184491 matches found
PT-2026-54682
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.46 Description An inappropriate implementation in the V8 engine allows a remote attacker to potentially exploit heap corruption. This occurs when a user is convinced to perform specific UI gestures...
PT-2026-54664
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.46 Description An out of bounds write occurs in ANGLE, a compatibility layer that allows OpenGL ES APIs to run on various graphics platforms. This issue allows a remote attacker to potentially perform...
PT-2026-54659
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.46 Description An out of bounds write occurs in Tint, which may allow a remote attacker to perform a sandbox escape by using a crafted HTML page. A sandbox escape is a technique used to break out of a...
PT-2026-54673
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.46 Description An out of bounds read exists in V8, the open-source high-performance JavaScript and WebAssembly engine. This issue allows an attacker to obtain potentially sensitive information from...
PT-2026-54662
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.46 Description An out-of-bounds write occurs in V8, the open-source high-performance JavaScript and WebAssembly engine, which allows a remote attacker to execute arbitrary code within a sandbox by usi...
PT-2026-54668
Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 150.0.7871.46 Description Insufficient validation of untrusted input in ANGLE allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HT...
PT-2026-54684
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.46 Description A use-after-free issue exists in Dawn, which can allow a remote attacker to potentially perform a sandbox escape by using a crafted HTML page. A use-after-free occurs when an applicatio...
PT-2026-54660
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.46 Description A use after free issue exists in V8, the open-source high-performance JavaScript and WebAssembly engine. This flaw allows a remote attacker to execute arbitrary code within a sandbox by...
PT-2026-54663
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.46 Description An out of bounds read in ANGLE allows a remote attacker to leak cross-origin data through the use of a crafted HTML page. ANGLE is a compatibility layer that translates OpenGL ES calls ...
PT-2026-54670
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.46 Description A use after free issue in V8 allows a remote attacker to execute arbitrary code inside a sandbox by using a crafted HTML page. Use after free is a memory corruption flaw that occurs whe...
PT-2026-54691
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.46 Description A use after free issue in Dawn within Google Chrome on Mac allows a remote attacker to potentially perform a sandbox escape by using a crafted HTML page. A use after free occurs when an...
PT-2026-54695
Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 150.0.7871.46 Description Insufficient validation of untrusted input in Dawn, a WebGPU implementation, allows a remote attacker who has already compromised the renderer process to potentially perform ...
PT-2026-54698
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.46 Description A type confusion issue exists in the V8 JavaScript engine, which can be triggered via a crafted HTML page. This flaw allows a remote attacker to execute arbitrary code within a sandbox...
PT-2026-54661
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.46 Description A use after free issue exists in V8, which is the open-source JavaScript and WebAssembly engine used by Google Chrome. This flaw allows a remote attacker to potentially exploit heap...
PT-2026-54461
The LearnPress – WordPress LMS Plugin for Create and Sell Online Courses plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.3.9.1 via the 'userId' parameter due to missing validation on a user controlled key. This makes it possible for...
PT-2026-54513
DVP80ES3 with Improper Resource Shutdown or Release vulnerability...
PT-2026-55097
Summary The documented certificateOIDs option in sigstore.verify is accepted by the public API but discarded before verification, so required certificate extension OIDs are never checked. Details The public verify options include certificateOIDs and the documentation says those OID/value pairs...
PT-2026-55222
Name of the Vulnerable Software and Affected Versions Drupal Canvas versions 0.0.0 through 1.4.2 Drupal Canvas versions 1.5.0 through 1.5.2 Drupal Canvas versions 1.6.0 through 1.6.1 Drupal Canvas versions 1.7.0 through 1.7.1 Description An issue exists in the Canvas AI submodule where image file...
PT-2026-54494
The WS Form LITE WordPress plugin before 1.11.8 does not have a capability check on one of its settings-update actions, allowing authenticated users with subscriber-level access and above to modify the WS Form LITE WordPress plugin before 1.11.8's settings...
