π¨ CVE-2026-47838
SubjectDnX509PrincipalExtractor does not correctly handle certain malformed X.509 certificate CN values, which can lead to reading the wrong value for the username. In a carefully crafted certificate, this can lead to an attacker impersonating another user.
Affected versions:
Spring Security 5.7.0 through 5.7.24; 5.8.0 through 5.8.26; 6.3.0 through 6.3.17; 6.4.0 through 6.4.17; 6.5.0 through 6.5.10.
π@cveNotify
SubjectDnX509PrincipalExtractor does not correctly handle certain malformed X.509 certificate CN values, which can lead to reading the wrong value for the username. In a carefully crafted certificate, this can lead to an attacker impersonating another user.
Affected versions:
Spring Security 5.7.0 through 5.7.24; 5.8.0 through 5.8.26; 6.3.0 through 6.3.17; 6.4.0 through 6.4.17; 6.5.0 through 6.5.10.
π@cveNotify
CVE-2026-47838: Unauthorized User Impersonation when Using X.509 Client Certificates
Level up your Java code and explore what Spring can do for you.
π¨ CVE-2026-41699
Spring for GraphQL applications are vulnerable to Unsafe Deserialization when processing paginated GraphQL queries. An attacker can craft a malicious GraphQL request that can lead to Remote Code Execution when the application exposes a paginated (Connection) field and the classpath contains specific classes that can be leveraged during deserialization.
Affected versions:
Spring for GraphQL 2.0.0 through 2.0.3; 1.4.0 through 1.4.5; 1.3.0 through 1.3.8.
π@cveNotify
Spring for GraphQL applications are vulnerable to Unsafe Deserialization when processing paginated GraphQL queries. An attacker can craft a malicious GraphQL request that can lead to Remote Code Execution when the application exposes a paginated (Connection) field and the classpath contains specific classes that can be leveraged during deserialization.
Affected versions:
Spring for GraphQL 2.0.0 through 2.0.3; 1.4.0 through 1.4.5; 1.3.0 through 1.3.8.
π@cveNotify
CVE-2026-41699: Unsafe Deserialization in Spring GraphQL
Level up your Java code and explore what Spring can do for you.
π¨ CVE-2026-41700
Spring for GraphQL applications that have enabled the WebSocket transport are vulnerable to Cross-Site WebSocket Hijacking. An attacker can trick an authenticated user into visiting a malicious page, allowing the attacker to execute arbitrary GraphQL operations with the victim's credentials.
Affected versions:
Spring for GraphQL 2.0.0 through 2.0.3; 1.4.0 through 1.4.5; 1.3.0 through 1.3.8; 1.0.0 through 1.0.6.
π@cveNotify
Spring for GraphQL applications that have enabled the WebSocket transport are vulnerable to Cross-Site WebSocket Hijacking. An attacker can trick an authenticated user into visiting a malicious page, allowing the attacker to execute arbitrary GraphQL operations with the victim's credentials.
Affected versions:
Spring for GraphQL 2.0.0 through 2.0.3; 1.4.0 through 1.4.5; 1.3.0 through 1.3.8; 1.0.0 through 1.0.6.
π@cveNotify
CVE-2026-41700: Cross-Site WebSocket Hijacking in Spring for GraphQL
Level up your Java code and explore what Spring can do for you.
π¨ CVE-2026-41856
The Spring GraphQL annotation detection mechanism for @Controller data fetchers may not correctly resolve annotations on methods within type hierarchies. This can be an issue if such annotations are used for authorization decisions. When all conditions are met, security annotations can be ignored at runtime.
Affected versions:
Spring for GraphQL 2.0.0 through 2.0.3; 1.4.0 through 1.4.5; 1.3.0 through 1.3.8; 1.0.0 through 1.0.6.
π@cveNotify
The Spring GraphQL annotation detection mechanism for @Controller data fetchers may not correctly resolve annotations on methods within type hierarchies. This can be an issue if such annotations are used for authorization decisions. When all conditions are met, security annotations can be ignored at runtime.
Affected versions:
Spring for GraphQL 2.0.0 through 2.0.3; 1.4.0 through 1.4.5; 1.3.0 through 1.3.8; 1.0.0 through 1.0.6.
