Lucene search
K
PtsecurityRecent

184379 matches found

Positive Technologies
Positive Technologies
added yesterday6 views

PT-2026-57057

The Fluent Forms plugin for WordPress is vulnerable to incorrect authorization via the 'subscription id' parameter in versions up to, and including, 6.2.1. This is due to insufficient ownership authorization checks in the payment cancellation AJAX flow. This makes it possible for authenticated...

5.4CVSS5.9AI score0.00176EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added yesterday7 views

PT-2026-57124

The ICS Calendar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'htmltagtitle' parameter in all versions up to, and including, 12.0.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary...

6.1CVSS6.2AI score0.00296EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added yesterday7 views

PT-2026-57060

The WPvivid Backup for MainWP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 0.9.33 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level...

4.4CVSS6.2AI score0.00187EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added yesterday5 views

PT-2026-57154

Dell Unisphere for PowerMax, versions 10.3.0.5 and prior, contains a path traversal vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability to read arbitrary files...

6.5CVSS6.2AI score
Exploits0References2
Positive Technologies
Positive Technologies
added yesterday6 views

PT-2026-57066

The Booking calendar, Appointment Booking System plugin for WordPress is vulnerable to time-based SQL Injection via the ‘wpdevart id’ parameter in all versions up to, and including, 3.2.17 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existi...

5.9CVSS6.1AI score0.00346EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added yesterday7 views

PT-2026-57112

The Easy Appointments plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.12.27. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with author-level...

4.3CVSS6.1AI score0.0028EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added yesterday6 views

PT-2026-57062

The Plus Addons for Elementor plugin for WordPress was vulnerable to Authenticated Contributor+ Stored Cross-Site Scripting via the Button widget's custom attributes setting in versions up to and including 6.4.11. The render function in modules/widgets/tp button.php passed the raw custom attribut...

6.4CVSS6AI score0.00261EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added yesterday6 views

PT-2026-57167

In @capgo/capacitor-updater Cap-go/capgo before 12.128.2, the end-to-end encryption scheme distributes the private key to each device that downloads the app. Because the public key can be derived from the private key, an attacker performing a man-in-the-middle attack or compromising the Capgo...

8.3CVSS6.1AI score
Exploits0References2
Positive Technologies
Positive Technologies
added yesterday7 views

PT-2026-57169

Capgo before 12.128.2 contains an information disclosure vulnerability in the get orgs v7userid RPC function that remains publicly invokable despite intended private access controls. Unauthenticated attackers can supply arbitrary user UUIDs to retrieve foreign users' organization membership, role...

8.7CVSS6.2AI score
Exploits0References2
Positive Technologies
Positive Technologies
added yesterday6 views

PT-2026-57181

n8n before 2.28.0 and before 1.123.58 on the 1.x branch contains a disk space exhaustion vulnerability in the data-table file upload endpoint. The per-request quota check does not account for files already written to the shared temporary directory, allowing an authenticated user to repeatedly...

5.3CVSS6.1AI score
Exploits0References2
Positive Technologies
Positive Technologies
added yesterday5 views

PT-2026-57345

New one on the board: CVE-2026-59979. Cross-tenant IDOR in Yosemite-Crew OSS vet practice mgmt. Their security-fix PR added RBAC to the create routes but forgot the update/delete ones so any low-priv user even a patient account could edit or delete another clinic's data. https://t.co/4NobkLLi91...

6.1AI score
Exploits0References1
Positive Technologies
Positive Technologies
added yesterday5 views

PT-2026-57058

In OpenStack Ironic before 37.0.1, an Ironic user with the ability to deploy nodes using the IPMI management interface can maliciously use the send raw step to send arbitrary IPMI commands to a node, bypassing Ironic's access control...

8.2CVSS6AI score0.00516EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added yesterday7 views

PT-2026-57108

Improper Privilege Management, Improper Access Control vulnerability in Apache IoTDB. Authenticated users can escalate to full tree-path access by renaming themselves to internal auditor. This issue affects Apache IoTDB: from 2.0.8 before 2.0.10. Users are recommended to upgrade to version 2.0.10...

6.1AI score0.00132EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added yesterday6 views

PT-2026-57123

The Easy Upload Files During Checkout plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 3.0.1. This is due to missing authorization checks in the ufdc custom init function, which processes the 'eufdc-delete' parameter without any nonce verification,...

5.3CVSS6.2AI score0.00243EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added yesterday8 views

PT-2026-57120

The GW AI Website Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the gwaiwebu gravitywrite disconnect handler function in all versions up to, and including, 1.0.1. This makes it possible for authenticated attackers, with...