PT-2026-54519
Name of the Vulnerable Software and Affected Versions buffa affected versions not specified Description The buffa protobuf decoder contains a memory-amplification issue. A malformed message can cause the library to consume up to 22 times the expected amount of RAM, leading to a denial of service...
PT-2026-54481
Name of the Vulnerable Software and Affected Versions Mediawiki - Cargo Extension versions prior to 3.9.1 Description Improper neutralization of input during web page generation leads to a Stored Cross-Site Scripting XSS issue. Stored XSS occurs when an application receives data from a user and...
PT-2026-54710
Name of the Vulnerable Software and Affected Versions Feast Feature Server affected versions not specified Description An unauthenticated remote attacker can write arbitrary JSON files to the server filesystem via the /save-document endpoint. The issue stems from improper input validation that...
PT-2026-54701
Name of the Vulnerable Software and Affected Versions Cloudflare affected versions not specified Description Cloudflare's Universal SSL feature automatically manages the Certification Authority Authorization CAA Resource Record Set RRset for customer zones. This auto-managed RRset is permissive a...
PT-2026-54478
Name of the Vulnerable Software and Affected Versions UltraVNC versions prior to 1.8.2.3 Description An out-of-bounds read exists in the wide-string to multibyte conversion helper. The vncWc2Mb function in rfb/dh.cpp:204 passes a caller-supplied WCHAR pointer to wcslen without performing a bounds...
PT-2026-54906
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Language/Language.Php, includes/Logging/BlockLogFormatter.Php, includes/Logging/LogFormatter.Php,...
PT-2026-55088
Summary It is possible to craft a URL that causes GeoNetwork to reflect attacker-controlled content into an error page in a way that gets evaluated as a client-side template expression. Combined with known AngularJS sandbox-escape techniques, this can be used to execute arbitrary JavaScript in th...
PT-2026-54752
Name of the Vulnerable Software and Affected Versions Guardian language-system affected versions not specified Description An unauthenticated remote attacker can execute arbitrary OS commands on the server. The issue occurs because the transcribe.php file passes the id GET parameter directly into...
PT-2026-54759
Name of the Vulnerable Software and Affected Versions gazebo plugins version 3.9.0 Description Improper input validation in the gazebo ros diff drive.cpp component allows attackers to cause a Denial of Service DoS by supplying a crafted geometry msgs::Twist message. Recommendations At the moment,...
PT-2026-54920
Name of the Vulnerable Software and Affected Versions Mediawiki - Cargo Extension versions prior to 1.43.9 Mediawiki - Cargo Extension versions prior to 1.44.6 Mediawiki - Cargo Extension versions prior to 1.45.4 Description Improper neutralization of special elements used in an SQL command allow...
PT-2026-54465
The WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More plugin for WordPress is vulnerable to Improper Neutralization of CRLF Sequences 'CRLF Injection' in all versions up to, and including, 1.10.2 This is due to get reply to address processing the Reply-To...
PT-2026-54864
Name of the Vulnerable Software and Affected Versions Elasticsearch affected versions not specified Description An issue exists where the allocation of resources lacks limits or throttling. A user with elevated privileges can submit a specially crafted machine learning request that triggers...
PT-2026-54634
Name of the Vulnerable Software and Affected Versions Wikimedia Foundation UrlShortener affected versions not specified Description Improper input validation occurs within the includes/UrlShortenerUtils.Php file. Input validation is the process of ensuring that a program operates on clean, correc...
PT-2026-54893
Name of the Vulnerable Software and Affected Versions MediaWiki versions prior to 1.46.0 MediaWiki versions prior to 1.45.4 MediaWiki versions prior to 1.44.6 MediaWiki versions prior to 1.43.9 Description Sensitive information may be exposed to unauthorized actors. This issue is associated with...
PT-2026-54745
Name of the Vulnerable Software and Affected Versions Guardian language-system affected versions not specified Description An unauthenticated remote attacker can execute arbitrary OS commands on the server. The issue occurs because the speech.php file passes the id GET parameter directly into a P...
