CVE ID :CVE-2026-53645 Published : July 6, 2026, 11:16 p.m. | 1 hour, 57 minutes ago Description :FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 allow a low-privileged…
CVE-2026-53644 – FOSSBilling’s missing order-state validation allows clients to read and reset API key secrets for non-active orders
CVE ID :CVE-2026-53644 Published : July 6, 2026, 11:16 p.m. | 1 hour, 57 minutes ago Description :FOSSBilling is a free, open-source billing and client management system. Versions 0.5.3 through 0.7.2 allow authenticated clients…
CVE-2026-53643 – FOSSBilling allows low-privileged staff accounts to perform unauthorized actions via admin API endpoints
CVE ID :CVE-2026-53643 Published : July 6, 2026, 11:16 p.m. | 1 hour, 57 minutes ago Description :FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 allow low-privileged staff…
CVE-2026-43921 – FOSSBilling vulnerable to arbitrary PHP code injection via unescaped config serialization
CVE ID :CVE-2026-43921 Published : July 6, 2026, 10:16 p.m. | 57 minutes ago Description :FOSSBilling is a free, open-source billing and client management system. Versions 0.6.10 through 0.7.2 have a PHP code…
CVE-2026-43918 – Suspended or inactive FOSSBilling accounts can retain or regain access through existing sessions, API tokens, and password reset flows
CVE ID :CVE-2026-43918 Published : July 6, 2026, 10:16 p.m. | 57 minutes ago Description :FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, when a client or…
CVE-2026-42204 – Coolify: Authenticated RCE via SHELL_SAFE_COMMAND_PATTERN regression → host root
CVE ID :CVE-2026-42204 Published : July 6, 2026, 10:16 p.m. | 57 minutes ago Description :Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. From 4.0.0-beta.471 through 4.0.0-beta.473, a…
CVE-2026-42153 – Coolify: PostgreSQL Healthcheck Command Injection Allows Root Code Execution in Container
CVE ID :CVE-2026-42153 Published : July 6, 2026, 10:16 p.m. | 57 minutes ago Description :Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, PostgreSQL healthcheck…
CVE-2026-34599 – Coolify: Authenticated Remote Code Execution in GetLogs Livewire Component
CVE ID :CVE-2026-34599 Published : July 6, 2026, 10:16 p.m. | 57 minutes ago Description :Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, there is…
CVE-2026-9085 – DNS Hijacking in TUBITAK BILGEM’s Pardus-Parental-Control
CVE ID :CVE-2026-9085 Published : July 5, 2026, 3:16 p.m. | 7 hours, 57 minutes ago Description :Incorrect Permission Assignment for Critical Resource, Improper Access Control vulnerability in TUBITAK BILGEM Software Technologies Research Institute…
CVE-2026-59509 – Unauthenticated arbitrary MongoDB collection read in cve-search
CVE ID :CVE-2026-59509 Published : July 5, 2026, 1:16 p.m. | 9 hours, 57 minutes ago Description :An unauthenticated improper input validation vulnerability in the POST /fetch_cve_data endpoint in cve-search. A remote attacker can…