PT-2026-43976

Name of the Vulnerable Software and Affected Versions IBM App Connect Enterprise versions 13.0.1.0 through 13.0.7.0 Description Sensitive information is stored in log files, which may allow a local user to read this data. Recommendations At the moment, there is no information about a newer versio...

PT-2026-44086

pam usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, pam usb builds XPath expressions from user-supplied identifiers PAM username, service name and device-supplied identifiers USB device serial, model, vendor to query /etc/pamusb.conf. These identifie...

PT-2026-43784

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists between the netdev notifier ip vs dst event and the code responsible for caching the destination dst when a device is going down. Because the Forwarding Informati...

PT-2026-43699

Slican telephone exchanges allow administrative protocol authentication bypass. An attacker can bypass the need to enter login credentials by executing the appropriate command. This issue was fixed in versions below: - NCP: version 1.24.0250 - IPx series: version 6.61.0040 - CCT-1668: version...

PT-2026-44037

Name of the Vulnerable Software and Affected Versions GPAC MP4Box affected versions not specified Description A NULL pointer dereference occurs when parsing certain truncated MP4 files. An unknown or invalid stsd entry can lead to missing descriptor fields, such as codec, mime, or profile strings...

PT-2026-44001

Nocturne Memory is a lightweight, rollbackable, and visual Long-Term Memory Server for MCP Agents. Prior to 2.4.1, when API TOKEN is unset or empty, the BearerTokenAuthMiddleware bypasses authentication for all HTTP requests. Combined with the default 0.0.0.0 host binding and CORS allow origins="...

PT-2026-43987

Name of the Vulnerable Software and Affected Versions IBM Aspera High-Speed Transfer Endpoint versions 3.7.4 through 4.4.7 Fix Pack 1 IBM Aspera High-Speed Transfer Server versions 3.7.4 through 4.4.7 Fix Pack 1 Description A buffer overflow exists in the asperahttpd component. This issue can be...

PT-2026-43817

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the starfive aes aead do one req function. The function allocates rctx-adata using kzalloc, but fails to release this memory if the sg copy to buffer or starfive...

PT-2026-43796

In the Linux kernel, the following vulnerability has been resolved: ovpn: fix possible use-after-free in ovpn net xmit When building the skb list in ovpn net xmit, skb share check will free the original skb if it is shared. The current implementation continues to use the stale skb pointer for...

PT-2026-43667

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Timo Affiliate Super Assistent amazonsimpleadmin allows Stored XSS.This issue affects Affiliate Super Assistent: from n/a through = 1.10.1...

PT-2026-44049

SQL Injection vulnerability in uzy-ssm-mall v1.1.0 allows a remote attacker to obtain sensitive information via the ProductMapper.xml and /OrderUtil.java components...

PT-2026-43586

An Exposed Dangerous Method or Function vulnerability in Synology C2 Identity Edge Server package in DSM before 1.76.0-0307 allows remote attackers to obtain user credentials from the edge server...

PT-2026-43698

Name of the Vulnerable Software and Affected Versions IBM InfoSphere Optim Test Data Fabrication versions 1.0.0 through 1.0.0.2 IBM InfoSphere Optim Test Data Fabrication versions 1.0.2 through 1.0.2.7 Description Remote attackers can perform directory traversal on the system by sending a special...

PT-2026-43830

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ASoC nau8821 component where attempting to unload the driver while jack detection work is pending can lead to a kernel crash. This occurs when the nau8821 jdet wor...

PT-2026-44034

When creating an export through the pretix API, API clients are returned an UUID value for their export job a long, random string like 35742818-c375-4d15-839f-d49aecce94d6. Using this UUID, the API client can then request the actual file for download. The same kind of UUID is used in other places...

PT-2026-44008

Name of the Vulnerable Software and Affected Versions Gradio versions prior to 6.15.0 Description A cookie injection issue exists due to a shared module-level HTTP client used across all users in the reverse proxy endpoint. This allows remote attackers who control any HF Space to return a...

PT-2026-43985

Name of the Vulnerable Software and Affected Versions IBM Langflow OSS versions 1.0.0 through 1.9.0 Description Uncontrolled resource consumption may lead to a denial of service, a condition where a system becomes unavailable to its intended users. Recommendations At the moment, there is no...

PT-2026-44035

Missing Authorization vulnerability in Bizswoop Account Manager for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Account Manager for WooCommerce: from n/a through 2.1.2...

PT-2026-43597

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the Easy View due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

PT-2026-43662

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in phbernard Favicon favicon-by-realfavicongenerator allows Reflected XSS.This issue affects Favicon: from n/a through = 1.3.46...

PT-2026-43785

In the Linux kernel, the following vulnerability has been resolved: ovpn: tcp - don't deref NULL sk socket member after tcp close When deleting a peer in case of keepalive expiration, the peer is removed from the OpenVPN hashtable and is temporary inserted in a "release list" for further...

PT-2026-43518

The Team Master – A Modern WordPress Team Showcase plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Shortcode Attributes in all versions up to, and including, 1.1.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

PT-2026-43734

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the Linux kernel within the act8945a power supply component. The problem occurs because the devm variant for requesting an IRQ is used before the devm...

