184484 matches found
PT-2026-53807
Time-of-check time-of-use TOCTOU race condition vulnerability in Samsung Open Source Escargot allows Leveraging Race Conditions. This issue affects Escargot: bab3a5797557014ce3c2e28419a6310cfba90d0d...
PT-2026-55179
These are all security issues fixed in the perl-JavaScript-Minifier-XS-0.160.0-1.1 package on the GA media of openSUSE Tumbleweed...
PT-2026-54024
Capgo before 12.128.2 contains a path traversal vulnerability in the builder upload proxy that allows authenticated users with build permissions to bypass upload restrictions. Attackers can append traversal sequences to the upload path, which are normalized by the WHATWG URL parser, enabling acce...
PT-2026-55059
Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.36.0 until 1.36.9, 1.37.5, and 1.38.3, a Use-After-Free UAF vulnerability leading to a sudden segmentation fault exists in Envoy's ext authz HTTP filter when processing per-route authorization overrides...
PT-2026-53881
Name of the Vulnerable Software and Affected Versions NetScaler ADC affected versions not specified NetScaler Gateway affected versions not specified Description Memory overflow issues occur when NetScaler ADC is configured as an Oracle load balancer, a DNS Proxy, or a DNS recursive resolver...
PT-2026-54039
Name of the Vulnerable Software and Affected Versions n8n versions prior to 2.8.0 Description An authentication bypass exists that allows authenticated Single Sign-On SSO users to disable SSO enforcement via the API. This allows attackers to create local password credentials to authenticate...
PT-2026-53810
Name of the Vulnerable Software and Affected Versions Premium Addons for KingComposer versions prior to 1.1.2 Description Missing authorization and capability checks in the add custom sidebar and remove custom sidebar AJAX handlers allow unauthenticated attackers to modify or delete data. These...
PT-2026-54019
Name of the Vulnerable Software and Affected Versions electron-updater versions prior to 9.7.0 Description The HTTP redirect handler HttpExecutor.prepareRedirectUrlOptions only removes credential headers that exactly match the lowercase string "authorization". Consequently, other credential-beari...
PT-2026-53911
Zephyr's DNS resolver subsys/net/lib/dns parses resource records from DNS responses in dns unpack answer, which validated only the fixed RR header type, class, TTL, rdlength and accepted any attacker-declared rdlength, including one extending past the end of the received datagram. The TXT and SRV...
PT-2026-53897
Name of the Vulnerable Software and Affected Versions Mendix Studio Pro versions 10.11 through 10.23 Mendix Studio Pro versions prior to 10.24.21 Mendix Studio Pro versions 11.0 through 11.5 Mendix Studio Pro versions prior to 11.6.7 Mendix Studio Pro versions 11.7 through 11.11 Description...
PT-2026-54008
Name of the Vulnerable Software and Affected Versions Picklescan versions prior to 0.0.25 Description Picklescan fails to detect unsafe global functions within the Numpy library, which allows attackers to bypass static analysis. This issue enables the execution of arbitrary code during...
PT-2026-53819
A double free issue has been identified in libarchive's RAR5 reader. During parsing of a specially crafted RAR5 archive, the filtered buf pointer may remain stale after being freed during unpacking state reinitialization. Subsequent processing of another archive entry can trigger a second free of...
PT-2026-53971
Name of the Vulnerable Software and Affected Versions Paymenter affected versions not specified Description Authenticated users can inject arbitrary key-value pairs into server provisioning parameters due to improper input validation and mass assignment of user-controlled fields. The system fails...
PT-2026-53958
Name of the Vulnerable Software and Affected Versions IBM Langflow OSS versions 1.0.0 through 1.9.6 Description A missing authentication flaw exists in the /api/v1/build public tmp/ endpoints. This allows an unauthenticated attacker to use a valid job identifier to read build event data or cancel...
PT-2026-53838
Name of the Vulnerable Software and Affected Versions Apache ActiveMQ versions prior to 5.19.8 Apache ActiveMQ versions 6.0.0 through 6.2.6 Apache ActiveMQ All versions prior to 5.19.8 Apache ActiveMQ All versions 6.0.0 through 6.2.6 Apache ActiveMQ Stomp versions prior to 5.19.8 Apache ActiveMQ...
PT-2026-53929
Name of the Vulnerable Software and Affected Versions SeaweedFS versions prior to 4.30 Description An issue exists where the callback query parameter is reflected verbatim into responses served with the Content-Type application/javascript in the shared writeJson function weed/server/common.go. Th...
