๐จ CVE-2026-53470
A flaw was found in migration-planner. An authenticated attacker could exploit an improper access control vulnerability in the `/api/v1/sources/{id}/image-url` endpoint. This flaw allows the attacker to bypass an ownership check and obtain presigned S3 URLs for Open Virtual Appliance (OVA) images belonging to other users. Consequently, the attacker can download OVA images containing sensitive information, such as long-lived agent JSON Web Tokens (JWTs) and source configurations, potentially leading to unauthorized access and modification of the victim's source.
๐@cveNotify
A flaw was found in migration-planner. An authenticated attacker could exploit an improper access control vulnerability in the `/api/v1/sources/{id}/image-url` endpoint. This flaw allows the attacker to bypass an ownership check and obtain presigned S3 URLs for Open Virtual Appliance (OVA) images belonging to other users. Consequently, the attacker can download OVA images containing sensitive information, such as long-lived agent JSON Web Tokens (JWTs) and source configurations, potentially leading to unauthorized access and modification of the victim's source.
๐@cveNotify
๐จ CVE-2026-53471
A flaw was found in migration-planner. The agent-API middleware processes JSON Web Tokens (JWTs) for authentication, but its UpdateSourceInventory and UpdateAgentStatus handlers fail to validate the source_id claim within these tokens against the requested source ID. This oversight allows an authenticated attacker with a valid agent token to manipulate data across different tenants, leading to a complete collapse of tenant isolation. This could result in unauthorized overwriting of victim inventory, planting of malicious credential URLs, or corruption of migration assessments.
๐@cveNotify
A flaw was found in migration-planner. The agent-API middleware processes JSON Web Tokens (JWTs) for authentication, but its UpdateSourceInventory and UpdateAgentStatus handlers fail to validate the source_id claim within these tokens against the requested source ID. This oversight allows an authenticated attacker with a valid agent token to manipulate data across different tenants, leading to a complete collapse of tenant isolation. This could result in unauthorized overwriting of victim inventory, planting of malicious credential URLs, or corruption of migration assessments.
๐@cveNotify
๐จ CVE-2026-49261
MariaDB server is a community developed fork of MySQL server. Versions 10.6.1 through 10.6.26, 10.11.1 through 10.11.17, 11.4.1 through 11.4.11, 11.8.1 through 11.8.7, and 12.3.1 with `wsrep_notify_cmd` enabled would execute shell commands embedded in the name of the joiner node. This is fixed in 10.6.27, 10.11.18, 11.4.12, 11.8.8, and 12.3.2. As a workaround, anyone who cannot upgrade now should disable `wsrep_notify_cmd`.
๐@cveNotify
MariaDB server is a community developed fork of MySQL server. Versions 10.6.1 through 10.6.26, 10.11.1 through 10.11.17, 11.4.1 through 11.4.11, 11.8.1 through 11.8.7, and 12.3.1 with `wsrep_notify_cmd` enabled would execute shell commands embedded in the name of the joiner node. This is fixed in 10.6.27, 10.11.18, 11.4.12, 11.8.8, and 12.3.2. As a workaround, anyone who cannot upgrade now should disable `wsrep_notify_cmd`.
๐@cveNotify
GitHub
unsafe parameter handing in `wsrep_notify_cmd`
### Impact
MariaDB server, with `wsrep_notify_cmd` enabled would execute shell commands embedded in the name of the joiner node.
### Patches
Fixed in 10.6.27, 10.11.18, 11.4.12, 11.8.8, 12.3....
MariaDB server, with `wsrep_notify_cmd` enabled would execute shell commands embedded in the name of the joiner node.
### Patches
Fixed in 10.6.27, 10.11.18, 11.4.12, 11.8.8, 12.3....
๐จ CVE-2026-47190
IPAM is the IP address Manager for Cluster API Provider Metal3. Prior to versions 1.11.7, 1.12.4, and 1.13.0, the IPAM controller's ClusterRole granted full CRUD permissions (create, delete, get, list, patch, update, watch) on core/v1 Secrets. The controller never accesses Secrets during normal operation. If the controller pod were compromised (e.g. via supply chain attack or container escape), an attacker could leverage these excessive permissions to read, modify, or delete Secrets in the namespace, potentially exposing credentials and other sensitive data. This issue has been patched in versions 1.11.7, 1.12.4, and 1.13.0.
