Lucene search
K
PtsecurityRecent

184315 matches found

Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-57022

Impact What kind of vulnerability is it? Who is impacted? A verifier configured with WithTransparencyLogN1 or WithSignedCertificateTimestampsN1 expected defense-in-depth against the compromise of a single log instance. However, threshold counting counted verified witnesses per-entry or...

5.9CVSS5.9AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2 days ago8 views

PT-2026-57034

Summary YesWiki's Bazar widget handler reflects the id GET parameter into HTML attributes using strip tags only. Because strip tags does not escape double quotes, an attacker can break out of the attribute value, inject an event handler such as onmouseover, and execute arbitrary JavaScript in the...

6.1CVSS6AI score0.00039EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-56970

decompress before 4.2.2 allows arbitrary symlink creation during archive extraction. When processing symlink entries type === 'symlink', the x.linkname field from the archive is passed directly to fs.symlink without validation index.js line 121. The preventWritingThroughSymlink check on line 98...

6.1AI score0.00166EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-56968

decompress before 4.2.2 allows arbitrary hardlink creation during archive extraction, enabling file read disclosure and file corruption. When processing hardlink entries type === 'link', the x.linkname field from the archive is passed directly to fs.link without validation index.js line 113. An...

6.1AI score0.0017EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2 days ago8 views

PT-2026-56969

decompress before 4.2.2 contains an improper path containment check that enables directory traversal and arbitrary file write. The safeMakeDir function index.js line 29 and the extraction path validation index.js line 106 use String.indexOf to verify the resolved path is within the output...

6AI score0.0026EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-56983

A Missing Synchronization vulnerability in the flow collector handler of Juniper Networks Junos OS Evolved on QFX Series allows an adjacent, unauthenticated attacker to cause a Denial-of-Service DoS. When the reachability of an sFlow collector changes, the corresponding next-hop entry is...

6CVSS6AI score0.0019EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-57014

Name of the Vulnerable Software and Affected Versions Vim versions prior to 9.2.0725 Description A flaw exists in the single-byte branch of the spell soundfold sal function within src/spell.c. When translating a word using a spell file's SAL sound-folding rules into a caller-owned result buffer,...

5.6CVSS6.1AI score0.00131EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2 days ago7 views

PT-2026-57013

Name of the Vulnerable Software and Affected Versions Vim versions prior to 9.2.0736 Description The PHP omni-completion script in runtime/autoload/phpcomplete.vim fails to escape class or trait names taken from the edited buffer before interpolating them into a search pattern executed via win...

8.4CVSS6.4AI score0.00479EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-57015

Name of the Vulnerable Software and Affected Versions Vim versions prior to 9.2.0735 Description The C omni-completion script in runtime/autoload/ccomplete.vim fails to escape the typeref: or typename: extension fields of a tags entry when interpolating them into a :vimgrep pattern executed via...

8.4CVSS6.5AI score0.00133EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2 days ago6 views

PT-2026-56883

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. Prior to 0.10.0, the file upload path accepted metadata.knowledge id and auto-linked uploaded files to a target knowledge base without applying the write-access check used by /api/v1/knowledge//file/add, allowin...

4.3CVSS6AI score0.00268EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2 days ago4 views

PT-2026-56880

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.6.27 before 0.10.0, get all models handlers in routers/openai.py and routers/ollama.py passed a lambda to aiocache key instead of key builder, causing permission-filtered per-user model lists to share a...

3.5CVSS6AI score0.00258EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2 days ago6 views

PT-2026-56873

An input validation vulnerability in the RTSP service of MERCURY MIPC252W IP Camera v1.0.5 Build 230306 Rel.79931n allows an unauthenticated, network-adjacent attacker to cause a denial of service via a crafted DESCRIBE request with a malformed URL in the request line...

6.5CVSS6AI score0.00177EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-56908

Unauthorized use of Kyocera printers, allows all information stored in the Kyocera address book to be exported. The security measure that encrypts incoming data ian be bypassed with this vulnerability, allowing encrypted data to be decrypted. Passwords and other sensitive information can be...