4.3CVSS6.1AI score0.00222EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added yesterday7 views

PT-2026-57020

A security flaw has been discovered in Sipeed PicoClaw up to 0.2.9. Affected by this vulnerability is the function WebFetchTool.Execute of the file pkg/tools/integration/web.go of the component Guarded Web Fetch Flow. The manipulation results in server-side request forgery. The attack can be...

7.5CVSS6.2AI score0.00247EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added yesterday6 views

PT-2026-57227

An unauthenticated path traversal vulnerability exists in the web management interface of WTI Wireless Technology, Inc. version 3.5.0.r 2024/05/24 00:00:00. An unauthenticated attacker can craft malicious HTTP requests containing traversal sequences to access files outside of the intended web roo...

7.5CVSS6.1AI score
Exploits1References3
Positive Technologies
Positive Technologies
added yesterday7 views

PT-2026-57201

A flaw was found in the file type content detector of guardrails-detectors. This vulnerability allows a remote attacker to supply an arbitrary XML Schema Definition XSD string, which is processed without proper restrictions. This can lead to server-side requests to arbitrary URLs or local file...

9.3CVSS6.1AI score
Exploits0References3
Positive Technologies
Positive Technologies
added yesterday9 views

PT-2026-57236

NanaZip is the 7-Zip derivative intended for the modern Windows experience. Prior to 6.5.1749.0, NanaZip's UFS and FFS image handler in NanaZip.Codecs.Archive.Ufs.cpp validates the superblock block size only against the MINBSIZE lower bound and does not validate the fs fsize fragment size, allowi...

2.4CVSS6.2AI score
Exploits0References4
Positive Technologies
Positive Technologies
added yesterday6 views

PT-2026-57211

A user with Editor permissions can craft a dashboard whose table TableNG panel contains a malicious field name that executes as a script in the browser of any user who views the dashboard stored cross-site scripting...

6.8CVSS6AI score
Exploits0References2
Positive Technologies
Positive Technologies
added yesterday6 views

PT-2026-57337

v4.01 of our Windows client is at https://t.co/TMEEK4A4TM See attached for client-side fixes. Servers were updated to OpenVPN 2.7.5 on the 2nd, and v4.01 bundles 2.7.5, so we're good on CVE-2026-12996, CVE-2026-13117, CVE-2026-12932, and CVE-2026-13698. https://t.co/7VvcXvxk70...

6.1AI score
Exploits0References1
Positive Technologies
Positive Technologies
added yesterday7 views

PT-2026-57210

9Router is an AI router & token saver. Prior to 0.5.2, 9router validates image URLs by resolving the host before fetching, but open-sse/translator/concerns/image.js performs the later server-side image fetch with a separate DNS resolution. An authenticated attacker with access to the LLM proxy ca...

7.4CVSS6.1AI score
Exploits0References4
Positive Technologies
Positive Technologies
added yesterday6 views

PT-2026-57221

ESF-IDF is the Espressif Internet of Things IOT Development Framework. Versions 6.0.1, 5.5.4, 5.4.4, 5.3.5, and possibly prior contain an out-of-bounds write in jpeg parse dqt marker in components/esp driver jpeg/jpeg parse marker.c because the attacker-controlled DQT marker Tq nibble is used as ...

7.5CVSS6.1AI score
Exploits0References7
Positive Technologies
Positive Technologies
added yesterday10 views

PT-2026-57232

Summary tarteaucitron provides a list of cookies and buttons to delete them. If an attacker can write HTML with data attributes, they could create an element that silently deletes a cookie when clicked and trick a user to delete this cookie. Details tarteaucitron.cookie.purge is called on any...

4.3CVSS6.1AI score
Exploits0References3
Positive Technologies
Positive Technologies
added yesterday7 views

PT-2026-57324

Grist is spreadsheet software using Python as its formula language. Prior to 1.7.15, Grist contained two cross-site scripting vulnerabilities where an attacker-controlled value reached a link's href without scheme validation, so a javascript URL could run in a victim's Grist origin on a single...

8.5CVSS6.1AI score
Exploits0References4
Positive Technologies
Positive Technologies
added yesterday8 views

PT-2026-57241

Grav is a file-based Web platform. Prior to 2.0.0, an authenticated admin.super user can crash Grav or fill the disk by uploading a specially crafted ZIP archive through the Direct Install tool because Installer::unZip calls ZipArchive::extractTo without limits on uncompressed size, entry count, ...