PT-2026-54440
Summary The fix for GHSA-f5x2-vj4h-vg4c / CVE-2026-25754 introduced in commit 40e1c71 is incomplete and can be bypassed through nested prototype pollution payloads. The original patch replaced the internal FormFields storage object with Object.createnull, preventing direct payloads such as proto...
PT-2026-53849
Name of the Vulnerable Software and Affected Versions Hospital Queuing Management affected versions not specified Description An issue exists that allows unauthenticated remote attackers to access a specific URL to obtain API documentation, leading to sensitive data exposure. Recommendations At t...
PT-2026-54000
Name of the Vulnerable Software and Affected Versions GitHub Enterprise Server versions prior to 3.21 Description A stored cross-site scripting issue exists where an authenticated attacker can execute arbitrary JavaScript in another user's browser. This occurs by injecting a crafted payload into...
PT-2026-53758
NLTK version 3.9.4 is vulnerable to a path traversal attack due to an incomplete fix for GitHub Issue 3504. The UNSAFE NO PROTOCOL RE regex in nltk/data.py checks for literal ../ sequences but fails to account for percent-encoded traversal sequences such as ..%2f. The url2pathname function decode...
PT-2026-53895
A missing clean-up in the legacy Project Role Template Binding PRTB reconciler in Rancher versions 2.13.0 up to 2.13.7 and 2.14.0 up to 2.14.3 allowed users to retain unauthorized Pod Security Admission PSA permissions after an administrator removes those permissions from a RoleTemplate...
PT-2026-54047
Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.6.27 Description Authenticated users can bypass server-side request forgery SSRF protections—a flaw where a server is tricked into making requests to an unintended location. By manipulating URL parameters with...
PT-2026-54066
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description A use after free issue in the GPU allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. A sandbox escape is ...
PT-2026-55078
Rclone is a command-line program to sync files and directories to and from different cloud storage providers. From 1.46.0 until 1.74.3, rclone rcd --rc-serve accepts unauthenticated GET and HEAD requests to paths of the form: /remote:path/object. The remote value is parsed from the URL and passed...
PT-2026-53886
KTM System e-BOK is vulnerable to Cross‑Site Request Forgery CSRF in both the email-change and password-change functionalities. An attacker can craft a malicious website that, when visited by an authenticated user, automatically sends a forged POST request to the application. This allows the...
PT-2026-53991
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An unauthenticated remote attacker can repeatedly send crafted connection requests to cause a memory leak. In single-process deployments, the memory consumption...
PT-2026-54011
Name of the Vulnerable Software and Affected Versions picklescan versions prior to 0.0.29 Description The software fails to detect malicious pickle files that utilize the code.InteractiveInterpreter.runcode function within reduce methods. This allows attackers to craft pickle payloads that bypass...
PT-2026-54436
Name of the Vulnerable Software and Affected Versions Storage Concentrator SC & SCVM affected versions not specified Description An issue exists where cookie values processed by the login.pl and debug.pl scripts are incorporated directly into database queries without adequate sanitization. This...
PT-2026-55079
SeaweedFS is a distributed storage system for object storage S3, file systems, and Iceberg tables. Prior to 4.30, the S3 API gateway and the Iceberg REST catalog gateway construct their routers with mux.NewRouter.SkipCleantrue. With path cleaning disabled, a .. segment inside the URL survives...
PT-2026-53966
Name of the Vulnerable Software and Affected Versions IBM Db2 versions 11.5.0 through 11.5.9 IBM Db2 versions 12.1.0 through 12.1.4 Description An authenticated user can cause a denial of service due to improper neutralization of special elements within the data query logic of XMLTable-derived...
PT-2026-53840
Name of the Vulnerable Software and Affected Versions Apache ActiveMQ versions prior to 5.19.8 Apache ActiveMQ versions 6.0.0 through 6.2.6 Description An improper authorization issue exists where an authenticated user with low privileges can access the /admin/ endpoints in the Web Console. This...
PT-2026-53824
WSO2 patched seven flaws across API Manager and gateways, led by a CVSS 10 JWT auth bypass CVE-2026-5430. Update WSO2 API Manager now. WSO2 APISecurity CVE AuthBypass Cybersecurity Infosec https://t.co/n3RZvcfYB7 https://t.co/SWv564o6pX...
