184379 matches found
PT-2026-53194
Name of the Vulnerable Software and Affected Versions CherryHQ cherry-studio versions prior to 1.9.7 Description Improper authorization exists in the MCP OAuth Local Callback Server component within the src/main/services/mcp/oauth/callback.ts file. A remote attacker can manipulate the code argume...
PT-2026-53301
Unauthenticated Broken Access Control in Japanized For WooCommerce = 2.9.12 versions...
PT-2026-53288
Subscriber Broken Access Control in MainWP = 6.1.1 versions...
PT-2026-53162
Name of the Vulnerable Software and Affected Versions JoomCCK affected versions not specified Description A front-end controller task in the JoomCCK extension for Joomla is susceptible to SQL injection. This occurs because the application constructs two SQL statements by directly concatenating a...
PT-2026-53114
Name of the Vulnerable Software and Affected Versions ANTLR4 versions prior to 4.13.3 Description An issue exists in the tokenVocab Grammar Option Handler where the getImportedVocabFile function in the tool/src/org/antlr/v4/parse/TokenVocabParser.java file is susceptible to path traversal. This...
PT-2026-53103
Name of the Vulnerable Software and Affected Versions glpi-project glpi versions 11.0.5 through 11.0.7 Description An authorization bypass exists in the Document Handler component within the file 'front/document.send.php'. The issue occurs in the Document::canViewFile function when processing the...
PT-2026-53088
Name of the Vulnerable Software and Affected Versions RustDesk affected versions not specified Description An issue exists where incoming control messages are gated based on per-capability flags instead of the session's authorized connection type. Because a file-transfer session fails to clear...
PT-2026-53107
A vulnerability was found in itsourcecode Hospital Management System 1.0. The affected element is an unknown function of the file /ajaxmedicine.php. The manipulation of the argument medicineid results in sql injection. It is possible to launch the attack remotely. The exploit has been made public...
PT-2026-53163
Name of the Vulnerable Software and Affected Versions volcengine OpenViking versions prior to 0.3.22 Description Insufficient verification of data authenticity exists within the Local VectorDB Primary-key Label Handler component. The issue occurs in the str to uint64 function located in the...
PT-2026-53110
Name of the Vulnerable Software and Affected Versions yashpokharna2555 restaurent-management-system affected versions not specified Description A security flaw exists in the Registration Handler component within the login register.php file. A remote attacker can perform cross-site scripting XSS—a...
PT-2026-53086
Name of the Vulnerable Software and Affected Versions MyBB version 1.8.40 Description An issue exists where users with limited Admin Control Panel ACP access can assign any usergroup to an account during creation or editing. This occurs because the verify usergroup function in the user module...
PT-2026-53108
Name of the Vulnerable Software and Affected Versions itsourcecode Hospital Management System version 1.0 Description A SQL injection issue exists in the /appointment.php file. This occurs when the editid parameter is manipulated, allowing a remote attacker to execute unauthorized database querie...
PT-2026-53168
Name of the Vulnerable Software and Affected Versions Databend versions prior to 1.2.882 Description An authorization bypass exists in the HTTP Tenant Handler component. The issue resides in the ClientSessionManager::state key function within the src/query/service/src/servers/http/v1/session/clie...
PT-2026-53345
These are all security issues fixed in the glibc-2.43-4.1 package on the GA media of openSUSE Tumbleweed...
PT-2026-53222
Name of the Vulnerable Software and Affected Versions D-Link DCS-935L version 1.10.01 Description An OS command injection flaw exists in the POST Parameter Handler component. The issue occurs within the sub 400E40 function of the setconf.cgi file. A remote attacker can exploit this by manipulatin...
PT-2026-53094
A vulnerability was detected in skypilot-org skypilot up to 0.12.0. Impacted is the function username.encode of the file sky/users/server.py of the component User ID Handler. The manipulation results in use of weak hash. The attack may be performed from remote. This attack is characterized by hig...
PT-2026-53104
Name of the Vulnerable Software and Affected Versions xiaozhi-esp32 versions prior to 2.2.7 Description A remote denial of service can be triggered through the manipulation of the session id argument. This issue resides within the Application::GetInstance function located in the main/protocols/mq...
PT-2026-53095
Name of the Vulnerable Software and Affected Versions arc53 DocsGPT versions prior to 0.18.1 Description An issue exists in the Credential Storage component within the encrypt credentials function of the application/security/encryption.py file. This flaw leads to insufficient verification of data...
