|
501
|
7.0 |
HIGH
Network
|
openremote
|
openremote
|
OpenRemote is an open-source internet-of-things platform. Prior to version 1.22.1, a user who has `write:admin` in one Keycloak realm can call the Manager API to update Keycloak realm roles for users…
New
|
CWE-284
Improper Access Control
|
CVE-2026-41166
|
2026-04-24 22:10 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
502
|
5.3 |
MEDIUM
Network
|
pypdf_project
|
pypdf
|
pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.1 can craft a PDF which leads to long runtimes. This requires cross-ref…
New
|
CWE-834
Excessive Iteration
|
CVE-2026-41168
|
2026-04-24 22:07 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
503
|
6.2 |
MEDIUM
Local
|
-
|
-
|
A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.8 and iPadOS 18.7.8, iOS 26.4.2 and iPadOS 26.4.2. Notifications marked for deletion could be unexpectedly …
New
|
CWE-359
Exposure of Private Personal Information to an Unauthorized Actor
|
CVE-2026-28950
|
2026-04-24 06:16 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
504
|
6.5 |
MEDIUM
Network
|
gitlab
|
gitlab
|
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.6 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that could have allowed an authenticated user to cause de…
New
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2025-0186
|
2026-04-24 05:51 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
505
|
6.5 |
MEDIUM
Network
|
gitlab
|
gitlab
|
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.4 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that could have allowed an authenticated user to cause de…
New
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2025-3922
|
2026-04-24 05:50 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
506
|
6.5 |
MEDIUM
Network
|
gitlab
|
gitlab
|
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.2 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that could have allowed an authenticated user to cause den…
New
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2025-6016
|
2026-04-24 05:49 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
507
|
2.7 |
LOW
Network
|
gitlab
|
gitlab
|
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.2 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that under certain conditions could have allowed an authe…
New
|
CWE-863
Incorrect Authorization
|
CVE-2025-9957
|
2026-04-24 05:46 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
508
|
6.5 |
MEDIUM
Network
|
gitlab
|
gitlab
|
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.3 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that under certain conditions could have allowed an authe…
New
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-1660
|
2026-04-24 05:45 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
509
|
3.5 |
LOW
Network
|
gitlab
|
gitlab
|
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.11 before 18.11.1 that under certain conditions could have allowed an authenticated user to load unauthorized content int…
New
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2026-3254
|
2026-04-24 05:43 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
510
|
8.1 |
HIGH
Network
|
gitlab
|
gitlab
|
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.0 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that could have allowed an unauthenticated user to execut…
New
|
CWE-352
Origin Validation Error
|
CVE-2026-4922
|
2026-04-24 05:40 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
