tool id such as http-/. The normal toolset routes deny access, but the workflow...

5.9CVSS6.2AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 21 hours ago4 views

PT-2026-60231

Pegatron Tdelo64.sys improperly exposes privileged hardware access functionality through the .TdeIo device interface. IOCTL handlers including TDE IOCTL INDEXIO READ and TDE IOCTL INDEXIO WRITE permit unprivileged user-mode callers to perform arbitrary hardware I/O port reads and writes without...

6.2AI score
Exploits1References2
Positive Technologies
Positive Technologies
added 21 hours ago4 views

PT-2026-60249

Kanboard through 1.2.52, fixed in commit 564cc30, BoardAjaxController save method used by the kanban board drag-and-drop endpoint validates the caller's role on the attacker-supplied project id but never verifies that the supplied task id actually belongs to that project. Because task identifiers...

8.1CVSS6.1AI score
Exploits0References5
Positive Technologies
Positive Technologies
added 21 hours ago3 views

PT-2026-60233

In Splunk Enterprise versions below 10.4.1, 10.2.5, 10.0.8, and 9.4.13, and Splunk Cloud Platform versions below 10.5.2605.0, 10.4.2604.7, 10.3.2512.16, 10.2.2510.18, and 10.1.2507.24, an attacker could trick a user that holds a role with the list deployment server capability into running arbitra...

8.3CVSS6.2AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 21 hours ago6 views

PT-2026-60218

Name of the Vulnerable Software and Affected Versions Cisco Identity Services Engine versions prior to 3.3 Cisco Identity Services Engine versions 3.3 through 3.3 before Patch 12 Cisco Identity Services Engine versions 3.4 through 3.4 before Patch 7 Cisco Identity Services Engine versions 3.5...

5.5CVSS6.2AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 21 hours ago4 views

PT-2026-60198

Penpot is an open-source design tool for design and code collaboration. Prior to 2.14.5, Penpot exposed teams invitations.clj invitation tokens from create-team-invitations, embedded an existing profile id in auth.clj prepare-register-profile, and had auth.clj register-profile issue a session bas...

9.9CVSS6.1AI score0.00083EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 21 hours ago6 views

PT-2026-60206

NGINX Plus and NGINX Open Source have a vulnerability in the ngx http slice module module. When the slice directive and unnamed regex captures are configured or when a background cache update happens, unauthenticated attackers can send requests that may cause uninitialized memory access in the...

8.8CVSS6.1AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 21 hours ago5 views

PT-2026-60213

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.17, File Browser builds new user scopes from usernames passed through cleanUsername when Signup=true and CreateUserDir=true, but the many-to-one...

8.1CVSS6.1AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 21 hours ago4 views

PT-2026-60172

Cornac before 2.6.0 contains a path traversal Tar Slip vulnerability that allows attackers to write arbitrary files outside the intended cache directory by supplying a crafted TAR archive containing ../ sequences, absolute paths, or symlink/hardlink entries to the extract archive function in...

9.1CVSS6.2AI score
Exploits0References5
Positive Technologies
Positive Technologies
added 21 hours ago4 views

PT-2026-60193

LightRAG provides simple and fast retrieval-augmented generation. Prior to 1.5.4, when LightRAG is deployed with LIGHTRAG API KEY set but AUTH ACCOUNTS unset, X-API-Key protection can be bypassed because lightrag/api/auth.py falls back to a hardcoded DEFAULT TOKEN SECRET, /auth-status and /login...

9.3CVSS6.1AI score
Exploits0References5
Positive Technologies
Positive Technologies
added 21 hours ago5 views

PT-2026-60188

Cursor is a code editor built for programming with AI. Prior to the Cloud Agent fix on 03/31/2026, browser-enabled Cursor Cloud Agent sessions allowed attacker-controlled web content to connect from inside the agent container to an unauthenticated local agent endpoint, enabling code execution...

7.7CVSS6.4AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 21 hours ago4 views

PT-2026-60182

Cloudreve is a self-hosted file management and sharing system. Prior to 4.16.1, a Cloudreve WebDAV account rooted at a configured folder can send paths such as /dav/%2e%2e/outside.txt because stripPrefix in pkg/webdav/webdav.go joins the decoded request suffix to the account root with...

7.1CVSS6.1AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 21 hours ago5 views

PT-2026-60187

When NGINX Plus is configured to use the Message Queuing Telemetry Transport MQTT filter module ngx stream mqtt filter module, unauthenticated attackers can send requests with conditions beyond the attacker's control to cause a heap buffer over-read in the NGINX worker process, leading to a...

6.3CVSS6.2AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 21 hours ago5 views

PT-2026-60183

When NGINX Ingress Controller is configured with Custom Resource Definitions CRDs or Ingress annotations, an injection vulnerability exists in the configuration generator of NGINX Ingress Controller. Multiple user-controllable fields are written into the generated NGINX configuration without...

8.7CVSS6.2AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 21 hours ago5 views

PT-2026-60189

FastGPT is a knowledge-based AI application platform. From 4.14.17 until 4.15.0-beta5, the POST /api/core/chat/record/getCollectionQuote endpoint authenticates the caller's chat and collection context, but the initialId center-node lookup is not bound to that authorized context. A low-privileged...

7.7CVSS6.1AI score
Exploits0References5
Positive Technologies
Positive Technologies
added 21 hours ago5 views

PT-2026-60184

NGINX Plus and NGINX Open Source have a vulnerability in the ngx http ssi module module. This vulnerability may exist when the Server-Side Includes SSI, proxy pass, and proxy buffering off directives are configured. With this configuration, an unauthenticated attacker with man-in-the-middle MITM...

8.3CVSS6.2AI score
Exploits0References2
Total number of security vulnerabilities186967