6.9CVSS6.1AI score
Exploits1References4
Positive Technologies
Positive Technologies
added yesterday8 views

PT-2026-57217

Grav is a file-based Web platform. Prior to 1.7.53 and 2.0.0-rc.8, Grav allows an unauthenticated visitor to exhaust server memory and CPU by requesting image derivatives with oversized dimensions through URL query image actions such as forceResize in Grav::fallbackUrl, which passes request...

8.7CVSS6.1AI score
Exploits0References5
Positive Technologies
Positive Technologies
added yesterday6 views

PT-2026-57205

Several Grafana API endpoints, some of them unauthenticated, do not limit the size of the request body before processing it. An attacker can send very large payloads that force excessive memory allocation, potentially exhausting memory and causing a denial of service...

7.5CVSS6.1AI score
Exploits0References2
Positive Technologies
Positive Technologies
added yesterday7 views

PT-2026-57218

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. In affected Mbed TLS backend versions from 0.31.0 through 0.46.1 and wolfSSL backend versions from 0.33.0 through 0.46.1, when cpp-httplib is built with CPPHTTPLIB MBEDTLS SUPPORT or CPPHTTPLIB WOLFSSL SUPPORT and a...

7.4CVSS5.9AI score
Exploits0References3
Positive Technologies
Positive Technologies
added yesterday7 views

PT-2026-57277

The miniOrange Social Login and Register Discord, Google, Twitter, LinkedIn plugin for WordPress is vulnerable to authentication bypass leading to account takeover in versions up to and including 7.7.0. This is due to the Profile Completion flow accepting an arbitrary email address via the 'email...

9.8CVSS6.2AI score
Exploits0References7
Positive Technologies
Positive Technologies
added yesterday7 views

PT-2026-57309

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause an integer overflow and map two GPU virtual addresses to the same physical address. One of these virutal mappings can be freed along with the physical page, allowing for a read/write UAF via the...

6.1AI score
Exploits0References2
Positive Technologies
Positive Technologies
added yesterday8 views

PT-2026-57233

An issue in Invixium IXM WEB v.2.3.85.25 allows an attacker to escalate privileges via the /SystemUsers/CreateAppUser components...

9.1CVSS6.1AI score
Exploits0References5
Positive Technologies
Positive Technologies
added yesterday7 views

PT-2026-57249

CVE-2026-47291: Kernel-Mode RCE in Windows HTTP.sys A critical Remote Code Execution RCE vulnerability, CVE-2026-47291, has been identified and recently patched in the Windows kernel-mode HTTP protocol stack, HTTP.sys. This flaw allows remote, unauthenticated attackers to achieve denial-of-servic...

9.8CVSS6.4AI score0.21506EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added yesterday9 views

PT-2026-57219

9Router is an AI router & token saver. Prior to 0.5.2, 9router protects /v1, /v1beta, /api/v1, and /api/v1beta in src/dashboardGuard.js but omits /codex before next.config.mjs rewrites /codex/ to /api/v1/responses. A remote unauthenticated attacker can send requests to /codex/ to bypass the API-k...

8.6CVSS6.1AI score
Exploits0References3
Positive Technologies
Positive Technologies
added yesterday10 views

PT-2026-57080

A security flaw has been discovered in zhayujie CowAgent up to 2.1.0. The impacted element is an unknown function of the file channel/channel.py of the component Message Endpoint. The manipulation results in missing authorization. The attack may be launched remotely. The exploit has been released...

6.5CVSS5.8AI score0.00209EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added yesterday7 views

PT-2026-57319

Name of the Vulnerable Software and Affected Versions Apache Log4j API versions 2.13.1 through 2.25.4 Apache Log4j API version 2.26.0 Description Improper encoding of non-finite IEEE 754 floating-point values NaN, Infinity, or -Infinity during MapMessage JSON serialization produces output that is...

6.3CVSS6.1AI score
Exploits0References6
Positive Technologies
Positive Technologies
added yesterday8 views

PT-2026-57272

Name of the Vulnerable Software and Affected Versions MCP Server Kubernetes versions prior to 3.9.0 Description An argument injection flaw exists in structured tools, specifically within the kubectl get, kubectl describe, and kubectl delete functions. By providing the resourceType and name...

9.8CVSS6.1AI score
Exploits0References10
Positive Technologies
Positive Technologies
added yesterday7 views

PT-2026-57097

Improper authorization in Samsung Health prior to version 7.00.0.107 allows local attackers to access connected device information...

