184508 matches found
PT-2026-54469
The Kadence Blocks – Gutenberg Blocks for Page Builder Features plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to and including 3.7.7. This is due to a mismatch between the object used for authorization and the object actually accessed in the Optimize Rest...
PT-2026-55096
Description The per-template filter, tag and function allow-list check is compiled into the checkSecurity method of each Template subclass and was invoked once from the constructor, gated by SandboxExtension::isSandboxed$source. Template instances are then cached on the Environment in...
PT-2026-55146
Summary The wetty client decodes a base64 filename from the file-download escape sequence and interpolates it raw into a Toastify HTML string escapeMarkup: false. Any output the victim renders - a cat'd file, a tailed log, an SSH MOTD, a curl response - that contains x1b5i...:...x1b4i runs script...
PT-2026-54635
Session fixation vulnerability in Wikimedia Foundation OAuth. This vulnerability is associated with program files src/Backend/MWOAuthServer.Php. This issue affects OAuth: from through 1.46.0, 1.45.4, 1.44.6, 1.43.9...
PT-2026-55108
Impact A vulnerability has been identified in Fleet's agent-side deployer, which did not filter security-sensitive keys from namespaceLabels in fleet.yaml or BundleDeployment.spec.options.namespaceLabels when applying them to the target namespace. An attacker with git push access to a...
PT-2026-55099
Summary GeoNetwork's Elasticsearch-backed search API is responsible for injecting access-control and visibility filters into every request before it reaches the underlying Elasticsearch index. Under certain request conditions, that filtering step does not run, allowing an unauthenticated user to...
PT-2026-55433
These are all security issues fixed in the python311-python-engineio-4.13.3-1.1 package on the GA media of openSUSE Tumbleweed...
PT-2026-55432
These are all security issues fixed in the python3-onionshare-2.6.4-1.1 package on the GA media of openSUSE Tumbleweed...
PT-2026-54840
Name of the Vulnerable Software and Affected Versions Wagtail versions prior to 7.0.8 Wagtail versions prior to 7.3.3 Wagtail versions prior to 7.4.2 Description A reflected cross-site scripting XSS issue exists in the dynamic image URL generator view within the admin interface. An attacker with...
PT-2026-55121
Summary A memory-safety vulnerability in Open Babel's MSI parser allowed an out-of-bounds write into the translationVectors array when reading a crafted input file. Details The MSI reader stored cell translation vectors into a fixed-size translationVectors array. A malformed input could push more...
PT-2026-54788
Name of the Vulnerable Software and Affected Versions foreman affected versions not specified Description Authenticated users with 'view keypairs' permission can bypass taxonomy scoping, which is a mechanism used to restrict access to resources based on organizational boundaries. This allows them...
PT-2026-54762
Name of the Vulnerable Software and Affected Versions Fleet versions prior to 0.12.15 Fleet versions prior to 0.13.11 Fleet versions prior to 0.14.6 Fleet versions prior to 0.15.2 Description Fleet forwards Helm authentication credentials BasicAuth to any URL specified in the helm.repo field of a...
PT-2026-55105
Summary A memory-safety vulnerability in Open Babel's MOPAC output parser allowed an out-of-bounds write into the translationVectors array when reading the "FINAL POINT" block of a crafted input file. Details The MOPAC output reader stored translation vectors from the FINAL POINT block into a...
PT-2026-54699
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.46 Description A use after free issue in V8 allows a remote attacker to execute arbitrary code inside a sandbox by using a crafted HTML page. Use after free is a memory corruption flaw that occurs whe...
PT-2026-54720
Name of the Vulnerable Software and Affected Versions NVIDIA Megatron Bridge for Linux affected versions not specified Description An issue exists where improper validation of allowed inputs occurs. This could allow an attacker to achieve code execution, escalation of privileges, data tampering,...
PT-2026-54670
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.46 Description A use after free issue in V8 allows a remote attacker to execute arbitrary code inside a sandbox by using a crafted HTML page. Use after free is a memory corruption flaw that occurs whe...
PT-2026-55568
Wagtail is an open source content management system built on Django. In versions prior to 7.0.8, 7.3.3 and 7.4.2, reflected cross-site scripting XSS vulnerability exists on the dynamic image URL generator view within the Wagtail admin interface. A user with a limited-permission editor account for...