π@cveNotify
CVE-2026-41856: Spring GraphQL Annotation Detection Vulnerability
Level up your Java code and explore what Spring can do for you.
π¨ CVE-2026-9106
A UI misrepresentation vulnerability was identified in GitHub Enterprise Server that allowed an OAuth application to gain unintended access to an organization's runner management. An attacker could exploit this by creating an OAuth application requesting the manage_runners:org scope and directing a victim user to authorize it, as the scope was not displayed on the authorization consent screen. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.22 and was fixed in versions 3.21.2, 3.20.4, 3.19.8, 3.18.11, 3.17.17. This vulnerability was reported via the GitHub Bug Bounty program.
π@cveNotify
A UI misrepresentation vulnerability was identified in GitHub Enterprise Server that allowed an OAuth application to gain unintended access to an organization's runner management. An attacker could exploit this by creating an OAuth application requesting the manage_runners:org scope and directing a victim user to authorize it, as the scope was not displayed on the authorization consent screen. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.22 and was fixed in versions 3.21.2, 3.20.4, 3.19.8, 3.18.11, 3.17.17. This vulnerability was reported via the GitHub Bug Bounty program.
π@cveNotify
GitHub Docs
Release notes - GitHub Enterprise Server 3.17 Docs
Detailed information for all releases of the currently selected version of GitHub Enterprise Server.
π¨ CVE-2026-10585
A stored cross-site scripting vulnerability was identified in GitHub Enterprise Server that allowed an authenticated attacker to execute arbitrary JavaScript in another user's browser by injecting a crafted payload into the title of a Discussion in the Q&A category. The AnsweredQuestionStructuredDataComponent did not escape user-controlled Discussion titles before embedding them in a <script type="application/ld+json"> block, allowing the title to break out of the script context. The injection was escalated to a full cross-site scripting attack on GitHub Enterprise Server by leveraging JSONP callback support in the REST API to bypass the Content Security Policy. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.21 and was fixed in versions 3.20.4, 3.19.8, 3.18.11, 3.17.17. This vulnerability was reported via the GitHub Bug Bounty program https://bounty.github.com/ .
π@cveNotify
A stored cross-site scripting vulnerability was identified in GitHub Enterprise Server that allowed an authenticated attacker to execute arbitrary JavaScript in another user's browser by injecting a crafted payload into the title of a Discussion in the Q&A category. The AnsweredQuestionStructuredDataComponent did not escape user-controlled Discussion titles before embedding them in a <script type="application/ld+json"> block, allowing the title to break out of the script context. The injection was escalated to a full cross-site scripting attack on GitHub Enterprise Server by leveraging JSONP callback support in the REST API to bypass the Content Security Policy. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.21 and was fixed in versions 3.20.4, 3.19.8, 3.18.11, 3.17.17. This vulnerability was reported via the GitHub Bug Bounty program https://bounty.github.com/ .
π@cveNotify
GitHub Docs
Release notes - GitHub Enterprise Server 3.17 Docs
Detailed information for all releases of the currently selected version of GitHub Enterprise Server.
π¨ CVE-2026-11541
IBM WebSphere Application Server 9.0, and 8.5 and IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 are affected by an HTTP request smuggling vulnerability.
π@cveNotify
IBM WebSphere Application Server 9.0, and 8.5 and IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 are affected by an HTTP request smuggling vulnerability.
π@cveNotify
Ibm
Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by HTTP request smugglingβ¦
IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by remote code execution and HTTP request smuggling.
π¨ CVE-2026-35505
An unauthenticated remote attacker can repeatedly send crafted connection requests to leak memory. In single-process deployments the memory grows until the service is killed and the port stops responding until restart.
π@cveNotify
An unauthenticated remote attacker can repeatedly send crafted connection requests to leak memory. In single-process deployments the memory grows until the service is killed and the port stops responding until restart.
π@cveNotify
GitHub
Release Latest (updated on 2026-06-25 13:06 UTC) Β· DCMTK/dcmtk
Official DCMTK Github Mirror. Contribute to DCMTK/dcmtk development by creating an account on GitHub.
