184508 matches found
PT-2026-55600
Name of the Vulnerable Software and Affected Versions Gitea versions prior to 1.25.5 Description A flaw allows a user to change the primary email address of another user. Recommendations Update to version 1.25.5 or later...
PT-2026-55590
Name of the Vulnerable Software and Affected Versions Gitea version 1.26.2 Description Fork synchronization continues even after a parent repository is changed from public to private. This behavior allows a fork to maintain access and synchronize data from a repository that should no longer be...
PT-2026-55466
Finding Location: core/src/server/render-to-string.ts:307-311 CSS value sanitization stripped expression and urljavascript: using simple regex, but could be bypassed with CSS unicode escapes 65xpression, null bytes, or CSS comments exp//ression. Mitigating Factor: These CSS injection vectors only...
PT-2026-55556
These are all security issues fixed in the kitty-0.47.4-2.1 package on the GA media of openSUSE Tumbleweed...
PT-2026-55460
Name of the Vulnerable Software and Affected Versions Contour versions prior to 1.33.5 Description An issue exists when an HTTPProxy is configured with both .spec.virtualhost.tls.enableFallbackCertificate: true and .spec.virtualhost.jwtProviders. In this scenario, the system fails to reject the...
PT-2026-55264
Landray OA contains an unauthenticated HQL injection vulnerability that allows unauthenticated attackers to query arbitrary Hibernate entity classes by injecting malicious HQL syntax into the uid POST parameter of the wechatLoginHelper.do endpoint. Attackers can exploit the lack of input...
PT-2026-55390
Impact When an HTTPProxy is configured with incompatible combination of both .spec.virtualhost.tls.enableFallbackCertificate: true and .spec.virtualhost.jwtProviders, Contour does not reject the configuration. Consequently, requests from clients that do not send TLS SNI or send an unrecognized SN...
PT-2026-55360
A CPU exhaustion vulnerability exists in Conform's parseSubmission future API when parsing FormData or URLSearchParams submissions with many unique field names. The parser previously looked up values by field name, which could require repeated scans of the submitted entries and cause excessive...
PT-2026-54941
The Kirki – Freeform Page Builder, Website Builder & Customizer plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 6.0.11. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...
PT-2026-55359
Description Am I affected You are affected if: 1. You run any version of zebrad up to and including v4.4.1. 2. Your node accepts inbound P2P connections network.listen addr is set, which is the default. 3. Your node processes blocks past the checkpoint height non-finalized state is active. All...
PT-2026-55006
Unauthenticated Cross Site Scripting XSS in WPAdverts = 2.3.1 versions...
PT-2026-54992
Unauthenticated Cross Site Scripting XSS in WPeMatico RSS Feed Fetcher = 2.8.17 versions...
PT-2026-55419
Summary fast-mcp-telegram validates HTTP Bearer tokens by joining the raw token string into a session-file path. The verifier rejects the exact reserved token telegram, but it does not reject path separators or normalize the path before checking whether the session file exists. A remote HTTP clie...
PT-2026-55437
It was discovered that LibVNCServer incorrectly handled the Tight decoder in libvncclient. A remote attacker could use this issue to cause LibVNCServer to crash, resulting in a denial of service, or possibly execute arbitrary code...
PT-2026-55477
Name of the Vulnerable Software and Affected Versions Algernon version 1.17.8 Description On Windows hosts using the NTFS filesystem, an unauthenticated client can retrieve the raw source code of server-side scripts such as .lua, .tl, .po2, .amber, or .frm located on public paths. This occurs...
PT-2026-55369
Summary SimpleSAMLphp's HTTP-Artifact receive path can treat an unsigned embedded SAML Response as cryptographically valid for the wrong IdP. In the HTTPArtifact::receive flow, the SOAP ArtifactResponse receives a TLS-based validator from SOAPClient::addSSLValidator. The embedded SAML Response th...
PT-2026-55054
u5CMS through v12.8.8 is vulnerable to reflected XSS via the ‘thanks’ parameter in multiple form components...
