184528 matches found
PT-2026-55375
Summary A stored Cross-Site Scripting XSS vulnerability exists in the Projects component of Mautic 7. When displaying project tags and popovers on administrative detail views such as campaigns, emails, or forms, user-supplied project names are rendered without proper sanitization. An authenticate...
PT-2026-55411
Summary SimpleSAMLphp's SAML SP ACS path does not enforce the IdP selected for an SP-initiated login. If a saved SP state contains ExpectedIssuer = IdP A, but the ACS receives a valid response from IdP B, the code logs a warning and continues processing instead of rejecting the response. That...
PT-2026-55253
A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi Access Application to access files on the host device...
PT-2026-55348
Summary OpenClaw nodes send lifecycle events back to the gateway. In affected releases, a paired node could send an exec lifecycle event that was accepted without enough provenance tying it to an authorized system.run request. This issue affects the node event boundary. It does not allow an...
PT-2026-55473
Am I affected You are affected if: 1. You run zebrad up to and including v4.4.1. 2. Your node accepts inbound P2P connections and is syncing or catching up to the chain tip. Summary A malicious peer can answer Zebra's outbound getblocks/FindBlocks request with a small two-hash inventory, then ser...
PT-2026-55288
Name of the Vulnerable Software and Affected Versions AutoBangumi versions prior to 3.2.8 Description An issue exists where hard-coded default credentials are seeded at startup via the add default user function in the database user module when the users table is empty. This allows unauthenticated...
PT-2026-55230
Name of the Vulnerable Software and Affected Versions Little Orbit GFAC affected versions not specified Description Improper validation and a NULL pointer dereference a condition where the software attempts to read from a memory address that is null, leading to a crash in the GFAC Sys x64.sys...
PT-2026-55297
Name of the Vulnerable Software and Affected Versions Dapr affected versions not specified Description Dapr Sentry's OIDC discovery endpoint /.well-known/openid-configuration derives the issuer and jwks uri from the request Host. When no allowed-hosts list is configured, the system honors an...
PT-2026-55457
Summary The fix for CVE-2026-46339 unauthenticated RCE via unprotected MCP plugin routes introduced a local-only access gate in src/dashboardGuard.js that restricts spawn-capable routes /api/mcp/, /api/tunnel/, /api/cli-tools/ to loopback requests. The gate determines "local" by inspecting the Ho...
PT-2026-55052
Name of the Vulnerable Software and Affected Versions WP EasyCart versions prior to 5.9.1 Description An issue exists that allows users with contributor privileges to perform a SQL Injection. SQL Injection is a technique where malicious SQL statements are inserted into entry fields for execution,...
PT-2026-55282
Name of the Vulnerable Software and Affected Versions Eclipse Wakaama versions prior to snapshot/2026-05-26 Description An unbounded memory allocation issue exists in the CoAP Block1 handler within the coap/block.c file. Unauthenticated remote attackers can cause a denial of service by sending a...
PT-2026-55267
Observable Response Discrepancy vulnerability in Erlang OTP ssh ssh sftpd module allows an authenticated SFTP user to enumerate the existence of files and directories outside the configured root directory. The SSH FXP REALPATH handler in ssh sftpd calls relate file name/3 with Canonicalize=false,...
PT-2026-54974
Name of the Vulnerable Software and Affected Versions NativeChurch versions prior to 4.8.8.3 Description An unauthenticated Cross Site Scripting XSS issue exists, allowing attackers to execute malicious scripts without authentication. Recommendations Update NativeChurch to a version newer than...
PT-2026-55022
Subscriber Server Side Request Forgery SSRF in GeoDirectory = 2.8.161 versions...
PT-2026-55239
Name of the Vulnerable Software and Affected Versions UniFi OS affected versions not specified Description A path traversal issue exists in certain devices running UniFi OS. A malicious actor with network access can exploit this to bypass authentication on the affected devices or instances. Path...
PT-2026-55323
Name of the Vulnerable Software and Affected Versions WatchGuard Fireware OS versions 11.0 through 11.12.4 Update1 WatchGuard Fireware OS versions 12.0 through 12.12 WatchGuard Fireware OS versions 2025.1 through 2026.2 Description An Out-of-bounds Write issue exists in the CLI, where an...