PT-2026-53884
Name of the Vulnerable Software and Affected Versions Firefox version 152.0.3 Description Memory safety bugs exist that exhibit evidence of memory corruption. These issues could potentially be exploited to execute arbitrary code. Recommendations Update Firefox to version 152.0.4...
PT-2026-54007
Name of the Vulnerable Software and Affected Versions picklescan versions prior to 0.0.29 Description The software fails to detect the built-in Python trace.Trace.runctx function when it is used within pickle file reduce methods. This allows remote attackers to craft malicious pickle files...
PT-2026-54439
Summary Regression: Verification of integratedTime from Rekor V1 Log Entry against Fuclio Certificate validity was missing Details - PR 1008 erroneously removed verification of the integrated Rekor entry time against the Fulcio certificate. - PR 1185 re-added this verification with enhancements...
PT-2026-53975
Name of the Vulnerable Software and Affected Versions IBM watsonx.data intelligence versions 5.2.0 through 5.3.0 Description An issue exists where an authenticated user can embed arbitrary JavaScript code into the Web UI. This stored cross-site scripting XSS allows for the alteration of intended...
PT-2026-54006
Name of the Vulnerable Software and Affected Versions picklescan versions prior to 0.0.28 Description The software fails to detect malicious pickle files that utilize the torch.utils.collect env.run function within reduce methods. This allows attackers to embed hidden code in pickle files, which...
PT-2026-54038
Name of the Vulnerable Software and Affected Versions Capgo versions prior to 12.128.2 Description Capgo lacks an UPDATE row-level security policy for the build requests table. This missing policy prevents API-key and anonymous access from persisting builder status updates. An attacker can exploi...
PT-2026-54031
Capgo before 12.128.2 contains unauthenticated security definer RPC functions get user id and get org perm for apikey that expose API key validity oracles and user UUID disclosure. Unauthenticated attackers using the public API key can validate leaked keys, enumerate users and apps, and determine...
PT-2026-55061
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, the OAuth2 HTTP filter's encrypt/decrypt functions use AES-256-CBC without an authentication tag no HMAC, no AEAD. The /callback endpoint returns HTTP 302 on...
PT-2026-53960
Name of the Vulnerable Software and Affected Versions IBM WebSphere Application Server - Liberty versions 17.0.0.3 through 26.0.0.7 Description A server-side request forgery SSRF issue exists when the adminCenter-1.0 feature is enabled. SSRF is a flaw that allows an attacker to induce the...
PT-2026-55189
Part of the "Hades" wave of the Shai-Hulud supply-chain campaign. On 2026-06-08, malicious phantom releases of magique were published to PyPI using stolen credentials. The package executes a bundled JavaScript payload via the Bun runtime on import that harvests and exfiltrates credentials and...
PT-2026-53835
The Ajax Load More - Filters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'taxonomy include children' parameter in all versions up to, and including, 3.4.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers...
PT-2026-53956
Name of the Vulnerable Software and Affected Versions IBM Langflow OSS versions 1.0.0 through 1.9.3 Description A code injection flaw allows an unauthenticated remote attacker to gain full control over the system without user interaction. This enables the attacker to read all secrets available to...
PT-2026-53871
A flaw was found in GLib. A buffer over-read can occur in the g regex replace function when used with the G REGEX RAW compile flag and case-change replacement escapes because the string append function processes matched substrings using UTF-8 functions that assume valid UTF-8 input, even when the...
PT-2026-53870
A flaw was found in GLib. An out-of-bounds read of only 2 bytes can occur in the g date time get ymd function in the glib/gdatetime.c file when an invalid GDateTime object produced by the g date time add full function is processed. This flaw can corrupt the date output and potentially cause logic...
PT-2026-53872
A flaw was found in GLib. A buffer over-read can occur in g io channel read line backend in the giochannel.c file when a custom line terminator with a length greater than one is set, causing memcmp to read past the GString buffer. This vulnerability can cause a minor information disclosure of 7...
PT-2026-53869
A flaw was found in GLib. An off-by-one error can occur in the gvs tuple is normal function in the glib/gvariant-serialiser.c file when doing an alignment padding check because the bounds check uses instead of =, causing an out-of-bounds read of only 1 byte. This issue can cause a minor informati...
PT-2026-53983
IBM DevOps Automation 1.0.1 and IBM DevOps Loop 1.0.2 does not invalidate session IDs after expiration which could allow an authenticated user to impersonate another user on the system...
PT-2026-53994
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An unauthenticated attacker can perform a directory traversal to read worklist records from a directory outside the intended per-AE worklist storage area. In...