Skip to content

Menu
  • Home
Menu

CVE-2026-59733 – rclone `serve restic –private-repos` authorization bypass: `..` in the URL path lets an authenticated user read, overwrite and delete other users’ repositories

Posted on July 15, 2026

CVE ID :CVE-2026-59733 Published : July 14, 2026, 10:17 p.m. | 2 hours, 16 minutes ago Description :Rclone is a command-line program to sync files and directories to and from different cloud storage providers….

CVE-2026-50130 – Pi-hole: Local privilege escalation from `pihole` user to root via `/etc/pihole/logrotate`

Posted on July 15, 2026

CVE ID :CVE-2026-50130 Published : July 14, 2026, 10:17 p.m. | 2 hours, 16 minutes ago Description :Pi-hole is a DNS sinkhole that protects devices from unwanted content without installing any client-side software. From…

CVE-2026-48334 – Illustrator | Improper Input Validation (CWE-20)

Posted on July 15, 2026

CVE ID :CVE-2026-48334 Published : July 14, 2026, 10:17 p.m. | 2 hours, 17 minutes ago Description :Illustrator is affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in…

CVE-2026-48290 – CAI Content Credentials | Server-Side Request Forgery (SSRF) (CWE-918)

Posted on July 15, 2026

CVE ID :CVE-2026-48290 Published : July 14, 2026, 10:17 p.m. | 2 hours, 17 minutes ago Description :CAI Content Credentials is affected by a Server-Side Request Forgery (SSRF) vulnerability that could result in arbitrary…

CVE-2026-48275 – Illustrator | Untrusted Search Path (CWE-426)

Posted on July 15, 2026

CVE ID :CVE-2026-48275 Published : July 14, 2026, 10:17 p.m. | 2 hours, 17 minutes ago Description :Illustrator is affected by an Untrusted Search Path vulnerability that could result in arbitrary code execution in…

CVE-2026-58486 – HedgeDoc: Denial-of-service via YAML alias expansion in note frontmatter

Posted on July 14, 2026

CVE ID :CVE-2026-58486 Published : July 13, 2026, 11:16 p.m. | 1 hour, 17 minutes ago Description :HedgeDoc is an open source, real-time, collaborative, markdown notes application. Prior to version 1.11.0, HedgeDoc was vulnerable…

CVE-2026-57856 – Cockpit CMS Path Traversal via Bucket Name in Bucket File Storage API

Posted on July 14, 2026

CVE ID :CVE-2026-57856 Published : July 13, 2026, 11:16 p.m. | 1 hour, 17 minutes ago Description :Cockpit CMS contains a path traversal vulnerability in the Bucket file storage API (/system/buckets/api). The api() method…

CVE-2026-57855 – Cockpit CMS Missing Authorization in Bucket File Storage API

Posted on July 14, 2026

CVE ID :CVE-2026-57855 Published : July 13, 2026, 11:16 p.m. | 1 hour, 17 minutes ago Description :Cockpit CMS contains a missing authorization vulnerability in the Bucket file storage API (/system/buckets/api). The api() method…

CVE-2026-62327 – 9Router 0.4.41 – Unauthenticated API Key Exposure via /api/usage/stats

Posted on July 14, 2026

CVE ID :CVE-2026-62327 Published : July 13, 2026, 10:16 p.m. | 2 hours, 16 minutes ago Description :9Router through version 0.4.41 contain an unauthenticated information disclosure vulnerability that allows remote attackers to retrieve plaintext…

CVE-2026-62242 – Spring Boot Admin Server < 4.1.2 SSRF via Unauthenticated Instance Registration

Posted on July 14, 2026

CVE ID :CVE-2026-62242 Published : July 13, 2026, 10:16 p.m. | 2 hours, 16 minutes ago Description :Spring Boot Admin Server before 4.1.2 contains a server-side request forgery vulnerability that allows unauthenticated attackers to…

Posts pagination

1 2 … 111 Next

Site map

  • About Us
  • Privacy Policy
  • Terms & Conditions of Use
©2026 | Design: Newspaperly WordPress Theme