7.5CVSS5.9AI score0.00199EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2 days ago10 views

PT-2026-56828

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. Prior to 0.10.0, the /api/v1/auths/signin endpoint looked users up by email and only ran bcrypt password verification when a credential existed, making registered-account attempts measurably slower than...

5.3CVSS5.9AI score0.00244EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2 days ago8 views

PT-2026-56728

When the upstream Guardian or CMC was configured in the Remote Collector via n2os-tui, the generated configuration disabled TLS certificate verification, and no option was provided to enable it. A malicious actor could perform a man-in-the-middle attack and intercept the communication between the...

8.3CVSS6AI score0.00121EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2 days ago6 views

PT-2026-56771

The Bit Form – Contact Form, Payment Forms, Multi Step Forms, Calculator & Custom Form Builder plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the deleteFiles function in all versions up to, and including, 3.1.1 This makes it possible for...

7.1CVSS6.7AI score0.00691EPSS
Exploits0References14
Positive Technologies
Positive Technologies
added 2 days ago7 views

PT-2026-56761

Authorization bypass through User-Controlled key vulnerability in PAVO Financial Technology Solutions Inc. PAVO Pay allows Exploitation of Trusted Identifiers. This issue affects PAVO Pay: through 09072026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way...

7.5CVSS5.9AI score0.00407EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-56924

A NULL Pointer Dereference vulnerability in the management daemon mgd of Juniper Networks Junos OS and Junos OS Evolved allows a local, high-privileged attacker setting or deactivating a specific SSH configuration parameter to create a Denial of Service DoS. A local high-privileged user configuri...

6.7CVSS6.1AI score0.00166EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2 days ago6 views

PT-2026-56960

Man, this is straight-up wild! Nearly 100 plugins and themes are completely exposed right now with zero fixes in sight, and honestly, it's making my anxiety spike just thinking about it! If the developer went ghost and abandoned ship, you've got to stop messing around and dump that software...

9.9CVSS6AI score0.00541EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2 days ago6 views

PT-2026-56948

Man, this is straight-up wild! Nearly 100 plugins and themes are completely exposed right now with zero fixes in sight, and honestly, it's making my anxiety spike just thinking about it! If the developer went ghost and abandoned ship, you've got to stop messing around and dump that software...

9.9CVSS6AI score0.00541EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2 days ago4 views

PT-2026-56942

Man, this is straight-up wild! Nearly 100 plugins and themes are completely exposed right now with zero fixes in sight, and honestly, it's making my anxiety spike just thinking about it! If the developer went ghost and abandoned ship, you've got to stop messing around and dump that software...

9.9CVSS6AI score0.00541EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-57037

Summary Two related authorization gaps let a host that should no longer be trusted obtain a fresh, valid Nebula certificate, because nebula-mgmt does not re-evaluate revocation/authorization state at certificate issuance time — only at poll time. 1. Blocklist not enforced at sign / re-enroll time...

7.1CVSS6AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-56936

Man, this is straight-up wild! Nearly 100 plugins and themes are completely exposed right now with zero fixes in sight, and honestly, it's making my anxiety spike just thinking about it! If the developer went ghost and abandoned ship, you've got to stop messing around and dump that software...

9.9CVSS6AI score0.00541EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2 days ago6 views

PT-2026-56937

Man, this is straight-up wild! Nearly 100 plugins and themes are completely exposed right now with zero fixes in sight, and honestly, it's making my anxiety spike just thinking about it! If the developer went ghost and abandoned ship, you've got to stop messing around and dump that software...

9.9CVSS6AI score0.00541EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-57032

Bazar form-field templates still apply |raw'html' to field.label / field.hint in attribute and label-body contexts — stored XSS in form renders sibling class of commit e6b66aa CWE: CWE-79 Improper Neutralization of Input During Web Page Generation, "Cross-site Scripting" via CWE-116 Improper...