PT-2026-55470
Am I affected You are affected if: 1. You run zebrad up to and including v4.4.1. 2. Your node accepts inbound P2P connections network.listen addr is set, which is the default. 3. Your node's mempool is active node is synced near the chain tip. All default configurations are affected. Summary The...
PT-2026-55039
Name of the Vulnerable Software and Affected Versions Heateor Social Login versions prior to 1.1.40 Description An unauthenticated Cross Site Request Forgery CSRF issue exists in the Heateor Social Login plugin. CSRF is a flaw that allows an attacker to trick a victim into performing actions they...
PT-2026-55041
Name of the Vulnerable Software and Affected Versions Kit formerly ConvertKit for WooCommerce versions prior to 2.1.6 Description An unauthenticated sensitive data exposure issue exists in the plugin, allowing unauthorized users to access confidential information without providing credentials...
PT-2026-54985
Customer Path Traversal in Tax Exempt for WooCommerce = 1.9.3 versions...
PT-2026-55045
Name of the Vulnerable Software and Affected Versions pCloud WP Backup versions prior to 2.0.3 Description An unauthenticated Cross Site Request Forgery CSRF issue exists in the pCloud WP Backup plugin. CSRF is a flaw that allows an attacker to trick a victim into performing actions they did not...
PT-2026-54999
Unauthenticated Cross Site Scripting XSS in MC Woocommerce Wishlist = 1.9.19 versions...
PT-2026-55439
It was discovered that cifs-utils incorrectly dropped root privileges before looking up user information. A local attacker could possibly use this issue to execute arbitrary code as the root user...
PT-2026-55270
Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in Erlang/OTP ssl tls gen connection module allows a network-positioned attacker to inject unauthenticated plaintext that the TLS client application later treats as authenticated server data. Th...
PT-2026-55010
Name of the Vulnerable Software and Affected Versions Blocksy Companion Pro versions prior to 2.1.47 Description An unauthenticated remote code execution flaw allows an attacker to execute arbitrary code on the site without requiring login credentials. Recommendations Update to a version newer th...
PT-2026-55334
Name of the Vulnerable Software and Affected Versions Fireware OS versions 12.1 through 12.12 Fireware OS versions 2025.1 through 2026.2 Description An Out-of-bounds Write occurs in the ikestubd process, which may allow an authenticated privileged user to execute arbitrary code by sending special...
PT-2026-55321
Name of the Vulnerable Software and Affected Versions Microsoft Entra Provisioning Service SyncFabric affected versions not specified Description Server-side request forgery SSRF in the Microsoft Entra Provisioning Service SyncFabric allows an authorized attacker to elevate privileges over a...
PT-2026-54629
The Houzez Property Feed plugin for WordPress is vulnerable to SQL Injection via the 'orderby' parameter in all versions up to, and including, 2.5.46 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query in the prepare items metho...
PT-2026-55407
Summary SQLChatAgent in langroid ships a validate query defense-in-depth layer whose DANGEROUS SQL PATTERNS regex blocklist enumerates dangerous SQL primitives by specific function name. The list misses the canonical PostgreSQL filesystem-disclosure family pg read file, pg stat file, pg ls logdir...
PT-2026-55479
Am I affected You are affected if: 1. You run zebrad up to and including v4.4.1. 2. Your node listens on the default :: address on a Linux host the standard deployment configuration — net.ipv6.bindv6only=0 is the default on all common Linux distributions. 3. Your node is synced near the chain tip...
PT-2026-54616
The Adminify WordPress plugin before 4.2.10 does not perform per-user read-capability checks on the results returned by one of its administration search features, allowing users with a low-privilege role Contributor to disclose non-public content that WordPress would not otherwise expose to them,...
PT-2026-55197
Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in TR7 Cyber Defense Inc. WAF-ASP allows Stored XSS. This issue affects WAF-ASP: from v1.0.324.900 before v1.4.0.117...