PT-2026-54853
Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 6.9.13-51 ImageMagick versions prior to 7.1.2-26 Description A heap buffer overflow occurs in the MVG decoder, which can lead to an out-of-bounds write when the software processes a specially crafted image. A heap...
PT-2026-54693
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.46 Description A use after free issue exists in V8, the open-source high-performance JavaScript and WebAssembly engine. This flaw allows a remote attacker to execute arbitrary code within a sandbox by...
PT-2026-54460
The GiveWP plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.15.3 This is due to missing nonce validation on the give set notification status handler function. This makes it possible for unauthenticated attackers to disable donation email...
PT-2026-54490
Name of the Vulnerable Software and Affected Versions UltraVNC repeater versions prior to 1.8.2.3 Description The embedded HTTP administration server contains a global buffer overflow. The functions wi senderr and wi replyhdr in repeater/webgui/webutils.c write the HTTP request URI into a fixed...
PT-2026-54459
The JetWidgets For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 1.0.21. This is due to insufficient output escaping and missing server-side validation of the Animated Box widget's animation effect setting before it is rendered inside ...
PT-2026-53907
Name of the Vulnerable Software and Affected Versions ColdFusion versions 2025.9 and earlier Description A reflected Cross-Site Scripting XSS issue allows an attacker to inject malicious scripts into a web page. This could lead to arbitrary code execution within the context of the current user...
PT-2026-54013
Name of the Vulnerable Software and Affected Versions Hono versions prior to 4.10.3 Description A flaw exists in the CORS middleware when the origin is not set to "". The middleware copies the Vary header from the incoming request directly into the response. Since the Vary header is a response...
PT-2026-54033
Capgo before 12.128.2 contains an authorization flaw in POST /private/create device that accepts a caller-supplied org id parameter without validating it matches the target app's owner organization. Authenticated attackers can create device records for an application using a foreign organization...
PT-2026-53889
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.464, GET /api/v1/deployments/uuid in DeployController.php retrieves deployment details without validating that the deployment belongs to the authenticated user's team. Any...
PT-2026-53857
Net::BitTorrent versions through 2.0.1 for Perl generate the MSE Diffie-Hellman private key with a non-cryptographic PRNG. The MSE Message Stream Encryption handshake derives its 160-bit Diffie-Hellman private key from Perl's rand, a non-cryptographic drand48-class generator seeded once per...
PT-2026-53909
ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to gain limited read and write access to...
PT-2026-54026
Capgo before 12.128.2 contains an authorization bypass vulnerability in the channel creation endpoint that allows authenticated users to overwrite existing channels by reusing their names. Attackers with app.create channel permission can exploit a logic mismatch between existence validation and...
PT-2026-54020
Name of the Vulnerable Software and Affected Versions Ruby JSON versions 2.9.0 through 2.19.8 Description A heap buffer overflow occurs when the JSON generator processes an oversized streamed object. Specifically, when streaming to an IO, the JSON.dumpobj, io and JSON::Stategenerateobj, io...
PT-2026-53914
The asynchronous SNTP client in Zephyr subsys/net/lib/sntp/sntp.c, sntp close async closed the UDP socket file descriptor directly from the calling thread immediately after detaching it from the network socket service, without synchronizing with the socket-service poll thread. The socket service...
PT-2026-53912
The Zephyr net buf library lib/net buf/buf.c manipulated both of its reference counts -- the per-header buf-ref and the per-data-block ref count at the start of each variable/heap data allocation -- with plain non-atomic C operators buf-ref++, if --buf-ref 0, if --ref count. The API is documented...
PT-2026-53932
Name of the Vulnerable Software and Affected Versions JimuReport versions prior to 2.5.1 Description The application exposes the POST '/jmreport/auto/export' endpoint without authentication because the handler is annotated with @JimuNoLoginRequired, causing the JimuReportTokenInterceptor to skip...