PT-2026-55203
Missing authentication for critical function vulnerability in TR7 Cyber Defense Inc. WAF-ASP allows Authentication Abuse. This issue affects WAF-ASP: from v1.0.324.900 before v1.4.0.117...
PT-2026-55471
Am I affected You are affected if: 1. You run any version of zebrad up to and including v4.4.1. 2. Your node validates blocks on mainnet, testnet, or any network where both Zebra and zcashd nodes participate. All default configurations are affected. No feature flags, non-default settings, or...
PT-2026-54951
Name of the Vulnerable Software and Affected Versions Database for Contact Form 7, WPforms, Elementor forms versions prior to 1.5.2 Description An arbitrary file copy issue exists in the create entry el function. The function retrieves the raw value from the Elementor Pro Form Record object for...
PT-2026-54963
Subscriber Local File Inclusion in Tourmaster = 5.4.5 versions...
PT-2026-55003
Unauthenticated Cross Site Scripting XSS in eCommerce Product Catalog = 3.5.4 versions...
PT-2026-55251
A malicious actor with access to the network and low privileges could exploit a Server-Side Request Forgery SSRF in UniFi Protect Application to escalate privileges on the host device...
PT-2026-55198
The Divi Form Builder plugin for WordPress is vulnerable to Arbitrary File Upload leading to Remote Code Execution in all versions up to and including 5.1.8. This is due to insufficient file extension validation in the do image upload function where user-supplied input from the acceptFileTypes PO...
PT-2026-54958
In liboauth2 the Demonstrating Proof-of-Possession DPoP verifier accepts a proof whose JSON Web Key jwk header contains private key material. RFC 9449 section 4.3 step 7 requires the verifier to reject such a proof but oauth2 token verify function returns success for a malformed DPoP proof that...
PT-2026-54873
GeoWebPlayer also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud is an addon that can be installed with various GeoVision software GV-VMS, GV-Cloud, .... It creates a websocket server that expands the capabilities of the various web-interfaces provided by the...
PT-2026-55399
Summary DataCenterInfo.FromJson throws ArgumentException for any name value other than "MyOwn" or "Amazon", despite the Java Eureka specification defining a third valid value: "Netflix". The exception propagates through the entire registry deserialization chain and is swallowed by the periodic...
PT-2026-55315
Name of the Vulnerable Software and Affected Versions Libreswan affected versions not specified Description Libreswan fails to correctly verify the authentication hash length when the SIG payload of an IKEv1 packet is encoded using PKCS 1 RSA Encryption. This occurs within the RSA authenticate ha...
PT-2026-55050
Name of the Vulnerable Software and Affected Versions Structured Content versions prior to 1.7.1 Description Cross Site Scripting XSS allows an attacker with contributor privileges to execute malicious scripts in the browser of other users. Recommendations Update Structured Content to a version...
PT-2026-55337
Name of the Vulnerable Software and Affected Versions WatchGuard Fireware OS versions 12.1 through 12.12 WatchGuard Fireware OS versions 2025.1 through 2026.2 Description WatchGuard Fireware OS on a FireCluster may use a hard-coded encryption key to encrypt saved credentials for Access Portal...
PT-2026-54975
Name of the Vulnerable Software and Affected Versions Pearl - Corporate Business versions prior to 3.4.11 Description An unauthenticated Local File Inclusion LFI issue exists, which allows an attacker to read files from the local file system without requiring authentication. Recommendations Updat...
PT-2026-55360
A CPU exhaustion vulnerability exists in Conform's parseSubmission future API when parsing FormData or URLSearchParams submissions with many unique field names. The parser previously looked up values by field name, which could require repeated scans of the submitted entries and cause excessive...
PT-2026-55439
It was discovered that cifs-utils incorrectly dropped root privileges before looking up user information. A local attacker could possibly use this issue to execute arbitrary code as the root user...
PT-2026-55419
Summary fast-mcp-telegram validates HTTP Bearer tokens by joining the raw token string into a session-file path. The verifier rejects the exact reserved token telegram, but it does not reject path separators or normalize the path before checking whether the session file exists. A remote HTTP clie...
PT-2026-55343
Am I affected You are affected if: 1. You run zebrad up to and including v4.4.1. 2. Your node participates in a network where chain forks occur mainnet, testnet, or any network with multiple miners. All default configurations are affected. The corruption persists across restarts because it is...