PT-2026-55382
Summary Workspace .env could override Homebrew executable selection for skill install flows. In affected versions, a workspace .env in a repository opened by a trusted operator could override the Homebrew executable used by the install helper. This advisory is scoped to the named feature and...
PT-2026-55023
Unauthenticated Cross Site Scripting XSS in Simple Link Directory = 15.0.5 versions...
PT-2026-55002
Unauthenticated Cross Site Scripting XSS in ReviewX = 2.3.10 versions...
PT-2026-55257
A malicious actor with access to the network and low privileges could exploit an authenticated SQL Injection vulnerability found in UniFi Protect Application to escalate privileges on the host device...
PT-2026-54615
The Envo's Templates & Widgets for Elementor and WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing authorization check on the Envo Tabs and Off Canvas widget's template rendering in versions up to, and including, 1.4.26. The render method of the Tabs...
PT-2026-55424
Am I affected You are affected if: 1. You run zebrad up to and including v4.4.1. 2. Your node processes blocks on any Zcash network. Summary The finalized transparent address balance writer processes all newly-created outputs credits before processing spent outputs debits within the same block. A...
PT-2026-55343
Am I affected You are affected if: 1. You run zebrad up to and including v4.4.1. 2. Your node participates in a network where chain forks occur mainnet, testnet, or any network with multiple miners. All default configurations are affected. The corruption persists across restarts because it is...
PT-2026-55361
Summary When Steeltoe management endpoints are configured to listen on an alternate port Management:Endpoints:Port is configured, the middleware responsible for restricting access to the endpoints uses the Host HTTP header rather than the actual network socket port. Impact An unauthenticated remo...
PT-2026-54989
Unauthenticated Cross Site Scripting XSS in Internal Links Manager = 3.0.3 versions...
PT-2026-55400
Summary A Server-Side Request Forgery SSRF vulnerability exists in the Mautic Focus component MauticFocusBundle. Under certain conditions, insufficiency in validating user-supplied URLs allows authenticated users to trigger outbound HTTP requests from the hosting server. Impact An authenticated...
PT-2026-54937
Name of the Vulnerable Software and Affected Versions Product Video Gallery for Woocommerce versions prior to 1.5.1.9 Description Stored Cross-Site Scripting occurs due to insufficient input sanitization and output escaping. Authenticated attackers with shop manager-level access or higher can...
PT-2026-55295
Pathway through 0.31.1, fixed in commit d09722e, document store applies a caller-supplied glob pattern to indexed document paths using a hand-written recursive matcher that branches two ways on each token without memoization, giving exponential worst-case complexity. The filepath globpattern valu...
PT-2026-55300
LobeChat through 2.2.9 contains a broken object level authorization vulnerability that allows authenticated attackers to access and modify other users' chat-group agent data by supplying arbitrary group identifiers. Attackers can invoke the getGroupAgents, updateAgentInGroup, and...
PT-2026-55421
Summary Fake package roots could influence memory-core artifact loading. In affected versions, a local package root resolution path influenced by workspace state could select a package root that was not the intended bundled artifact root. This advisory is scoped to the named feature and...
PT-2026-55384
Summary A Server-Side Template Injection SSTI vulnerability exists in Mautic's theme engine. The platform renders uploaded Twig templates without a sandbox or strict function restrictions. Authenticated users with permissions to create or upload themes can abuse this to execute arbitrary code...
PT-2026-55425
Summary There is a mass-assignment flaw in the bulk-duplicate element action. Alice, holding only the permission to duplicate an entry she owns, submits an arbitrary id through the newAttributes request parameter. The duplication routine overrides its own id = null reset with that value and write...
PT-2026-55383
Finding Location: core/src/server/render-to-string.ts:307-311 CSS value sanitization stripped expression and urljavascript: using simple regex, but could be bypassed with CSS unicode escapes 65xpression, null bytes, or CSS comments exp//ression. Mitigating Factor: These CSS injection vectors only...