184484 matches found
PT-2026-53902
Name of the Vulnerable Software and Affected Versions ColdFusion versions 2025.9 and 2023.20 and earlier Description Improper input validation allows for arbitrary code execution in the context of the current user. This issue can be exploited without requiring any user interaction. Recommendation...
PT-2026-53968
Name of the Vulnerable Software and Affected Versions IBM UrbanCode Deploy versions 7.3 through 7.3.2.18 IBM DevOps Deploy versions 8.0 through 8.0.1.13 IBM DevOps Deploy versions 8.1 through 8.1.2.6 IBM DevOps Deploy versions 8.2 through 8.2.1.0 Description Authenticated users may be able to...
PT-2026-53935
The HP Fan Control App might allow local escalation of privileges. An updated version of HP Fan Control App has been released to mitigate this potential vulnerability...
PT-2026-55058
Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 1.99, the POST /api/v1/admin/send-test-email endpoint accepts attacker-controlled smtpHost and smtpPort values and establishes a raw JavaMail TCP connection without any IP validation. This completely bypasses...
PT-2026-53965
Name of the Vulnerable Software and Affected Versions IBM WebSphere Application Server - Liberty versions 17.0.0.3 through 26.0.0.6 Description An arbitrary file read issue exists when the restConnector-2.0 feature is enabled. This allows an attacker to read files from the system that they should...
PT-2026-55067
Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.34.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, a vulnerability exists in Envoy's TCP StatsD sink TcpStatsdSink, where the thread-local flusher buffer can be overflowed by exceptionally long statistic...
PT-2026-53993
Name of the Vulnerable Software and Affected Versions storescp affected versions not specified Description An unauthenticated remote attacker can cause a memory leak by repeatedly sending a single crafted connection request. When storescp operates in its default single-process mode, memory...
PT-2026-53998
Name of the Vulnerable Software and Affected Versions txtai versions prior to 9.10.1 Description The software exposes an API endpoint '/reindex' where the function body parameter is processed by txtai.util.Resolver. This resolver performs import and getattr on a dotted path provided by the user...
PT-2026-54017
An issue in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub 44af70 component...
PT-2026-53875
A flaw was found in GLib. A state confusion issue exists in g dbus node info new for xml in the gio/gdbusintrospection.c file when processing malformed D-Bus introspection XML, specifically with a element nested within other elements like , , or . This issue can cause an unsigned integer overflow...
PT-2026-53987
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An unauthenticated attacker can cause a crash of the worklist server by sending a single crafted query. This occurs when the server is configured with a valid...
PT-2026-54045
Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-22 Description An information disclosure issue exists in the PasskeyEncipherImage method. The flaw is caused by the reuse of a nonce a unique number used once in the AES-CTR cipher implementation. This allow...
PT-2026-53900
Name of the Vulnerable Software and Affected Versions Adobe ColdFusion versions prior to 2025.10 Adobe ColdFusion versions prior to 2023.21 Description An unrestricted upload of files with dangerous types allows for arbitrary code execution in the context of the current user. The issue stems from...
PT-2026-53893
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.464, an authenticated command injection vulnerability in the CA Certificate management feature allows any authenticated user to execute arbitrary commands as the configured SSH...
PT-2026-53841
Name of the Vulnerable Software and Affected Versions Apache ActiveMQ Client versions prior to 5.19.8 Apache ActiveMQ Client versions 6.0.0 through 6.2.6 Apache ActiveMQ versions prior to 5.19.8 Apache ActiveMQ versions 6.0.0 through 6.2.6 Apache ActiveMQ All versions prior to 5.19.8 Apache...
PT-2026-53891
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.464, the executeInDocker helper wraps commands in bash -c '$command' without escaping single quotes. User-controlled docker compose custom build command and docker compose custo...
PT-2026-53805
rtapi app in linuxcnc-uspace in LinuxCNC before 2.9.9 allows privilege escalation. It is installed SUID root and loads shared library modules via dlopen by using a user-supplied module name. Insufficient validation of the module name allows path traversal, enabling an unprivileged local user to...
PT-2026-55066
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, in cases where UDP DNS filter is configured with local resolution containing a name with the length of 255 octets or remote resolution for a name of 255 octets long...