๐@cveNotify
IPAM is the IP address Manager for Cluster API Provider Metal3. Prior to versions 1.11.7, 1.12.4, and 1.13.0, the IPAM controller's ClusterRole granted full CRUD permissions (create, delete, get, list, patch, update, watch) on core/v1 Secrets. The controller never accesses Secrets during normal operation. If the controller pod were compromised (e.g. via supply chain attack or container escape), an attacker could leverage these excessive permissions to read, modify, or delete Secrets in the namespace, potentially exposing credentials and other sensitive data. This issue has been patched in versions 1.11.7, 1.12.4, and 1.13.0.
๐@cveNotify
GitHub
:bug: remove unused RBAC permissions for secrets by tuminoid ยท Pull Request #1355 ยท metal3-io/ip-address-manager
Remove the kubebuilder RBAC marker granting full CRUD on secrets. The controller never accesses secrets. Also remove the dead secret cache configuration and stale secretCachingClient comment from m...
๐จ CVE-2026-44779
Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, bot debug endpoints disclose whisper translation audit logs. This issue has been patched in versions 2026.1.4, 2026.3.1, 2026.4.1, and 2026.5.0-latest.1.
๐@cveNotify
Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, bot debug endpoints disclose whisper translation audit logs. This issue has been patched in versions 2026.1.4, 2026.3.1, 2026.4.1, and 2026.5.0-latest.1.
๐@cveNotify
GitHub
Bot debug endpoints disclose whisper translation audit logs
### Impact
Users with access to AI debug audit logs (by default nobody)
### Workarounds
Only allow admins access to AI debug audit logs
Users with access to AI debug audit logs (by default nobody)
### Workarounds
Only allow admins access to AI debug audit logs
๐จ CVE-2026-12317
Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152 and Thunderbird 152.
๐@cveNotify
Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152 and Thunderbird 152.
๐@cveNotify
bugzilla.mozilla.org
Access Denied
You are not authorized to access bug 2007083. To see this bug, you must
first log in to an account with the appropriate permissions.
first log in to an account with the appropriate permissions.
๐จ CVE-2026-12318
Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in Firefox 152 and Thunderbird 152.
๐@cveNotify
Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in Firefox 152 and Thunderbird 152.
๐@cveNotify
bugzilla.mozilla.org
Access Denied
You are not authorized to access bug 2023478. To see this bug, you must
first log in to an account with the appropriate permissions.
first log in to an account with the appropriate permissions.
๐จ CVE-2024-24709
Missing Authorization vulnerability in Shareaholic allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects Shareaholic: from n/a through 9.7.11.
๐@cveNotify
Missing Authorization vulnerability in Shareaholic allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects Shareaholic: from n/a through 9.7.11.
๐@cveNotify
Patchstack
Broken Access Control in WordPress Shareaholic Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
๐จ CVE-2024-31435
: Missing Authorization vulnerability in Inisev Social Media & Share Icons allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects Social Media & Share Icons: from n/a through 2.8.6.
๐@cveNotify
: Missing Authorization vulnerability in Inisev Social Media & Share Icons allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects Social Media & Share Icons: from n/a through 2.8.6.
๐@cveNotify
Patchstack
Broken Access Control in WordPress Social Media & Share Icons Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
๐จ CVE-2024-32729
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in QuantumCloud Conversational Forms for ChatBot allows Path Traversal.
This issue affects Conversational Forms for ChatBot: from n/a through 1.1.8.
๐@cveNotify
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in QuantumCloud Conversational Forms for ChatBot allows Path Traversal.
This issue affects Conversational Forms for ChatBot: from n/a through 1.1.8.
๐@cveNotify
Patchstack
Arbitrary File Download in WordPress Conversational Forms for ChatBot Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
๐จ CVE-2024-32949
Missing Authorization vulnerability in Prince Integrate Google Drive allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects Integrate Google Drive: from n/a through 1.3.8.
