|
3431
|
9.8 |
CRITICAL
Network
|
wisdom
|
pegasus_cms
|
Pegasus CMS 1.0 contains a remote code execution vulnerability in the extra_fields.php plugin that allows unauthenticated attackers to execute arbitrary commands by exploiting unsafe eval functionali…
|
CWE-22
Path Traversal
|
CVE-2019-25687
|
2026-04-25 00:42 |
2026-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3432
|
5.3 |
MEDIUM
Network
|
redhat
|
build_of_keycloak
|
A flaw was found in Keycloak. A remote attacker can exploit a Cross-Origin Resource Sharing (CORS) header injection vulnerability in Keycloak's User-Managed Access (UMA) token endpoint. This flaw occ…
|
CWE-346
Origin Validation Error
|
CVE-2026-37977
|
2026-04-25 00:39 |
2026-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3433
|
9.8 |
CRITICAL
Network
|
weaver
|
e-cology
|
Weaver (Fanwei) E-cology 10.0 versions prior to 20260312 contain an unauthenticated remote code execution vulnerability in the /papi/esearch/data/devops/dubboApi/debug/method endpoint that allows att…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2026-22679
|
2026-04-25 00:31 |
2026-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3434
|
5.4 |
MEDIUM
Network
|
papra
|
papra
|
Papra is a minimalistic document management and archiving platform. Prior to 26.4.0, transactional email templates in Papra interpolate user.name directly into HTML without escaping or sanitization. …
|
CWE-79
CWE-80
Cross-site Scripting
Basic XSS
|
CVE-2026-35460
|
2026-04-25 00:31 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3435
|
4.3 |
MEDIUM
Network
|
papra
|
papra
|
Papra is a minimalistic document management and archiving platform. Prior to 26.4.0, the Papra webhook system allows authenticated users to register arbitrary URLs as webhook endpoints with no valida…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-35461
|
2026-04-25 00:29 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3436
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
apparmor: Fix double free of ns_name in aa_replace_profiles()
if ns_name is NULL after
1071 error = aa_unpack(udata, &lh,…
|
CWE-415
Double Free
|
CVE-2026-23408
|
2026-04-25 00:24 |
2026-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3437
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
apparmor: fix differential encoding verification
Differential encoding allows loops to be created if it is abused. To
prevent thi…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2026-23409
|
2026-04-25 00:23 |
2026-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3438
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
apparmor: fix race on rawdata dereference
There is a race condition that leads to a use-after-free situation:
because the rawdata…
|
CWE-362
Race Condition
|
CVE-2026-23410
|
2026-04-25 00:23 |
2026-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3439
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
apparmor: fix race between freeing data and fs accessing it
AppArmor was putting the reference to i_private data on its end after…
|
CWE-362
Race Condition
|
CVE-2026-23411
|
2026-04-25 00:23 |
2026-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3440
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
netfilter: bpf: defer hook memory release until rcu readers are done
Yiming Qian reports UaF when concurrent process is dumping h…
|
CWE-416
Use After Free
|
CVE-2026-23412
|
2026-04-25 00:23 |
2026-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
