🚨 CVE-2026-57912
Johnson & Johnson Campus Recruiting before 2025-10-31 allows viewing of data provided by recruited students, and notes entered about students by interviewers.
🎖@cveNotify
Johnson & Johnson Campus Recruiting before 2025-10-31 allows viewing of data provided by recruited students, and notes entered about students by interviewers.
🎖@cveNotify
Eaton-Works
Exploiting vulnerabilities in Johnson & Johnson web apps
Campus Recruiting vulnerability exposed student information, and Audit Tracking Management System vulnerability exposed confidential internal audit data.
🚨 CVE-2026-57913
Johnson & Johnson Audit Tracking Management System (ATMS) before 2026-04-21 allows viewing of meeting minutes and transcripts.
🎖@cveNotify
Johnson & Johnson Audit Tracking Management System (ATMS) before 2026-04-21 allows viewing of meeting minutes and transcripts.
🎖@cveNotify
Eaton-Works
Exploiting vulnerabilities in Johnson & Johnson web apps
Campus Recruiting vulnerability exposed student information, and Audit Tracking Management System vulnerability exposed confidential internal audit data.
🚨 CVE-2026-13426
The Mattermost Go module github.com/mattermost/mattermost/server/public versions < v0.1.22 fail to validate path parameters when constructing API route paths which allows an attacker to redirect API calls to unintended endpoints via crafted IDs containing path traversal components. Mattermost Advisory ID: MMSA-2025-00532
🎖@cveNotify
The Mattermost Go module github.com/mattermost/mattermost/server/public versions < v0.1.22 fail to validate path parameters when constructing API route paths which allows an attacker to redirect API calls to unintended endpoints via crafted IDs containing path traversal components. Mattermost Advisory ID: MMSA-2025-00532
🎖@cveNotify
Mattermost.com
Security Updates
Find information about Mattermost security updates, sign up for our Security Bulletin, read our Responsible Disclosure Policy, and more.
🚨 CVE-2026-53914
In JetBrains Kotlin before 2.4.20 code execution was possible via unsafe deserialization in the build cache metadata
🎖@cveNotify
In JetBrains Kotlin before 2.4.20 code execution was possible via unsafe deserialization in the build cache metadata
🎖@cveNotify
JetBrains
Fixed security issues
This page contains information about resolved security issues, including description, severity, assigned CVEs, and the product versions in which they were resolved.
🚨 CVE-2026-57921
In JetBrains YouTrack before 2026.2.16593 improper access control allowed reading users' private data via the comment templates endpoint
🎖@cveNotify
In JetBrains YouTrack before 2026.2.16593 improper access control allowed reading users' private data via the comment templates endpoint
🎖@cveNotify
JetBrains
Fixed security issues
This page contains information about resolved security issues, including description, severity, assigned CVEs, and the product versions in which they were resolved.
🚨 CVE-2026-57922
In JetBrains YouTrack before 2026.2.16593 project settings disclosure via the MCP was possible
🎖@cveNotify
In JetBrains YouTrack before 2026.2.16593 project settings disclosure via the MCP was possible
🎖@cveNotify
JetBrains
Fixed security issues
This page contains information about resolved security issues, including description, severity, assigned CVEs, and the product versions in which they were resolved.
🚨 CVE-2026-57923
In JetBrains YouTrack before 2026.2.16593 improper authorisation in the app configurations endpoint allowed modifying project settings
🎖@cveNotify
In JetBrains YouTrack before 2026.2.16593 improper authorisation in the app configurations endpoint allowed modifying project settings
🎖@cveNotify
JetBrains
Fixed security issues
This page contains information about resolved security issues, including description, severity, assigned CVEs, and the product versions in which they were resolved.
🚨 CVE-2026-57924
In JetBrains YouTrack before 2026.2.16593 default role configuration exposed excessive user profile details
🎖@cveNotify
In JetBrains YouTrack before 2026.2.16593 default role configuration exposed excessive user profile details
🎖@cveNotify
JetBrains
Fixed security issues
This page contains information about resolved security issues, including description, severity, assigned CVEs, and the product versions in which they were resolved.
🚨 CVE-2026-57925
In JetBrains YouTrack before 2026.2.16593 improper access control allowed reading saved queries and tags
🎖@cveNotify
In JetBrains YouTrack before 2026.2.16593 improper access control allowed reading saved queries and tags
🎖@cveNotify
JetBrains
Fixed security issues
This page contains information about resolved security issues, including description, severity, assigned CVEs, and the product versions in which they were resolved.
🚨 CVE-2026-57926
In JetBrains YouTrack before 2026.2.16593 the websandbox bridge was vulnerable to a prototype pollution attack
🎖@cveNotify
In JetBrains YouTrack before 2026.2.16593 the websandbox bridge was vulnerable to a prototype pollution attack
🎖@cveNotify
JetBrains
Fixed security issues
This page contains information about resolved security issues, including description, severity, assigned CVEs, and the product versions in which they were resolved.
🚨 CVE-2025-63079
Contributor Broken Access Control in Live Copy Paste for Elementor <= 1.5.3 versions.
🎖@cveNotify
Contributor Broken Access Control in Live Copy Paste for Elementor <= 1.5.3 versions.
🎖@cveNotify
Patchstack
Broken Access Control in WordPress Live Copy Paste for Elementor Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2025-64636
Unauthenticated Broken Access Control in Donation Thermometer <= 2.2.7 versions.