PT-2026-54906
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Language/Language.Php, includes/Logging/BlockLogFormatter.Php, includes/Logging/LogFormatter.Php,...
PT-2026-54745
Name of the Vulnerable Software and Affected Versions Guardian language-system affected versions not specified Description An unauthenticated remote attacker can execute arbitrary OS commands on the server. The issue occurs because the speech.php file passes the id GET parameter directly into a P...
PT-2026-55138
Summary A memory-safety vulnerability in Open Babel's MSI parser caused an uninitialized pointer dereference when reading a crafted input file. Details The flaw was in the atom handling of the MSI reader. A malformed record caused the parser to dereference an atom pointer that had never been...
PT-2026-55135
Summary A memory-safety vulnerability in Open Babel's ChemKin parser caused a NULL pointer dereference when reading a crafted input file. Details The flaw was in ChemKinFormat::ReadReactionQualifierLines. A malformed reaction qualifier record caused the parser to dereference a NULL pointer. Impac...
PT-2026-55119
Summary A memory-safety vulnerability in Open Babel's PQS parser allowed an out-of-bounds write when reading a crafted input file. Details The flaw was in the coord file parsing path of the PQS reader. A malformed coord file specifier caused the parser to write past the end of its destination...
PT-2026-54701
Name of the Vulnerable Software and Affected Versions Cloudflare affected versions not specified Description Cloudflare's Universal SSL feature automatically manages the Certification Authority Authorization CAA Resource Record Set RRset for customer zones. This auto-managed RRset is permissive a...
PT-2026-54716
NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of dynamically managed code resources. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure...
PT-2026-55158
Summary A memory-safety vulnerability in Open Babel's ORCA parser allowed an out-of-bounds write when reading a crafted input file. Details The flaw was in the nAtoms handling of the ORCA reader. A malformed input caused the parser to write past the end of its destination buffer. Impact Open Babe...
PT-2026-55140
Summary A memory-safety vulnerability in Open Babel's PQS parser caused an out-of-bounds pre-buffer read when reading a crafted input file. Details The flaw was in the lowerit helper used by the PQS parser. A malformed input caused the helper to read one or more bytes before the start of its inpu...
PT-2026-55162
Summary A memory-safety vulnerability in Open Babel's MOL2 parser allowed an out-of-bounds write when reading a crafted input file. Details The flaw was in the attribute/value parsing path of the MOL2 reader. An over-long attribute or value caused the parser to write past the end of a fixed-size...
PT-2026-54802
In the Linux kernel, the following vulnerability has been resolved: mm/damon/reclaim: handle ctx allocation failure Patch series "mm/damon/reclaim,lru sort: handle ctx allocation failures". DAMON RECLAIM and DAMON LRU SORT could dereference NULL pointers if their damon ctx object allocations fail...
PT-2026-54684
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.46 Description A use-after-free issue exists in Dawn, which can allow a remote attacker to potentially perform a sandbox escape by using a crafted HTML page. A use-after-free occurs when an applicatio...
PT-2026-55090
Description A flaw was found in Keycloak's Fine-Grained Admin Permissions FGAPv2 feature. An administrator with limited client management permissions can exploit this vulnerability to assign any realm role, including highly privileged roles, to a client's scope mapping. This bypasses intended...
PT-2026-55098
Summary A memory-safety vulnerability in Open Babel's CACAO parser caused a NULL pointer dereference when reading a crafted input file. Details The flaw was in CacaoFormat::SetHilderbrandt. A malformed input caused the parser to dereference a NULL pointer while applying the Hilderbrandt...
PT-2026-55145
Summary A memory-safety vulnerability in Open Babel's GRO parser caused an uninitialized pointer dereference when reading a crafted input file. Details The flaw was in the residue handling of the GRO reader. A malformed record caused the parser to use a residue pointer that had never been...
PT-2026-55110
Summary A memory-safety vulnerability in Open Babel's PQS parser caused an uninitialized pointer dereference when reading a crafted input file. Details The flaw was in the pFormat handling of the PQS reader. A malformed input caused the parser to dereference a format pointer that had never been...
PT-2026-55112
Summary A memory-safety vulnerability in Open Babel's ChemKin parser caused a heap buffer overflow when reading a crafted input file. Details The flaw was in ChemKinFormat::CheckSpecies. A malformed species record caused the parser to write past the end of a heap-allocated buffer. Impact Open Bab...