PT-2026-53100
Name of the Vulnerable Software and Affected Versions SourceCodester Class and Exam Timetabling System version 1.0 Description An issue exists in the /archive.php file where the manipulation of the sy argument allows for SQL injection. This allows a remote attacker to interfere with the database...
PT-2026-53112
Name of the Vulnerable Software and Affected Versions ANTLR4 versions prior to 4.13.3 Description Command injection is possible in the gofmt component via the GoTarget function located in the tool/src/org/antlr/v4/codegen/target/GoTarget.java file. This issue allows an attacker to execute arbitra...
PT-2026-53093
Zephyr's BSD-sockets getaddrinfo implementation subsys/net/lib/sockets/getaddrinfo.c passes a pointer to a stack-allocated state object struct getaddrinfo state ai state as the user data of an asynchronous DNS resolver query. The socket layer waits on a semaphore with a timeout deliberately set...
PT-2026-53214
Name of the Vulnerable Software and Affected Versions Wavlink WL-NU516U1-A version M16U1 V240425 Description A stack-based buffer overflow occurs in the POST Parameter Handler component when processing the Guest ssid argument. This issue exists within the sub 407504 function of the...
PT-2026-53223
Name of the Vulnerable Software and Affected Versions Edimax EW-7478APC version 1.04 Description A stack-based buffer overflow occurs when manipulating the pppUserName argument within the formPPPoESetup function of the /goform/formPPPoESetup endpoint in the POST Request Handler component. This...
PT-2026-53347
These are all security issues fixed in the libQXmppQt6-10-1.16.1-1.1 package on the GA media of openSUSE Tumbleweed...
PT-2026-53164
Name of the Vulnerable Software and Affected Versions khoj-ai khoj versions prior to 2.0.0-beta.29 Description A flaw in the Conversation Sharing Handler component within the file src/khoj/routers/api chat.py allows for incorrect authorization. This occurs through the manipulation of the...
PT-2026-53105
Name of the Vulnerable Software and Affected Versions AIDC-AI ComfyUI-Copilot versions prior to 2.0.29 Description A flaw exists in the Workflow Checkpoint Restore Handler component within the file backend/controller/conversation api.py. This issue involves improper control of resource identifier...
PT-2026-53097
Name of the Vulnerable Software and Affected Versions MLflow versions up to 4666cffc7912ea606d592fc38d6a75e2935f65e7 Description An issue exists within the Experiment-scoped Label Schema CRUD API where a function lacks proper authorization. This allows a remote attacker to perform unauthorized...
PT-2026-53092
The Microchip SERCOM-G1 UART driver drivers/serial/uart mchp sercom g1.c, used by the PIC32CM-JH SoC family, contains an out-of-bounds write in its asynchronous DMA receive path. When uart rx enable is invoked with a one-byte receive buffer len == 1 and CONFIG UART MCHP ASYNC is enabled, the...
PT-2026-53098
Name of the Vulnerable Software and Affected Versions SourceCodester Class and Exam Timetabling System version 1.0 Description An issue exists in the /preview.php endpoint where manipulating the course year section variable allows for SQL injection. This allows a remote attacker to interfere with...
PT-2026-53089
Name of the Vulnerable Software and Affected Versions Flowise versions prior to 3.1.3 Description An authenticated user can execute arbitrary code in the server context by configuring a Custom MCP node. The issue occurs because environment variables are validated against a denylist using a...
PT-2026-53344
These are all security issues fixed in the chromedriver-149.0.7827.200-1.1 package on the GA media of openSUSE Tumbleweed...
PT-2026-53167
Name of the Vulnerable Software and Affected Versions VoltAgent versions prior to 2.1.18 Description An improper authorization issue exists within the Memory REST API component, specifically in the handleGetMemoryConversation function located in the...
PT-2026-53227
CVE-2026-55509 Security Research Public CVE writeups, reproducible proof-of-concepts, a... https://t.co/zaBciGtro1 Vulnerability Notification: https://t.co/xhLrNnfyrO...
PT-2026-53101
A security flaw has been discovered in SourceCodester Class and Exam Timetabling System 1.0/7.php. Affected by this vulnerability is an unknown functionality of the file /preview7.php. The manipulation of the argument course year section results in sql injection. The attack may be launched...