🎖@cveNotify
Unauthenticated Broken Access Control in Donation Thermometer <= 2.2.7 versions.
🎖@cveNotify
Patchstack
Broken Access Control in WordPress Donation Thermometer Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2025-68074
Contributor Cross Site Scripting (XSS) in Image Carousel <= 1.0.0.41 versions.
🎖@cveNotify
Contributor Cross Site Scripting (XSS) in Image Carousel <= 1.0.0.41 versions.
🎖@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress Image Carousel Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-3472
Mattermost versions 10.11.x <= 10.11.18, 11.6.x <= 11.6.3, 11.5.x <= 11.5.6 fail to properly apply markdown image rendering restrictions to AI bot tool result posts, which allows an authenticated attacker to exfiltrate data to an attacker-controlled server via injecting markdown image syntax into tool result content rendered by a victim's client.. Mattermost Advisory ID: MMSA-2026-00619
🎖@cveNotify
Mattermost versions 10.11.x <= 10.11.18, 11.6.x <= 11.6.3, 11.5.x <= 11.5.6 fail to properly apply markdown image rendering restrictions to AI bot tool result posts, which allows an authenticated attacker to exfiltrate data to an attacker-controlled server via injecting markdown image syntax into tool result content rendered by a victim's client.. Mattermost Advisory ID: MMSA-2026-00619
🎖@cveNotify
Mattermost.com
Security Updates
Find information about Mattermost security updates, sign up for our Security Bulletin, read our Responsible Disclosure Policy, and more.
🚨 CVE-2026-45256
When used to deliver a signal to a specific thread, thr_kill2(2) called p_cansignal() to determine whether the operation was permitted but did not check the result before delivering the signal. The signal was sent even when the permission check failed. The system call returned the resulting error to the caller, but by then the signal had already been delivered.
The missing check allows an unprivileged local user who knows or can guess a target's process and thread IDs to send any signal to a process they would not normally be permitted to signal, including processes owned by other users or by root. The same check enforces jail boundaries, so a jailed process can signal processes on the host or in other jails. Thread IDs are allocated globally and sequentially, and so can be discovered by brute force with no visibility into the target.
An attacker can stop or terminate arbitrary processes, including critical system daemons, resulting in a Denial of Service (DoS).
🎖@cveNotify
When used to deliver a signal to a specific thread, thr_kill2(2) called p_cansignal() to determine whether the operation was permitted but did not check the result before delivering the signal. The signal was sent even when the permission check failed. The system call returned the resulting error to the caller, but by then the signal had already been delivered.
The missing check allows an unprivileged local user who knows or can guess a target's process and thread IDs to send any signal to a process they would not normally be permitted to signal, including processes owned by other users or by root. The same check enforces jail boundaries, so a jailed process can signal processes on the host or in other jails. Thread IDs are allocated globally and sequentially, and so can be discovered by brute force with no visibility into the target.
An attacker can stop or terminate arbitrary processes, including critical system daemons, resulting in a Denial of Service (DoS).
🎖@cveNotify
🚨 CVE-2026-45257
The KTLS receive path decrypted each record in place, assuming that the mbufs holding received data were anonymous and safe to modify. This assumption does not hold for data placed on a socket by sendfile(2), which can reference file-backed memory directly through non-anonymous M_EXTPG pages or EXT_SFBUF mbufs. When the sender transmits such data over a loopback connection without enabling KTLS on the transmit side, the file-backed mbufs reach the receiver's decryption path unchanged. Decrypting a record in place then overwrites the backing file's page cache instead of a private copy of the data.
An unprivileged local user who can read a file can overwrite its contents with data of their choosing by sending the file over a loopback connection on which they have enabled KTLS receive. The write modifies the page cache directly, so it bypasses file flags such as schg and is written back to disk. By overwriting a setuid binary or other trusted file, a local user can escalate privileges, potentially gaining full control of the affected system.
🎖@cveNotify
The KTLS receive path decrypted each record in place, assuming that the mbufs holding received data were anonymous and safe to modify. This assumption does not hold for data placed on a socket by sendfile(2), which can reference file-backed memory directly through non-anonymous M_EXTPG pages or EXT_SFBUF mbufs. When the sender transmits such data over a loopback connection without enabling KTLS on the transmit side, the file-backed mbufs reach the receiver's decryption path unchanged. Decrypting a record in place then overwrites the backing file's page cache instead of a private copy of the data.
An unprivileged local user who can read a file can overwrite its contents with data of their choosing by sending the file over a loopback connection on which they have enabled KTLS receive. The write modifies the page cache directly, so it bypasses file flags such as schg and is written back to disk. By overwriting a setuid binary or other trusted file, a local user can escalate privileges, potentially gaining full control of the affected system.
🎖@cveNotify
🚨 CVE-2026-54824
Unauthenticated Sensitive Data Exposure in Ads by WPQuads <= 3.0.3 versions.
🎖@cveNotify
Unauthenticated Sensitive Data Exposure in Ads by WPQuads <= 3.0.3 versions.
🎖@cveNotify
Patchstack
Sensitive Data Exposure in WordPress Ads by WPQuads Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-54834
Unauthenticated Sensitive Data Exposure in Object Cache 4 everyone <= 2.3.2 versions.
🎖@cveNotify
Unauthenticated Sensitive Data Exposure in Object Cache 4 everyone <= 2.3.2 versions.
🎖@cveNotify
Patchstack
Sensitive Data Exposure in WordPress Object Cache 4 everyone Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.