Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 8.8 CVE-2026-5136

Foreman: foreman: privilege escalation to administrator-level access via usergroup role assignment manipulation_CVE-2026-5136

A flaw was found in Foreman. The Usergroup model in Foreman does not properly validate role assignments against the calling user's permissions. Thi...

Red Hat Red Hat Satellite 6 CVE
CRITICAL 9.8 CVE-2026-57692

WordPress PrivateContent plugin <= 9.9.2 - Privilege Escalation vulnerability_CVE-2026-57692

Incorrect Privilege Assignment vulnerability in LCweb PrivateContent allows Privilege Escalation. This issue affects PrivateContent: from n/a thro...

LCweb PrivateContent n/a CVE
CRITICAL 9 CVE-2026-13603

SSRF with API key leak in pretix-oppwa_CVE-2026-13603

The payment integration pretix-oppwa provides support for the payment providers VR Payment, Hobex, and potentially others based on Oppwa's techno...

pretix pretix-oppwa CVE
MEDIUM 6.7 CVE-2026-20463

CVE-2026-20463_CVE-2026-20463

In Modem, there is a possible escalation of privilege due to a permissions bypass. This could lead to local escalation of privilege if a malicious ...

MediaTek, Inc. MediaTek chipset MT2716 CVE
MEDIUM 6.7 CVE-2026-20462

CVE-2026-20462_CVE-2026-20462

In Telephony, there is a possible memory corruption due to a heap buffer overflow. This could lead to local escalation of privilege if a malicious ...

MediaTek, Inc. MediaTek chipset MT6739 CVE
MEDIUM 5.9 CVE-2026-20461

CVE-2026-20461_CVE-2026-20461

In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service, if a UE has connected...

MediaTek, Inc. MediaTek chipset MT2737 CVE
MEDIUM 5.9 CVE-2026-20460

CVE-2026-20460_CVE-2026-20460

In Modem, there is a possible information disclosure due to improper input validation. This could lead to remote information disclosure, if a UE ha...

MediaTek, Inc. MediaTek chipset MT2735 CVE
MEDIUM 5.9 CVE-2026-20459

CVE-2026-20459_CVE-2026-20459

In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to ...

MediaTek, Inc. MediaTek chipset MT2716 CVE
HIGH 7.5 CVE-2026-20458

CVE-2026-20458_CVE-2026-20458

In Modem, there is a possible memory corruption due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has conne...

MediaTek, Inc. MediaTek chipset MT2716 CVE
MEDIUM 4.3 CVE-2026-11887

Salon Booking System < 10.30.20 - Subscriber+ Booking Approval Bypass_CVE-2026-11887

The Salon Booking System WordPress plugin before 10.30.20 does not have proper authorisation checks on one of its AJAX actions, allowing any authe...

Unknown Salon Booking System CVE