PT-2026-53165
Name of the Vulnerable Software and Affected Versions RAGapp versions prior to 0.1.6 Description A path traversal issue exists in the Knowledge File Handler component. This flaw allows remote attackers to manipulate files via the FileHandler.upload file and FileHandler.remove file functions locat...
PT-2026-53113
A flaw has been found in antlr ANTLR4 up to 4.13.2. This affects the function ObjectInputStream.readObject of the file antlr4-maven-plugin/src/main/java/org/antlr/mojo/antlr4/GrammarDependencies.java of the component Maven Plugin. This manipulation causes time-of-check time-of-use. The attack is...
PT-2026-53346
These are all security issues fixed in the istioctl-1.30.2-1.1 package on the GA media of openSUSE Tumbleweed...
PT-2026-53115
Name of the Vulnerable Software and Affected Versions code-projects Project Management System version 1.0 Description Cross site scripting XSS occurs in the Mail Compose Page component within the /mail.php endpoint. This issue allows a remote attacker to execute malicious scripts through the...
PT-2026-53109
Name of the Vulnerable Software and Affected Versions yashpokharna2555 restaurent-management-system affected versions not specified Description An issue exists in the POST Parameter Handler component within the /forgotpassword.php file. Remote manipulation of the email parameter allows for SQL...
PT-2026-53085
Gitea act runner with the Docker backend through act 0.262.0 passes a workflow's container.options string to the Docker job container's HostConfig and, when configured with privileged: false, forces only the Privileged flag off while merging options such as --pid=host, --cap-add, and --security-o...
PT-2026-53102
Name of the Vulnerable Software and Affected Versions xiaozhi-esp32 versions prior to 2.2.7 Description A weakness in the MCP Response Handler component allows for improper synchronization. This issue occurs within the ParseMessage function located in the main/mcp server.cc file. Remote...
PT-2026-53224
Name of the Vulnerable Software and Affected Versions Edimax EW-7478APC version 1.04 Description A remote buffer overflow exists in the POST Request Handler component. The issue occurs within the formUSBFolder function located in the /goform/formUSBFolder endpoint when processing the ShareName or...
PT-2026-54530
Уязвимость функции decode dlta файла libavcodec/rasc.c видеодекодера RASC мультимедийной библиотеки FFmpeg связана с записью за границами буфера. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, вызвать отказ в обслуживании...
PT-2026-53166
Name of the Vulnerable Software and Affected Versions SimStudioAI sim versions prior to 0.6.93 Description An issue exists in the Password Protection Handler component within the apps/sim/lib/core/security/deployment.ts library. A remote attacker can perform a manipulation that results in the use...
PT-2026-53081
Name of the Vulnerable Software and Affected Versions FFmpeg versions prior to the latest patch Description The RASC video decoder in libavcodec contains a flaw where the decode dlta function in libavcodec/rasc.c performs 32-bit reads and writes at the row cursor before the NEXT LINE row-boundary...
PT-2026-53099
Name of the Vulnerable Software and Affected Versions SourceCodester Class and Exam Timetabling System version 1.0 Description An SQL injection issue exists in the /preview6.php endpoint. A remote attacker can exploit this by manipulating the course year section variable, allowing for the executi...
PT-2026-53091
The Zephyr Bluetooth LE Audio Basic Audio Profile BAP unicast client mishandles peer-supplied ASE state notifications. In unicast client ep qos state subsys/bluetooth/audio/bap unicast client.c, the handler writes attacker-controlled QoS fields interval, framing, phy, sdu, rtn, latency, pd throug...
PT-2026-53106
Name of the Vulnerable Software and Affected Versions itsourcecode Hospital Management System version 1.0 Description A SQL injection issue exists in the /adminprofile.php endpoint. This occurs when the loginid variable is manipulated, allowing a remote attacker to execute unauthorized database...
PT-2026-53083
Name of the Vulnerable Software and Affected Versions libssh2 versions prior to 1.11.2 Description An issue exists in the public key parsing process where the software expands its public key list using SSH2 REALLOC but fails to zero-initialize new entries before they are populated. If a parse...
PT-2026-53111
Name of the Vulnerable Software and Affected Versions ANTLR4 versions prior to 4.13.3 Description An issue exists in the Grammar Action Block Handler component within the file tool/src/org/antlr/v4/codegen/model/OutputFile.java. A remote attacker can perform a manipulation that leads to code...