PT-2026-54809
In the Linux kernel, the following vulnerability has been resolved: fhandle: fix UAF due to unlocked -mnt ns read in may decode fh may decode fh accesses mount::mnt ns without holding any locks; that means the mount can concurrently be unmounted, and the mnt namespace can concurrently be freed...
PT-2026-55088
Summary It is possible to craft a URL that causes GeoNetwork to reflect attacker-controlled content into an error page in a way that gets evaluated as a client-side template expression. Combined with known AngularJS sandbox-escape techniques, this can be used to execute arbitrary JavaScript in th...
PT-2026-55097
Summary The documented certificateOIDs option in sigstore.verify is accepted by the public API but discarded before verification, so required certificate extension OIDs are never checked. Details The public verify options include certificateOIDs and the documentation says those OID/value pairs...
PT-2026-55142
Summary A memory-safety vulnerability in Open Babel's MOPAC input parser allowed an out-of-bounds write into the translationVectors array when reading Tv translation-vector atoms from a crafted input file. Details The MOPAC IN reader stored Tv-atom translation vectors into a fixed-size...
PT-2026-54893
Name of the Vulnerable Software and Affected Versions MediaWiki versions prior to 1.46.0 MediaWiki versions prior to 1.45.4 MediaWiki versions prior to 1.44.6 MediaWiki versions prior to 1.43.9 Description Sensitive information may be exposed to unauthorized actors. This issue is associated with...
PT-2026-54835
Name of the Vulnerable Software and Affected Versions MCO version 25.3.3.1 Description The software fails to correctly validate the types of uploaded files because the validation process relies exclusively on client-side checks, which can be bypassed. This allows an authorized, low-privileged...
PT-2026-55136
Summary A memory-safety vulnerability in Open Babel's Gaussian output parser allowed an out-of-bounds write into the translationVectors array when reading a crafted input file. Details The Gaussian reader stored periodic-cell translation vectors into a fixed-size translationVectors array. A...
PT-2026-55431
These are all security issues fixed in the perl-CGI-Session-4.490.0-1.1 package on the GA media of openSUSE Tumbleweed...
PT-2026-55166
In SurrealDB, records can be connected as a graph: a RELATE statement creates an edge record between two node records. If either endpoint node is deleted, SurrealDB automatically removes the edge row to keep the graph consistent. A user with permission to delete a node could also delete the edges...
PT-2026-55215
Vulnerability Metadata | Field | Detail | | --- | --- | | Affected Component | src/core/git/gitCommand.ts execGitShallowClone | | Impact | Arbitrary Command Execution / Security Control Bypass | Summary The --remote-branch CLI option in repomix is vulnerable to argument injection. User-supplied...
PT-2026-54467
The FV Flowplayer Video Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'video player' shortcode 'align' attribute in all versions up to, and including, 7.5.51.7212 due to insufficient input sanitization and output escaping on user supplied attributes. This makes ...
PT-2026-55116
Summary The network domain has a central SSRF authorization policy that blocks private, loopback, link-local, and reserved targets unless an explicit authorization object allows private network access. The policy is enforced by raw HTTP/TCP/TLS RTT tools, but the ICMP probe and traceroute tools...
PT-2026-55567
Wagtail is an open source content management system built on Django. In versions prior to 7.0.8, 7.3.3 and 7.4.2, a low-level user with the "Can submit translation" permission can create translations for any page, including those they do not have permissions for. This issue has been fixed in...
PT-2026-54754
A NULL pointer dereference in the AP4 TkhdAtom::GetTrackId function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...
PT-2026-55134
Share-link ?token=… redemption races past download limit Ecosystem: Go Package: goshs.de/goshs/v2 github.com/patrickhener/goshs Affected: 0 || entry.DownloadLimit == -1 // ...serve file... // = current.DownloadLimit deletefs.SharedLinks, token fs.sharedLinksMu.Unlock Between line 978 RUnlock and...
PT-2026-54462
The Taskbuilder – Project Management & Task Management Tool With Kanban Board plugin for WordPress is vulnerable to generic SQL Injection via the 'wppm proj filter' parameter in all versions up to, and including, 5.0.8 due to insufficient escaping on the user supplied parameter and lack of...