π¨ CVE-2026-37106
An issue in DokuWiki 2025-05-14b "Librarian" 56.2 allows a remote attacker to execute arbitrary code via the register function in inc/auth.php
π@cveNotify
An issue in DokuWiki 2025-05-14b "Librarian" 56.2 allows a remote attacker to execute arbitrary code via the register function in inc/auth.php
π@cveNotify
Gist
CVE-2026-37106: DokuWiki Unauthorized User Registration Vulnerability
CVE-2026-37106: DokuWiki Unauthorized User Registration Vulnerability - cve-2026-37106.md
π¨ CVE-2026-50003
A malicious or compromised server can make a DCMTK client using bit-preserving C-GET storage mode write files outside the chosen output directory, using both relative (../) paths and absolute paths.
π@cveNotify
A malicious or compromised server can make a DCMTK client using bit-preserving C-GET storage mode write files outside the chosen output directory, using both relative (../) paths and absolute paths.
π@cveNotify
GitHub
Release Latest (updated on 2026-06-25 13:06 UTC) Β· DCMTK/dcmtk
Official DCMTK Github Mirror. Contribute to DCMTK/dcmtk development by creating an account on GitHub.
π¨ CVE-2026-50254
An unauthenticated remote attacker can repeatedly send a single crafted connection request to leak memory. Against storescp in its default single-process mode, memory grows quickly and the service is eventually killed, after which it stops accepting connections until an operator restarts it.
π@cveNotify
An unauthenticated remote attacker can repeatedly send a single crafted connection request to leak memory. Against storescp in its default single-process mode, memory grows quickly and the service is eventually killed, after which it stops accepting connections until an operator restarts it.
π@cveNotify
GitHub
Release Latest (updated on 2026-06-25 13:06 UTC) Β· DCMTK/dcmtk
Official DCMTK Github Mirror. Contribute to DCMTK/dcmtk development by creating an account on GitHub.
π¨ CVE-2026-52196
Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub_416f28 component
π@cveNotify
Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub_416f28 component
π@cveNotify
GitHub
CVEreport/518G/FUN_00416f28 at main Β· akuma-QAQ/CVEreport
Contribute to akuma-QAQ/CVEreport development by creating an account on GitHub.
π¨ CVE-2026-52868
An unauthenticated attacker can read worklist records from a directory outside the intended per-AE worklist storage area. In a multi-area deployment, this can cross departmental or clinic data separation.
π@cveNotify
An unauthenticated attacker can read worklist records from a directory outside the intended per-AE worklist storage area. In a multi-area deployment, this can cross departmental or clinic data separation.
π@cveNotify
GitHub
Release Latest (updated on 2026-06-25 13:06 UTC) Β· DCMTK/dcmtk
Official DCMTK Github Mirror. Contribute to DCMTK/dcmtk development by creating an account on GitHub.
π¨ CVE-2026-57585
MessagePack is the serializer implementation for Python msgpack.org. Prior to 1.2.1, there is an Out-of-bounds read/crash on Unpacker reuse after a caught error, potentially leading to a DoS attack. If the Unpacker is used repeatedly after an error occurs, the process may crash with a SEGV. This issue has been fixed in version 1.2.1.
π@cveNotify
MessagePack is the serializer implementation for Python msgpack.org. Prior to 1.2.1, there is an Out-of-bounds read/crash on Unpacker reuse after a caught error, potentially leading to a DoS attack. If the Unpacker is used repeatedly after an error occurs, the process may crash with a SEGV. This issue has been fixed in version 1.2.1.
π@cveNotify
GitHub
Merge commit from fork Β· msgpack/msgpack-python@2c56ddb
* fix Unpacker crash after unpack failure.
* fixup
* fixup
π¨ CVE-2026-58446
Presenton before 0.8.8-beta bundles an MCP server that, on server/Docker deployments configured with session authentication (AUTH_USERNAME/AUTH_PASSWORD), is reachable unauthenticated at /mcp because the nginx front-end does not apply the auth_request gate to that path and the MCP server auto-mints a valid internal session token for the configured user. A remote unauthenticated attacker can invoke MCP tools such as generate_presentation, performing authenticated application actions, consuming the operators configured LLM API keys, and creating presentations in the operators instance. The Electron desktop build is not affected (MCP disabled).