๐@cveNotify
Missing Authorization vulnerability in Prince Integrate Google Drive allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects Integrate Google Drive: from n/a through 1.3.8.
๐@cveNotify
Patchstack
Broken Access Control in WordPress Integrate Google Drive Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
๐จ CVE-2024-33685
Missing Authorization vulnerability in Jegstudio Startupzy startupzy allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects Startupzy: from n/a through 1.1.1.
๐@cveNotify
Missing Authorization vulnerability in Jegstudio Startupzy startupzy allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects Startupzy: from n/a through 1.1.1.
๐@cveNotify
Patchstack
Broken Access Control in WordPress Startupzy Theme
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
๐จ CVE-2024-33909
Missing Authorization vulnerability in Avirtum iPages Flipbook allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects iPages Flipbook: from n/a through 1.5.1.
๐@cveNotify
Missing Authorization vulnerability in Avirtum iPages Flipbook allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects iPages Flipbook: from n/a through 1.5.1.
๐@cveNotify
Patchstack
Broken Access Control in WordPress iPages Flipbook Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
๐จ CVE-2024-34810
Cross-Site request forgery (CSRF) vulnerability in Extend Themes Skyline WP allows Cross Site Request Forgery.
This issue affects Skyline WP: from n/a through 1.0.10.
๐@cveNotify
Cross-Site request forgery (CSRF) vulnerability in Extend Themes Skyline WP allows Cross Site Request Forgery.
This issue affects Skyline WP: from n/a through 1.0.10.
๐@cveNotify
Patchstack
Cross Site Request Forgery (CSRF) in WordPress Skyline WP Theme
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
๐จ CVE-2024-35648
Cross-Site request forgery (CSRF) vulnerability in Andy Moyle Emergency Password Reset allows Cross Site Request Forgery.
This issue affects Emergency Password Reset: from n/a through 8.0.
๐@cveNotify
Cross-Site request forgery (CSRF) vulnerability in Andy Moyle Emergency Password Reset allows Cross Site Request Forgery.
This issue affects Emergency Password Reset: from n/a through 8.0.
๐@cveNotify
Patchstack
Cross Site Request Forgery (CSRF) in WordPress Emergency Password Reset Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
๐จ CVE-2024-37210
Missing Authorization vulnerability in ali2woo AliNext allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects AliNext: from n/a through 3.3.5.
๐@cveNotify
Missing Authorization vulnerability in ali2woo AliNext allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects AliNext: from n/a through 3.3.5.
๐@cveNotify
Patchstack
Broken Access Control in WordPress AliNext Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
๐จ CVE-2024-37496
Missing Authorization vulnerability in Rara Themes Metro Magazine allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects Metro Magazine: from n/a through 1.3.7.
๐@cveNotify
Missing Authorization vulnerability in Rara Themes Metro Magazine allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects Metro Magazine: from n/a through 1.3.7.
๐@cveNotify
Patchstack
Broken Access Control in WordPress Metro Magazine Theme
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
๐จ CVE-2024-49269
Unauthenticated Cross Site Scripting (XSS) in my flatonica <= 0.0.8 versions.
๐@cveNotify
Unauthenticated Cross Site Scripting (XSS) in my flatonica <= 0.0.8 versions.
๐@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress my flatonica Theme
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
๐จ CVE-2025-31013
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themify Folo allows Reflected XSS.
This issue affects Themify Folo: from n/a through 1.9.6.
๐@cveNotify
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themify Folo allows Reflected XSS.
This issue affects Themify Folo: from n/a through 1.9.6.
๐@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress Themify Folo Theme
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
๐จ CVE-2025-48571
In multiple functions of btm_sec.cc, there is a possible way for an attacker to intercept SMS messages due to a logic error in the code. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.
๐@cveNotify
In multiple functions of btm_sec.cc, there is a possible way for an attacker to intercept SMS messages due to a logic error in the code. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.
๐@cveNotify