Recent Advisories

Severity ID Title Vendor Product Date Type
NONE 30830C09-DEA1-

penetration-testing-labs-htu_30830C09-DEA1-5389-9616-12490B2D9736

Penetration Testing Labs – HTU Hands-on penetration testing project covering exploit development, Active Directory attacks, web application securit...

N/A N/A GITHUBEXPLOIT
MEDIUM 5.3 CVE-2026-54712

OpenTelemetry Javaagent RMI context propagation allows resource exhaustion_CVE-2026-54712

OpenTelemetry Java Instrumentation provides OpenTelemetry auto-instrumentation and instrumentation libraries for Java. In versions prior to 2.27.0,...

open-telemetry opentelemetry-java-instrumentation < 2.27.0 CVE
MEDIUM 6.5 CVE-2026-54704

OpenTelemetry Java Instrumentation: JDBC Auto-Instrumentation Logging Clear-Text Passwords_CVE-2026-54704

OpenTelemetry Java Instrumentation provides OpenTelemetry auto-instrumentation and instrumentation libraries for Java. In versions prior to 2.28.0,...

open-telemetry opentelemetry-java-instrumentation < 2.28.0 CVE
HIGH 7.3 CVE-2026-54263

Wagtail: Reflected XSS in dynamic image URL generator view_CVE-2026-54263

Wagtail is an open source content management system built on Django. In versions prior to 7.0.8, 7.3.3 and 7.4.2, reflected cross-site scripting (X...

wagtail wagtail < 7.0.8 CVE
MEDIUM 4.3 CVE-2026-54262

Wagtail: Pages translations can be created without page permissions when using simple_translation_CVE-2026-54262

Wagtail is an open source content management system built on Django. In versions prior to 7.0.8, 7.3.3 and 7.4.2, a low-level user with the "Can su...

wagtail wagtail < 7.0.8 CVE
MEDIUM 6.5 CVE-2026-54261

Wagtail: Improper permission handling in image preview_CVE-2026-54261

Wagtail is an open source content management system built on Django. In versions prior to 7.0.8, 7.3.3 and 7.4.2, due to a missing permission check...

wagtail wagtail < 7.0.8 CVE
MEDIUM 4.3 CVE-2026-54260

Wagtail: Denial of service via unbounded filter specs in the image preview_CVE-2026-54260

Wagtail is an open source content management system built on Django. In versions prior to 7.0.8, 7.3.3 and 7.4.2, an authenticated admin user can t...

wagtail wagtail < 7.0.8 CVE
MEDIUM 4.3 CVE-2026-54259

Wagtail: Improper restriction handling on Documents and Images chosen endpoints_CVE-2026-54259

Wagtail is an open source content management system built on Django. In versions prior to 7.0.8, 7.3.3 and 7.4.2, the Documents and Images chooser'...

wagtail wagtail < 7.0.8 CVE
MEDIUM 5.9 CVE-2026-55793

Craft CMS: Stored XSS via Structure entry title in table view_CVE-2026-55793

Craft CMS is a content management system (CMS). In versions 5.0.0-RC1 through 5.9.22, an author-level control panel user can store a malicious Java...

craftcms cms >= 5.0.0-RC1, < 5.9.23 CVE
HIGH 7.1 CVE-2026-50284

Craft CMS: Missing peer-permission check in `AssetsController::actionDeleteFolder` allows deletion of other users’ assets_CVE-2026-50284

Craft CMS is a content management system (CMS). In versions 5.0.0-RC1 through 5.9.21 and 4.0.0-RC1 through 4.17.14, theAssetsController::actionDele...

craftcms cms =>= 5.0.0-RC1, < 5.9.22 CVE