π@cveNotify
Presenton before 0.8.8-beta bundles an MCP server that, on server/Docker deployments configured with session authentication (AUTH_USERNAME/AUTH_PASSWORD), is reachable unauthenticated at /mcp because the nginx front-end does not apply the auth_request gate to that path and the MCP server auto-mints a valid internal session token for the configured user. A remote unauthenticated attacker can invoke MCP tools such as generate_presentation, performing authenticated application actions, consuming the operators configured LLM API keys, and creating presentations in the operators instance. The Electron desktop build is not affected (MCP disabled).
π@cveNotify
GitHub
feat: implement MCP authentication and update OpenAPI specifications Β· presenton/presenton@a1103dc
- Added authentication requirements for the MCP endpoints, ensuring that requests to `/mcp` and `/mcp/` require a valid bearer token.
- Enhanced the README with instructions for MCP authentication,...
- Enhanced the README with instructions for MCP authentication,...
π¨ CVE-2026-58447
Invidious through 2.20260626.0, fixed in commit 77ad416, contains a broken object level authorization vulnerability that allows authenticated attackers to delete videos from other users' playlists by supplying an arbitrary global video index in the remove_video action of the playlist endpoint. Attackers can obtain per-video index values from the public playlist JSON API and submit them to the playlist video deletion endpoint without ownership validation, permanently removing videos from playlists they do not own.
π@cveNotify
Invidious through 2.20260626.0, fixed in commit 77ad416, contains a broken object level authorization vulnerability that allows authenticated attackers to delete videos from other users' playlists by supplying an arbitrary global video index in the remove_video action of the playlist endpoint. Attackers can obtain per-video index values from the public playlist JSON API and submit them to the playlist video deletion endpoint without ownership validation, permanently removing videos from playlists they do not own.
π@cveNotify
GitHub
fix: security issue playlist deletion cross user (#5790) Β· iv-org/invidious@77ad416
fixes #5777
π¨ CVE-2026-58448
yudao-cloud before 2026.06 contains a broken access control vulnerability in the BPM module that allows any authenticated user to access arbitrary process instance records by supplying a caller-controlled process-instance identifier to an unprotected endpoint lacking the @PreAuthorize annotation. Attackers can query any process-instance identifier through the unguarded GET endpoint to read sensitive workflow data including submitted form variables, approver identities, approval and rejection comments, and process BPMN XML without ownership or tenant party verification.
π@cveNotify
yudao-cloud before 2026.06 contains a broken access control vulnerability in the BPM module that allows any authenticated user to access arbitrary process instance records by supplying a caller-controlled process-instance identifier to an unprotected endpoint lacking the @PreAuthorize annotation. Attackers can query any process-instance identifier through the unguarded GET endpoint to read sensitive workflow data including submitted form variables, approver identities, approval and rejection comments, and process BPMN XML without ownership or tenant party verification.
π@cveNotify
GitHub
Missing Permission Check on BPM Process Instance BPMN View Endpoint Allows Unauthorized Access to Workflow Data Β· Issue #315 Β·β¦
Summary The BPM (Business Process Management) module exposes a GET /bpm/process-instance/get-bpmn-model-view endpoint that returns the full approval workflow data for any process instance -- includ...
π¨ CVE-2026-58449
txtai through 9.10.0, fixed in commit 11b32da, exposes an API /reindex endpoint whose function body parameter is resolved through txtai.util.Resolver, which performs __import__ and getattr on the caller-supplied dotted path with no allowlist. When the API is exposed with no TOKEN configured (authentication is opt-in, so all endpoints are unauthenticated) and the index is configured writable, a remote attacker can set function to an arbitrary callable such as subprocess.getoutput, achieving remote code execution as the server process during reindexing. Exploitation requires those deployment conditions (API exposed, no TOKEN, writable index); it is not the default configuration. The fix gates the endpoint behind a new reindex configuration flag.
π@cveNotify
txtai through 9.10.0, fixed in commit 11b32da, exposes an API /reindex endpoint whose function body parameter is resolved through txtai.util.Resolver, which performs __import__ and getattr on the caller-supplied dotted path with no allowlist. When the API is exposed with no TOKEN configured (authentication is opt-in, so all endpoints are unauthenticated) and the index is configured writable, a remote attacker can set function to an arbitrary callable such as subprocess.getoutput, achieving remote code execution as the server process during reindexing. Exploitation requires those deployment conditions (API exposed, no TOKEN, writable index); it is not the default configuration. The fix gates the endpoint behind a new reindex configuration flag.