4.8CVSS6.1AI score0.00099EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added yesterday8 views

PT-2026-57109

Incorrect Authorization, Improper Access Control vulnerability in Apache IoTDB. Authorization bypass in /rest/v2/fastLastQuery exposes last-value data to unauthorized authenticated users. This issue affects Apache IoTDB: from 1.3.5 before 1.3.8, from 2.0.5 before 2.0.10. Users are recommended to...

6.1AI score0.0014EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added yesterday7 views

PT-2026-57222

9Router is an AI router & token saver. Prior to 0.5.2, 9router treats loopback requests as trusted and allows /v1/ access without an API key, so a same-host reverse proxy that forwards public traffic to the backend through 127.0.0.1 causes src/dashboardGuard.js to misclassify external requests as...

8.3CVSS6.1AI score
Exploits0References3
Positive Technologies
Positive Technologies
added yesterday8 views

PT-2026-57155

Dell PowerFlex Manager, Version prior to 5.1.0.1, contains an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability during OS Repository processing to achie...

9.1CVSS6.3AI score
Exploits0References2
Positive Technologies
Positive Technologies
added yesterday7 views

PT-2026-57158

Plug.Parsers.MULTIPART, the multipart request-body parser used to handle file uploads and multipart forms, does not enforce its :length budget against all consumed resources, allowing an unauthenticated remote attacker to cause denial of service. The parser charges the :length limit only for part...

6.9CVSS6.1AI score
Exploits0References10
Positive Technologies
Positive Technologies
added yesterday6 views

PT-2026-57220

9Router is an AI router & token saver. Prior to 0.5.2, 9router determines whether a /v1 LLM proxy request is local by reading the client-controlled Host header, allowing a remote unauthenticated attacker to send Host: localhost and bypass API-key authentication. In the default configuration, this...

8.2CVSS6.1AI score
Exploits0References3
Positive Technologies
Positive Technologies
added yesterday11 views

PT-2026-57182

In JetBrains YouTrack before 2026.2.17012 cSS injection via Mermaid diagram rendering was possible...

3.5CVSS6.1AI score
Exploits0References1
Positive Technologies
Positive Technologies
added yesterday8 views

PT-2026-57335

Software installed and run as a non-privileged user may conduct a sequence of improper GPU system calls causing use after free, which helps in facilitating unprivileged memory access from a shader code. Triggering failure path in the MMU mapping logic by a malicious code could lead to incomplete...

6.1AI score
Exploits0References2
Positive Technologies
Positive Technologies
added yesterday6 views

PT-2026-57293

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.28.0 on 32-bit builds, FreeRDP clients contain an integer overflow in update read delta points in libfreerdp/core/orders.c when multiplying an attacker-controlled point count by sizeofDELTA POINT, allowing a malicious RDP...

8.6CVSS6.2AI score
Exploits0References5
Positive Technologies
Positive Technologies
added yesterday4 views

PT-2026-57366

Summary The /authorize endpoint accepts any redirect uri without validating it against AllowedOrigins. When response type=token or response type=id token, the server appends access token, id token, and refresh token as query parameters and issues a 302 redirect to the attacker-supplied URL. An...

9.3CVSS6.1AI score
Exploits0References3
Positive Technologies
Positive Technologies
added yesterday10 views

PT-2026-57286

Snipe-IT is an IT asset/license management system. Prior to 8.6.2, UploadFileRequest sanitizes SVG content only when PHP finfo reports image/svg+xml and UploadedFilesController serves attachments inline without using StorageHelper::allowSafeInline, allowing a low-privilege user to upload active...

6.2CVSS6.1AI score
Exploits0References4
Positive Technologies
Positive Technologies
added yesterday8 views

PT-2026-57292

Name of the Vulnerable Software and Affected Versions Logto versions prior to 1.41.0 Description The self-hosted SAML application IdP constructs signed SAML responses and assertions by substituting user-controlled profile attributes, such as name, email, and custom attribute-mapping values, into...

8.5CVSS6.2AI score
Exploits0References6
Positive Technologies
Positive Technologies
added yesterday8 views

PT-2026-57252

ZITADEL is an open source identity management platform. Prior to 3.4.12 and 4.15.2, ZITADEL's external JWT Identity Provider validation in internal/idp/providers/jwt/session.go skips the maximum token age freshness check when an incoming token omits the iat claim, allowing arbitrarily old tokens...

4.2CVSS6.1AI score
Exploits0References6
Total number of security vulnerabilities184379