184319 matches found
PT-2026-52427
Name of the Vulnerable Software and Affected Versions License Manager for WooCommerce versions prior to 3.0.16 Description An unauthenticated Insecure Direct Object Reference IDOR exists in the software. IDOR is a type of access control vulnerability that occurs when an application provides direc...
PT-2026-52598
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description The WebSocket backend uses charging station identifiers to uniquely associate sessions but permits multiple endpoints to connect using the same session identifie...
PT-2026-52344
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description Unprivileged applications can set Loose Source and Record Route LSRR and Strict Source and Record Route SSRR IP options. This allows an attacker to force packets to route through...
PT-2026-52368
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the OP-TEE driver of the Linux kernel. This occurs when a client task terminates while a supplicant is still processing its request. Because the client m...
PT-2026-52365
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the IP Virtual Server IPVS where the ip vs edit service function clears the svc-scheduler pointer after the scheduler module has already initiated Read-Copy-Update RCU...
PT-2026-52367
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the erofs component. The z erofs decompress kickoff function can race with the filesystem unmount process, leading to a use-after-free on sbi-sync...
PT-2026-52362
Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description An issue exists in the netfilter nft ct component where the system fails to properly handle template connection tracking ct during evaluation. When a rule sets a connection tracking zone...
PT-2026-52363
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds read exists in the netfilter conntrack irc helper. The issue occurs when parsing fails after a command string has been matched; the system attempts to match a different...
PT-2026-52369
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A logic flaw in the smc setsockopt function allows a local unprivileged user to cause a Denial of Service DoS. The issue occurs because the function calls copy from sockptr while holding...
PT-2026-52372
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the arm64 KVM implementation, the functions walk s1 and kvm walk nested s2 require the kvm-srcu lock to be held to prevent issues during memslot changes. However, kvm at s12 and kvm...
PT-2026-52360
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A check-then-act race condition exists in the dm cache policy smq. The smq invalidate mapping function performs a check on the e-allocated variable outside of the mq-lock critical sectio...
PT-2026-52358
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An off-by-one error exists in the lowpan iphc mcast ctx addr compress function. The second memcpy operation incorrectly uses &data1 as the destination and &ipaddr-s6 addr11 as the source...
PT-2026-52630
Name of the Vulnerable Software and Affected Versions Pen Drive report generator affected versions not specified Description An issue exists where cluster-sourced data is rendered into HTML reports without proper escaping or sanitization. This allows an attacker with cluster administrator...
PT-2026-52554
Name of the Vulnerable Software and Affected Versions Podman versions 1.8.1 through 5.8.4 Description A malicious container image can trick Podman into leaking host environment variables into the container. This occurs when an image contains an Env entry consisting of a key without a value...
PT-2026-52370
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists when processing Multicast Listener Discovery MLD queries. A pointer to the multicast group address is retrieved during initial packet parsing but is later dereferenced...
PT-2026-52311
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the mvpp2 driver where the XDP path initializes every xdp buff with PAGE SIZE as the frame size, regardless of whether the buffer is from a short or long BM pool...
PT-2026-52406
In EmberZNet v9.0.2 and earlier, a malformed Level Control Step command can terminate the process through a divide-by-zero fault. This command must come from a device that has already joined the network. Only devices supporting the Level Control cluster may be impacted...
PT-2026-52511
Name of the Vulnerable Software and Affected Versions wolfSSL affected versions not specified Description A trust-chain bypass exists in the OpenSSL compatibility certificate verifier function wolfSSL X509 verify cert. This issue occurs in builds configured with --enable-opensslextra when an...
PT-2026-52517
Name of the Vulnerable Software and Affected Versions pnpm versions prior to 10.34.0 pnpm versions prior to 11.4.0 Description The tarball extraction worker in the pnpm package manager fails to perform integrity verification when the integrity field is missing from the lockfile resolution. This...
PT-2026-52552
RTKLIB through 2.4.3 contains a heap buffer overflow vulnerability in the readrnxobsb function in src/rinex.c that allows attackers to trigger memory corruption by failing to clamp satellite count values from RINEX epoch headers. Attackers can craft malicious RINEX files declaring more than 64...
PT-2026-52463
A Joomla user with K2 "create item" rights Author tier by default can submit an article whose embedVideo POST field contains a raw tag; K2 stores it verbatim and renders it unescaped to any visitor of the article page...
PT-2026-52467
The K2 frontend article-save handler accepts an attachmentNexisting POST field that is concatenated with JPATH SITE/ and passed to JFile::copy. JPath::clean does NOT strip .., and there is no allow-list of source paths. An Author can therefore copy configuration.php or any other file readable by...
PT-2026-52538
K3s is a fully conformant production-ready Kubernetes distribution. Prior to 1.35.3+k3s1, 1.34.6+k3s1, v1.33.10+k3s1, a path traversal vulnerability exists in K3s's etcd snapshot decompression functionality. Zip files containing archive members with maliciously crafted names can be written to...
PT-2026-52593
Name of the Vulnerable Software and Affected Versions Apicurio Registry affected versions not specified Description A flaw exists in the ContentTypeUtil.isParsableXml function, which creates a SAXParserFactory without enabling secure processing features or disabling external entity resolution. Th...
PT-2026-52608
Name of the Vulnerable Software and Affected Versions Parse Server versions prior to 4.10.0 Description A supply chain incident occurred where incorrect version tags were pushed to the official repository. These tags pointed to an unreviewed personal fork of a contributor who had write access...