PT-2026-54023
Name of the Vulnerable Software and Affected Versions Capgo versions prior to 12.128.2 Description An issue exists in the middlewareKey function where the system accepts the client-controlled x-limited-key-id header without validating ownership. This allows authenticated users to adopt limited ke...
PT-2026-53934
Name of the Vulnerable Software and Affected Versions JeecgBoot versions prior to 3.9.3 Description Authenticated low-privilege users can perform full create, read, update, and delete operations on OpenAPI credentials. This occurs because the 'OpenApiAuthController' and...
PT-2026-53818
Delta Electronics DVP12SE PLC exposes a Modbus TCP service over a specified port without authentication or access control, permitting unauthenticated interaction with security-sensitive PLC functions...
PT-2026-53867
Name of the Vulnerable Software and Affected Versions NetScaler ADC affected versions not specified NetScaler Gateway affected versions not specified Description Insufficient input validation leads to a memory overread when the TCP TimeStamp is enabled in the TCP Profile and is associated with a...
PT-2026-53981
Name of the Vulnerable Software and Affected Versions IBM watsonx.data intelligence versions 5.2.0 through 5.3.0 Description An authenticated user can perform unauthorized actions because of improper enforcement of the behavioral workflow. Recommendations At the moment, there is no information...
PT-2026-55062
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a structural flaw was identified in DefaultCertValidator::verifySubjectAltName where the extracted DNS SAN string is cast to a C-style string using .c str before...
PT-2026-54035
Capgo before 12.128.2 allows multiple public channels for the same app and platform to coexist simultaneously, while unnamed /updates requests without defaultChannel implicitly resolve to a single hidden winner channel. An authorized app or channel manager can create ambiguous default update stat...
PT-2026-53829
Name of the Vulnerable Software and Affected Versions PROMOD V affected versions not specified Description PROMOD V uses insecure HTTP communication instead of HTTPS. This issue occurs because the third-party Digipede server does not support HTTPS, which allows data to be transmitted without...
PT-2026-53813
The Kali Forms — Contact Form & Drag-and-Drop Builder WordPress plugin before 2.4.13 does not sanitise a form field's caption before outputting it as a column header on the administrator form-entries screen, allowing users with Contributor-level access or above to store JavaScript that executes i...
PT-2026-53953
Name of the Vulnerable Software and Affected Versions IBM Db2 versions 11.5.0 through 11.5.9 IBM Db2 versions 12.1.0 through 12.1.4 Description An authenticated user can obtain sensitive information from the monitoring and event tables in IBM Db2 for Linux, UNIX, and Windows, including Db2 Connec...
PT-2026-53887
KTM System e-BOK enforces a maximum password length of six numeric digits and does not permit the use of any alphabetic, special, or extended characters. This issue was fixed in the patch published in June 2026...
PT-2026-53936
The Zephyr Bluetooth controller ISO Adaptation Layer subsys/bluetooth/controller/ll sw/isoal.c fails to validate the length field of a framed ISO PDU start segment. Per the Bluetooth specification a start segment sc=0 always carries a 3-byte time offset, so its segment-header len must be at least...
PT-2026-54435
Name of the Vulnerable Software and Affected Versions c3p0 versions prior to 0.14.0 Description c3p0, a JDBC Connection pooling library, can act as a sink for deserialization gadgets when used with other libraries. The DataSource.getConnection and ConnectionPoolDataSource.getPooledConnection...
PT-2026-54450
@w mmaringa CVE-2026-0429 is rated 10.0, with no patch available. You represent perfection in my report...
PT-2026-54446
Summary The credit payment implementation in app/Livewire/Invoices/Show.php executes a pessimistic row lock lockForUpdate outside of an active database transaction. Because MySQL/MariaDB requires an enclosing transaction to enforce row-level locks, the guard is ineffective. Concurrent payment...
PT-2026-53985
Name of the Vulnerable Software and Affected Versions IBM WebSphere Application Server version 9.0 IBM WebSphere Application Server version 8.5 Description The administrative console contains a cross-site scripting XSS flaw, which occurs when an application includes untrusted data in a web page...
PT-2026-53957
Name of the Vulnerable Software and Affected Versions IBM Langflow OSS versions 1.0.0 through 1.10.0 Description The voice mode contains improper shared-state handling, which allows API clients to be reused across tenant boundaries. An authenticated attacker can manipulate the cache state, causin...