π@cveNotify
GitHub
Add reindex parameter for API, closes #1111 Β· neuml/txtai@11b32da
π‘ All-in-one AI framework for semantic search, LLM orchestration and language model workflows - Add reindex parameter for API, closes #1111 Β· neuml/txtai@11b32da
π¨ CVE-2026-58450
Invoice Ninja through 5.13.26 contains an open redirect vulnerability in the client portal login that allows unauthenticated attackers to redirect authenticated victims to attacker-controlled external URLs by injecting a malicious value into the intended query parameter. Attackers can craft a client login link with an external URL in the intended parameter, which is stored in the session without host validation and emitted verbatim via a bare redirect in the ContactLoginController authenticated() handler after the victim completes a legitimate login, enabling phishing attacks.
π@cveNotify
Invoice Ninja through 5.13.26 contains an open redirect vulnerability in the client portal login that allows unauthenticated attackers to redirect authenticated victims to attacker-controlled external URLs by injecting a malicious value into the intended query parameter. Attackers can craft a client login link with an external URL in the intended parameter, which is stored in the session without host validation and emitted verbatim via a bare redirect in the ContactLoginController authenticated() handler after the victim completes a legitimate login, enabling phishing attacks.
π@cveNotify
GitHub
Open Redirect in Client Portal Post-Login via `?intended=` Parameter Β· Issue #12039 Β· invoiceninja/invoiceninja
sent report in on 14 May and followed up on 6 June, both with no responses. Summary The Invoice Ninja client portal login endpoint accepts an intended query parameter, stores it in the PHP session ...
π¨ CVE-2026-10585
A stored cross-site scripting vulnerability was identified in GitHub Enterprise Server that allowed an authenticated attacker to execute arbitrary JavaScript in another user's browser by injecting a crafted payload into the title of a Discussion in the Q&A category. The AnsweredQuestionStructuredDataComponent did not escape user-controlled Discussion titles before embedding them in a <script type="application/ld+json"> block, allowing the title to break out of the script context. The injection was escalated to a full cross-site scripting attack on GitHub Enterprise Server by leveraging JSONP callback support in the REST API to bypass the Content Security Policy. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.21 and was fixed in versions 3.20.4, 3.19.8, 3.18.11, 3.17.17. This vulnerability was reported via the GitHub Bug Bounty program.
π@cveNotify
A stored cross-site scripting vulnerability was identified in GitHub Enterprise Server that allowed an authenticated attacker to execute arbitrary JavaScript in another user's browser by injecting a crafted payload into the title of a Discussion in the Q&A category. The AnsweredQuestionStructuredDataComponent did not escape user-controlled Discussion titles before embedding them in a <script type="application/ld+json"> block, allowing the title to break out of the script context. The injection was escalated to a full cross-site scripting attack on GitHub Enterprise Server by leveraging JSONP callback support in the REST API to bypass the Content Security Policy. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.21 and was fixed in versions 3.20.4, 3.19.8, 3.18.11, 3.17.17. This vulnerability was reported via the GitHub Bug Bounty program.
π@cveNotify
GitHub Docs
Release notes - GitHub Enterprise Server 3.17 Docs
Detailed information for all releases of the currently selected version of GitHub Enterprise Server.
π¨ CVE-2025-71349
picklescan before 0.0.29 fails to detect the built-in trace.Trace.run function when analyzing pickle files, allowing attackers to embed undetected malicious code. Remote attackers can craft malicious pickle files using trace.Trace.run in the reduce method to achieve arbitrary code execution when pickle.load processes the file.
π@cveNotify
picklescan before 0.0.29 fails to detect the built-in trace.Trace.run function when analyzing pickle files, allowing attackers to embed undetected malicious code. Remote attackers can craft malicious pickle files using trace.Trace.run in the reduce method to achieve arbitrary code execution when pickle.load processes the file.
π@cveNotify
GitHub
Missing detection when calling built-in python trace.Trace.run
### Summary
Using trace.Trace.run, which is a built-in python library function to execute remote pickle file.
### Details
The attack payload executes in the following steps:
First, the ...
Using trace.Trace.run, which is a built-in python library function to execute remote pickle file.
### Details
The attack payload executes in the following steps:
First, the ...