PT-2026-52497
Name of the Vulnerable Software and Affected Versions LibreChat versions prior to 0.8.4-rc1 Description The application allows the regeneration of all two-factor authentication 2FA backup codes without requiring a Time-based One-Time Password TOTP token or the verification of an existing backup...
PT-2026-52606
Name of the Vulnerable Software and Affected Versions Grav versions prior to 1.6.30 Description A cross-site scripting issue exists in the default security configuration of the Admin plugin page editor. Privileged users with page editing capabilities can inject malicious scripts to execute...
PT-2026-52653
Summary When verifying an uploaded certificate, lemur/certificates/verify.py extracts the CRL Distribution Point URL and the OCSP responder URL directly from the certificate's extensions and issues outbound requests to those URLs without scheme restriction or destination allow-listing. An...
PT-2026-52423
Name of the Vulnerable Software and Affected Versions APIExperts Square for WooCommerce versions prior to 4.7.4 Description An issue allows the retrieval of embedded sensitive data due to the insertion of sensitive information into sent data. This flaw is network-exploitable and requires no...
PT-2026-52433
Name of the Vulnerable Software and Affected Versions TablePress versions prior to 3.3.2 Description An unauthenticated cross-site scripting XSS flaw allows malicious script content to be injected via user-controlled input rendered by the plugin. The issue stems from improper input validation and...
PT-2026-52226
Redis Lua HEAP overflow in cjson library vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 2.0.4 through 2.15.0. Users are recommended to upgrade to version 2.16.0, which fixes the issue...
PT-2026-52248
In the Linux kernel, the following vulnerability has been resolved: mmc: dw mmc-rockchip: Add missing private data for very old controllers The really old controllers rk2928, rk3066, rk3188 do not support UHS speeds at all, and thus never handled phase data. For that reason it never had a parse d...
PT-2026-52364
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the netfilter synproxy infrastructure. This occurs because netfilter hooks are registered on-demand when a user adds the first iptables target or nftables...
PT-2026-52520
Name of the Vulnerable Software and Affected Versions pnpm versions prior to 10.34.2 pnpm versions prior to 11.5.3 pacquet affected versions not specified Description pnpm and pacquet expand $ENV VAR placeholders from repository-controlled .npmrc and pnpm-workspace.yaml files into registry reques...
PT-2026-52484
CWE-476 NULL Pointer Dereference vulnerability exists that could cause a denial-of-service condition, rendering the device’s HMI and configuration functionality unavailable when malformed requests are received over exposed network interfaces...
PT-2026-52296
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the KVM arm64 nv component regarding the handling of XN0 when FEAT XNX is not present. The use of the FIELD PREP function on the mask intended to clear XN0 is incorrec...
PT-2026-52470
LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the GET /api/auth/2fa/enable endpoint can be called by an authenticated user or attacker with a stolen session even when 2FA is already fully enabled on the account. This endpoint overwrites the existi...
PT-2026-52249
In the Linux kernel, the following vulnerability has been resolved: mm/list lru: drain before clearing xarray entry on reparent memcg reparent list lrus clears the dying memcg's xarray entry with xas store&xas, NULL before reparenting its per-node lists into the parent. This opens a window where ...
PT-2026-52641
Summary Description An Improper Verification of Cryptographic Signature CWE-347 issue in OpenAM's RADIUS authentication module allows an unauthenticated network attacker to spoof an Access-Accept response and obtain an OpenAM session for any RADIUS username, without knowing the configured shared...
PT-2026-52224
Relative Path Traversal vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 1.0.0 through 2.15.0. Users are recommended to upgrade to version 2.16.0, which fixes the issue...
PT-2026-52436
Name of the Vulnerable Software and Affected Versions Forminator versions prior to 1.53.2 Description An unauthenticated cross-site scripting XSS flaw exists due to improper input validation and output encoding of user-supplied data. This allows a remote attacker to inject malicious scripts into...
PT-2026-52229
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the RDMA/umem component where the linearization of mapping when using an iommu can result in a single large block split across multiple SG entries. The function rdma...
PT-2026-52256
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free race condition exists in the fastrpc map create function. The fastrpc map lookup function returns a raw pointer after releasing the fl-lock. Subsequently, fastrpc map...
PT-2026-52312
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the mvpp2 driver where the CPU synchronization for received data is incorrectly aligned. The driver programs the RX queue packet offset such that hardware writes data ...
PT-2026-52234
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Linux kernel within the drm/amd/display component. Record-chain walk loops in bios parser.c and bios parser2.c utilize for;; loops that only terminate upon...
PT-2026-52472
Name of the Vulnerable Software and Affected Versions Vim versions prior to 9.2.0653 Description The tree count words function in src/spellfile.c fails to validate a depth counter against the size of fixed MAXWLEN-element stack arrays, specifically arridx, curi, and wordcount. A specially crafted...
PT-2026-52307
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft tunnel: fix use-after-free on object destroy nft tunnel obj destroy calls metadata dst free which directly kfrees the metadata dst, ignoring the dst entry refcount. Packets that took a reference via dst hold in nft...
PT-2026-52337
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ALSA PCM component where the snd pcm drain function causes wait queue list corruption on linked streams. The function uses init waitqueue entry, which fails to cle...
PT-2026-52351
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: hold listener socket in rfcomm connect ind rfcomm get sock by channel scans rfcomm sk list under the list lock, but returns the selected listener after dropping that lock without taking a reference. rfcomm...
PT-2026-52276
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A livelock occurs in the tmigr handle remote up function. The tmigr handle remote cpu function incorrectly skips timer expire remote when the CPU matches smp processor id, assuming local...