5.5CVSS6.2AI score0.00034EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-57029

Summary The POST /api/forms/formId/actor/inbox route - exposed publicly with acl:"public" - accepts an HTTP Signature header whose keyId parameter is a URL. HttpSignatureService::verifySignature parses the header and immediately makes a server-side HTTP GET to that URL, before any cryptographic...

8.3CVSS6.2AI score0.00066EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-57036

Details Sink tools/bazar/services/CSVManager.php line 372-399: public function importEntryarray $importedEntries, string $formId: ?array if !$this-importdone // ... foreach $importedEntries as $entry $entry = unserializebase64 decode$entry; // false argument; arbitrary classes are instantiated. T...

9.4CVSS6.7AI score0.00379EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2 days ago7 views

PT-2026-57035

Summary YesWiki through the latest development branch contains a SQL injection vulnerability in ReactionManager::deleteUserReaction that allows any authenticated user to inject arbitrary SQL via the idreaction and id URL path parameters. The parameters are concatenated directly into a SQL LIKE...

8.8CVSS6.2AI score0.0004EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-57030

Summary YesWiki’s public Bazar entry-listing APIs are vulnerable to unauthenticated SQL injection in numeric query / queries filters. For Bazar fields whose value structure is numeric, YesWiki escapes the attacker-controlled filter value but inserts it into SQL without quotes or numeric validatio...

7.5CVSS6.1AI score0.00047EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2 days ago4 views

PT-2026-57031

Summary ApiController::deletePage interpolates a page tag retrieved from the database into a DELETE FROM … links WHERE to tag = '$tag' query without escaping. The page tag is attacker-controlled — the POST /api/pages/tag API accepts arbitrary URL-encoded values, including single quotes, and store...

8.3CVSS6.2AI score0.00033EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-57025

Summary YesWiki Bazar contains a stored Server-Side Template Injection SSTI vulnerability in the semantic template feature that can be escalated to confirmed Remote Code Execution RCE. An authenticated administrator can place arbitrary Twig expressions into the Semantic template Twig field bn sem...

7.1CVSS6.5AI score0.00109EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-57026

Summary The recentchanges action actions/recentchanges.php accepts a period argument from two disjoint parameter spaces: the URL query string $ GET'period' and the action invocation recentchanges period="...". A whitelist at line 17 validates only the URL form against 'day','week','month'. The...

6.5CVSS6.2AI score0.00044EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2 days ago6 views

PT-2026-57043

rattler cache and py-rattler were vulnerable to package-cache path traversal when handling package metadata from conda channels. During cache materialization, the ratter cache code used the package record build string as part of a cache key that was joined into a filesystem path. A malicious or...

5.4CVSS6AI score0.00033EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-57039

Impact An authorization bypass vulnerability exists in the shop account API. The PATCH /api/v2/shop/account/orders/tokenValue/payments/paymentId endpoint, used by an authenticated shop customer to change the payment method of an order that has been placed but not yet paid state STATE NEW, does no...

4.3CVSS5.9AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2 days ago8 views

PT-2026-57042

Summary A crafted backup archive can trigger OS command injection during database restore. The restore workflow extracts a ZIP archive, enumerates files under db-dumps, converts the dump path to an absolute path, and passes that path into database import commands that are built as shell command...

8CVSS6.2AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2 days ago7 views

PT-2026-57028

Summary HttpSignatureService::verifySignature checks the result of PHP's openssl verify with a loose boolean negation - if !openssl verify... throw ... . PHP's openssl verify has four possible return values: | return | meaning | !return | | ------ | -----------------------------------------------...

8.2CVSS6AI score0.00022EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2 days ago6 views

PT-2026-56797

A vulnerability in the Xerte Online Tools allows for authentication bypass and remote code execution via reinstallation through the /setup/ folder, enabling attackers to reinstall the service to a remote database they control...