PT-2026-55382
Summary Workspace .env could override Homebrew executable selection for skill install flows. In affected versions, a workspace .env in a repository opened by a trusted operator could override the Homebrew executable used by the install helper. This advisory is scoped to the named feature and...
PT-2026-55384
Summary A Server-Side Template Injection SSTI vulnerability exists in Mautic's theme engine. The platform renders uploaded Twig templates without a sandbox or strict function restrictions. Authenticated users with permissions to create or upload themes can abuse this to execute arbitrary code...
PT-2026-55424
Am I affected You are affected if: 1. You run zebrad up to and including v4.4.1. 2. Your node processes blocks on any Zcash network. Summary The finalized transparent address balance writer processes all newly-created outputs credits before processing spent outputs debits within the same block. A...
PT-2026-55369
Summary SimpleSAMLphp's HTTP-Artifact receive path can treat an unsigned embedded SAML Response as cryptographically valid for the wrong IdP. In the HTTPArtifact::receive flow, the SOAP ArtifactResponse receives a TLS-based validator from SOAPClient::addSSLValidator. The embedded SAML Response th...
PT-2026-55359
Description Am I affected You are affected if: 1. You run any version of zebrad up to and including v4.4.1. 2. Your node accepts inbound P2P connections network.listen addr is set, which is the default. 3. Your node processes blocks past the checkpoint height non-finalized state is active. All...
PT-2026-55556
These are all security issues fixed in the kitty-0.47.4-2.1 package on the GA media of openSUSE Tumbleweed...
PT-2026-55390
Impact When an HTTPProxy is configured with incompatible combination of both .spec.virtualhost.tls.enableFallbackCertificate: true and .spec.virtualhost.jwtProviders, Contour does not reject the configuration. Consequently, requests from clients that do not send TLS SNI or send an unrecognized SN...
PT-2026-55383
Finding Location: core/src/server/render-to-string.ts:307-311 CSS value sanitization stripped expression and urljavascript: using simple regex, but could be bypassed with CSS unicode escapes 65xpression, null bytes, or CSS comments exp//ression. Mitigating Factor: These CSS injection vectors only...
PT-2026-55312
Name of the Vulnerable Software and Affected Versions Notepad3 versions prior to 6.25.822.2 Description A DLL search-order hijacking issue exists in the About-dialog code path within src/Notepad3.c. The application uses the LoadLibrary function to load MSFTEDIT.DLL using a bare name. This allows ...
PT-2026-54841
Name of the Vulnerable Software and Affected Versions pgjdbc versions 42.7.4 through 42.7.11 Description Connections using channelBinding=require can be silently downgraded from SCRAM-SHA-256-PLUS with channel binding to plain SCRAM-SHA-256. This results in the loss of man-in-the-middle protectio...
PT-2026-55290
Name of the Vulnerable Software and Affected Versions LobeChat versions prior to 2.2.10-canary.15 Description An authenticated attacker can cause a regular expression denial of service ReDoS by providing a catastrophic-backtracking pattern in a GitHub repository URL path during skill import. This...
PT-2026-55057
Name of the Vulnerable Software and Affected Versions Sendcloud Shipping versions prior to 1.0.30 Description Missing authorization allows for the exploitation of incorrectly configured access control security levels. Recommendations Update Sendcloud Shipping to version 1.0.30 or later...
PT-2026-55232
Name of the Vulnerable Software and Affected Versions UniFi Talk Application affected versions not specified Description An authenticated user with low privileges and network access can exploit SQL Injection flaws to escalate privileges on the host device. SQL Injection is a technique where...
PT-2026-55437
It was discovered that LibVNCServer incorrectly handled the Tight decoder in libvncclient. A remote attacker could use this issue to cause LibVNCServer to crash, resulting in a denial of service, or possibly execute arbitrary code...
PT-2026-55376
Summary Matrix allowFrom could bind to mutable display names. In affected versions, a Matrix account able to change display name metadata could match a policy entry through mutable display metadata. This advisory is scoped to the named feature and configuration. It does not change OpenClaw's...
PT-2026-55339
Name of the Vulnerable Software and Affected Versions WatchGuard Fireware OS versions 11.0 through 11.12.4 Update1 WatchGuard Fireware OS versions 12.0 through 12.12 WatchGuard Fireware OS versions 2025.1 through 2026.2 Description An Out-of-bounds Write issue exists where an unauthenticated...