MCO is vulnerable to Account Denial of Service due to improper implementation of password reset functionality. Each password reset request invalida...
MCO is vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability in the /customer/servlet/mco/webapi/trading-document/fetchPdfStatemen...
MCO does not properly enforce authorization checks in the /customer/servlet/mco/webapi/profile-sections/group-membership endpoint. An authenticated...
A flaw was found in Foreman. The Usergroup model in Foreman does not properly validate role assignments against the calling user's permissions. Thi...
Incorrect Privilege Assignment vulnerability in LCweb PrivateContent allows Privilege Escalation. This issue affects PrivateContent: from n/a thro...
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg4BJdHYquuxXoz8n0LhMEmm9KPcWcMC57w4LnqbMNCPXMAFdS95ys3zE6F5jZOvSKwsVWp6t3z8pVImRJ3Nv...
The payment integration pretix-oppwa provides support for the payment providers VR Payment, Hobex, and potentially others based on Oppwa's techno...
HarfBuzz applystch — Integer Overflow → Heap OOB Write Crash harness, trigger font, and browser PoC for the integer overflow in HarfBuzz's applystc...
CVE-2026-43735 WebKit cross-domain information leakage. Safari = 26.5.2: PATCHED NavigateEvent.sourceElement is null...
AI assistants like ChatGPT are supposed to be safe to use, with appropriate guardrails to stop people creating harmful content. However, a British ...
AI-powered asset discovery, dark web monitoring, CVE alerting, and vulnerability scanning — all in one platform.