PT-2026-43501

The GNTT Post Title Ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting in version 1.0 via the title-ticker-slide, title-ticker-fade, and title-ticker-typing shortcodes. This is due to insufficient input sanitization and output escaping on shortcode attributes notably border,...

PT-2026-43488

Name of the Vulnerable Software and Affected Versions IO::Compress versions prior to 2.220 Description An issue in File::GlobMapper allows the execution of arbitrary code through an attacker-controlled output glob. The function parseOutputGlob wraps the provided output glob string in double quote...

PT-2026-43454

Summary CarrierWave's content type denylist check fails to escape regex metacharacters in string entries, causing the denylist to silently not match the content types it is intended to block. Note: CarrierWave is aware content type denylist is deprecated for the security reason, but it still used...

PT-2026-43473

A weakness has been identified in UTT HiPER 1200GW up to 2.5.3-170306. Affected is an unknown function of the file /goform/formPptpClientConfig of the component Web Management Interface. This manipulation of the argument PPTP server address/username/password/tunnel name causes stack-based buffer...

PT-2026-43571

The Github Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'repo' shortcode attribute in the 'github' shortcode in all versions up to, and including, 0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

PT-2026-43801

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue in the btrfs file system can lead to a transaction abort with an EEXIST error Object already exists during chunk allocation. This occurs due to non-consecutive gaps in chunk...

PT-2026-43993

Name of the Vulnerable Software and Affected Versions Keycloak affected versions not specified Description An authenticated user with low privileges can achieve privilege escalation by sending an oversized JSON Web Token JWT, which is a compact, URL-safe means of representing claims to be...

PT-2026-43745

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the drm/amdkfd component where the address watch clear code receives watch id as an unsigned value, but certain helper functions use a signed integer. When a very larg...

PT-2026-44112

Name of the Vulnerable Software and Affected Versions pam usb versions prior to 0.8.7 Description An issue exists in the hardware authentication system for Linux where shell injection can occur. A crafted UUID in the configuration can lead to root remote code execution when the pamusb-conf...

PT-2026-44028

Name of the Vulnerable Software and Affected Versions ElementsKit Elementor addons Lite versions prior to 3.9.7 Description A missing authorization issue in Wpmet ElementsKit Elementor addons Lite allows for the exploitation of incorrectly configured access control security levels. This is a brok...

PT-2026-43996

A Cross-Site Request Forgery CSRF vulnerability was discovered in the delete.php endpoint of Jason2605 AdminPanel 4.0...

PT-2026-43471

A vulnerability was identified in QianFox FoxCMS up to 1.2.6. This affects the function Edit of the file Admin.php. The manipulation leads to weak password recovery. The attack can be initiated remotely. The exploit is publicly available and might be used. The project was informed of the problem...

PT-2026-44047

Command injection in Raynet rvia 12.6.4392.49-amd64.deb allows adversaries to execute commands via getconfig, and upload through the URL argument, and oracle through the -o flag The Supplier's perspective is that this is caused by Argument Injection in the find command query in rvia 12.6.4392.49...

PT-2026-44046

Northern.tech Mender Client 5 before 5.0.4 allows a Cryptographic signature verification bypass...

PT-2026-43604

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getDeviceScalings function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

PT-2026-43563

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the accountstatus view userid parameter due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the whole database and changing values in a non critical table...

PT-2026-43527

The BitForm plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'bitform' shortcode in versions up to, and including, 1.1.0. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes 'width' and 'height' in the...

PT-2026-43508

The WP Iframe Geo Style for Amazon affiliates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'adid' Shortcode Attribute in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

PT-2026-44089

pam usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, src/conf.c allocates heap memory proportional to n devices, a count derived from libxml2 XPath evaluation of the config file, without first enforcing an upper bound. On 32-bit targets armv7l, i686 -...

PT-2026-44121

Name of the Vulnerable Software and Affected Versions Microsoft UFO version 3.0.1-4-ge2626659 Description The constellation client in this open-source framework for intelligent automation tracks pending task responses using only the session id and fails to verify if a TASK END message originated...

PT-2026-43980

Name of the Vulnerable Software and Affected Versions IBM i versions 7.3 through 7.6 Description A denial-of-service issue exists in the Integrated Language Environment ILE compiler due to uncontrolled recursion. An authenticated attacker can trigger this by compiling specially crafted source cod...

PT-2026-43799

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the BPF subsystem where the BPF PROG DETACH operation on tcx or netkit devices could be executed by any user if no program file descriptor prog fd was provided. This...

PT-2026-43727

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the netfilter nf conncount component where the connection list may not be cleaned up quickly enough if more than 8 new connections are tracked per jiffy. This occurs...

PT-2026-43769

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the bq256xx power supply driver. The problem occurs because the devm variant for requesting an IRQ is used before the devm variant for allocating or...

PT-2026-43730

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the dw i3c master i2c xfers function. The function allocates memory for the xfer structure via dw i3c master alloc xfer, but if the pm runtime resume and get...

PT-2026-43751

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the AppArmor module where the aa get buffer function unconditionally decrements the cache-hold variable when pulling from the per-cpu list. If hold reaches 0 while cou...

PT-2026-43759

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ext4 file system where splitting an unwritten extent and converting it to initialized can leave a stale unwritten extent in the status tree. This occurs in the ext...