IBM WebSphere Application Server 9.0, and 8.5 is affected by a cross-site scripting vulnerability in the administrative console.
IBM DevOps Automation 1.0.1 and IBM DevOps Loop 1.0.2 does not invalidate session IDs after expiration which could allow an authenticated user to i...
CVE-2026-46331 pedit COW – Linux LPE Validation and auditd/AppArmor Detection Defensive validation report for CVE-2026-46331, focused on Linux kern...
CVE-2026-46490 — samlify SAML AttributeValue XML Injection → Privilege Escalation samlify contexts. A user-controlled value e.g. email / name place...
The HP Fan Control App might allow local escalation of privileges. An updated version of HP Fan Control App has been released to mit...
JeecgBoot through 3.9.2 contains a broken access control vulnerability that allows authenticated low-privilege users to perform full create, read, ...
Dolibarr through 23.0.3, fixed in commit 14db36e, contains a sql injection vulnerability that allows authenticated API users to exfiltrate arbitrar...
The Webmention plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 5.8.0 via parser-derived 'avatar' ...
CVE-KERNEL · Linux Kernel LPE Chain Multi-CVE Local Privilege Escalation chain for Linux kernel vulnerabilities uid=1000 → root via xfrm-ESP, RxRPC...
A memory corruption issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Ta...
AI-powered asset discovery, dark web monitoring, CVE alerting, and vulnerability scanning — all in one platform.