PT-2026-53861
Name of the Vulnerable Software and Affected Versions Rancher versions 2.14.0 through 2.14.2 Rancher versions 2.13.0 through 2.13.6 Rancher versions 2.12.0 through 2.12.10 Rancher versions 2.11.0 through 2.11.14 Description A SAML authentication replay issue exists in the Assertion Consumer Servi...
PT-2026-53817
Delta Electronics DVP12SE PLCs are susceptible to a resource allocation vulnerability without limits or throttling CWE-770 within their Modbus TCP service...
PT-2026-54014
Name of the Vulnerable Software and Affected Versions SolarWinds Database Performance Analyzer affected versions not specified Description A stored cross-site scripting issue exists that allows for the execution of unintended scripts. Recommendations At the moment, there is no information about a...
PT-2026-53894
Name of the Vulnerable Software and Affected Versions Python affected versions not specified Description In the extract function of the Tarfile module, the filter parameter is not correctly handled when extracting hardlinks. This issue allows a system extracting content from untrusted tar files t...
PT-2026-54432
Name of the Vulnerable Software and Affected Versions Storage Concentrator SC & SCVM affected versions not specified Description Storage Concentrator SC & SCVM contains hardcoded credentials for various internal services within a configuration file. Although these credentials use encoding, the...
PT-2026-53974
Name of the Vulnerable Software and Affected Versions IBM watsonx.data intelligence versions 5.2.0 through 5.3.0 Description An authenticated user can cause a temporary denial of service by sending a specially crafted HTTP request. This issue occurs due to improper allocation of resource...
PT-2026-53926
Name of the Vulnerable Software and Affected Versions RuoYi-Vue-Plus versions prior to 5.6.3 Description The software exposes workflow task management endpoints under '/workflow/task' FlwTaskController without proper permission checks. Because the controller lacks class-level or method-level...
PT-2026-53856
Net::BitTorrent versions through 2.0.1 for Perl allow remote memory exhaustion via deeply nested bencoded input. bdecode recurses once per nested list or dictionary level with no depth cap, and each recursive call receives the remaining buffer by value while the list and dictionary branches captu...
PT-2026-53883
openGauss 在处理带 NLS 参数的 to timestamp 调用时,to timestamp with fmt nls 会将 nls fmt str 保存到 u sess-parser cxt.nls fmt str。在 seqscan + sort 执行路径下,该字符串原本被分配在 SeqScan 的表达式上下文中;当 SeqScan 完成后,该内存上下文会被 reset,但后续结果输出阶段 timestamp out 仍会通过 CheckNlsFormat 访问 u sess-parser cxt.nls fmt str,导致访问已释放内存。攻击者在具备数据库 SQL...
PT-2026-53874
Name of the Vulnerable Software and Affected Versions GLib affected versions not specified Description A flaw exists in the D-Bus client-side implementation of the DBUS COOKIE SHA1 SASL authentication mechanism. The system fails to validate the cookie context parameter received from the server. A...
PT-2026-54049
n8n before 2.25.7 and 2.26.x before 2.26.2 contains an abstract syntax tree AST security validator bypass in the Python Code node. An authenticated user with permission to create or modify workflows containing a Python Code node can bypass the validator and access the task executor module...
PT-2026-55074
Ghost is a Node.js content management system. From 6.19.4 until 6.21.1, insufficient validation of the client-supplied Content-Type on Ghost's Admin API file upload endpoint allowed uploaded files to be served from the site with an attacker-chosen content type on S3/GCS storage backends. On...
PT-2026-53931
Name of the Vulnerable Software and Affected Versions CVAT versions prior to 2.69.0 Description An improper authorization issue exists in the QualityReportViewSet.get queryset function. Authenticated attackers can enumerate quality report identifiers from other organizations by exploiting a missi...
PT-2026-53822
Name of the Vulnerable Software and Affected Versions Ricoh Web Image Monitor affected versions not specified Description Ricoh Web Image Monitor contains a reflected cross-site scripting issue. This allows an arbitrary script to be executed within the web browser of a user who accesses the...
PT-2026-53830
Raytha CMS is vulnerable to SQL Injection within the OData filter parsing pipeline. The vulnerability allows a remote, unauthenticated attacker to execute arbitrary SQL statements against the underlying PostgreSQL database, leading to full database compromise, including credential extraction...