6.6AI score0.00571EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2 days ago6 views

PT-2026-56834

PayRange Android app, version 7.0.7 and below, contains an SSL bypass vulnerability that allows invalid certificates to be accepted in application webviews. A remote and unauthenticated attacker can steal information that the user sends...

7.5CVSS6AI score0.00229EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2 days ago4 views

PT-2026-56916

Name of the Vulnerable Software and Affected Versions UsersWP versions prior to 1.2.66 Description Authenticated attackers with Subscriber-level access and above can delete arbitrary files on the server, including the wp-config.php file. This occurs because the validate fields function in UsersWP...

8.8CVSS6.2AI score0.00525EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2 days ago6 views

PT-2026-56770

The EventPrime – Events Calendar, Bookings and Tickets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'new event type background color' parameter in all versions up to, and including, 4.3.4.2 due to insufficient input sanitization and output escaping. This makes it...

7.2CVSS6.1AI score0.00247EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-56927

An Out-of-bounds Write vulnerability in the SNMP daemon snmpd of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated network-based attacker sending specific valid SNMPv3 queries to trigger a memory leak. Over time, continuous receipt of these queries will result in snmpd proces...

5.3CVSS6AI score0.0036EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-56926

An Improper Check for Unusual or Exceptional Conditions vulnerability in the advanced forwarding toolkit evo-aftmand of Juniper Networks Junos OS Evolved on PTX Series allows an unauthenticated network-based attacker generating continuous routing updates, resulting in unilist ECMP routes, to cras...

8.2CVSS6AI score0.00405EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-56928

An Unchecked Input for Loop Condition vulnerability in the Packet Forwarding Engine pfe of Juniper Networks Junos OS on MX Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service DoS.Micro-BFD session flaps generate respective up/down events which are queued by PFEMAN for...

7.1CVSS5.9AI score0.00269EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-56917

A local privilege escalation vulnerability in Palo Alto Networks Prisma® Browser allows a locally authenticated administrator with access to the macOS local filesystem to perform actions on the device with root privileges. This issue only affects Prisma® Browser on macOS...

5.4CVSS6AI score0.0011EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2 days ago10 views

PT-2026-56799

A vulnerability was identified in macrozheng mall up to 1.0.3. This impacts an unknown function of the file /returnApply/create of the component Portal Endpoint. The manipulation of the argument orderId leads to improper control of resource identifiers. The attack can be initiated remotely. The...

6.5CVSS6.3AI score0.00237EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2 days ago9 views

PT-2026-56791

A vulnerability has been found in GNU LibreDWG up to 0.13.4. The affected element is the function dwg bmp of the file src/dwg.c of the component BMP Image Handler. Such manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit has been disclosed to the...

5.3CVSS5.7AI score0.00133EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2 days ago7 views

PT-2026-56793

A vulnerability was found in GNU LibreDWG up to 0.13.4. The impacted element is the function dwg next entity of the file src/dwg.c of the component DWG File Handler. Performing a manipulation of the argument next obj results in null pointer dereference. The attack must be initiated from a local...

4.8CVSS5.5AI score0.00118EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2 days ago7 views

PT-2026-56819

A vulnerability was detected in SourceCodester Simple and Nice Shopping Cart Script 1.0. This affects an unknown part of the file /login.php. Performing a manipulation of the argument Username results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and m...

7.5CVSS6.9AI score0.00328EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-56820

A flaw has been found in mettle sendportal up to 3.0.1. This vulnerability affects unknown code of the file vendor/mettle/sendportal-core/src/Http/Requests/CampaignStoreRequest.php of the component Campaign Creation Endpoint. Executing a manipulation can lead to authorization bypass. The attack c...

6.5CVSS6.2AI score0.0022EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2 days ago7 views

PT-2026-56812

A security flaw has been discovered in enquirer up to 2.4.1. Affected is the function Enquirer.set of the component Public Package API. The manipulation of the argument question.name results in improperly controlled modification of object prototype attributes. The attack can be launched remotely...

5.3CVSS5.6AI score0.00248EPSS
Exploits0References8
Total number of security vulnerabilities184315