CVE Security

authentik is an open-source identity provider. In versions prior to 2025.12.5 and 2026.2.0-rc1 through 2026.2.2, the PATCH /api/v3/core/users/{pk}/ AP...

Applications


                                    CVE-2026-40172

Lire l'article

unknown

29/05/2026

Vulnérabilité unknown détectée - CVE-2026-48700

An issue was discovered in all versions of PCManFM-Qt starting from 1.1.0. When a regular file's path is passed as a URI in an org.freedesktop.FileMan...

Applications


                                    CVE-2026-48700

Lire l'article

high 8.8

29/05/2026

Vulnérabilité high détectée - CVE-2026-6406

The Docker CLI --use-api-socket flag bypasses Enhanced Container Isolation (ECI) restrictions in Docker Desktop. When ECI is enabled, Docker socket mo...

Applications


                                    CVE-2026-6406

Lire l'article

high 7.1

29/05/2026

Vulnérabilité high détectée - CVE-2026-9291

Insecure deserialization in the job results processing component in Amazon Braket SDK before 1.117.0 might allow a remote authenticated user with S3 ...

Applications


                                    CVE-2026-9291

Lire l'article

low 3.3

29/05/2026

Vulnérabilité low détectée - CVE-2026-39824

NewNTUnicodeString does not check for string length overflow. When provided with a string that overflows the maximum size of a NTUnicodeString (a 16-b...

Applications


                                    CVE-2026-39824

Lire l'article

medium 6.1

29/05/2026

Vulnérabilité medium détectée - CVE-2026-40295

Devise is an authentication solution for Rails based on Warden. In versions 5.0.3 and below, when the Timeoutable module is enabled in Devise, the Fai...

Applications


                                    CVE-2026-40295

Lire l'article

unknown

29/05/2026

Vulnérabilité unknown détectée - CVE-2026-40597

Mantis Bug Tracker (MantisBT) is an open source issue tracker. In versions 2.28.1 and below, given any pre-existing XSS / HTML injection vulnerability...

Applications Web


                                    CVE-2026-40597

Lire l'article

unknown

29/05/2026

Vulnérabilité unknown détectée - CVE-2026-40166

authentik is an open-source identity provider. In versions prior to 2025.12.5 and 2026.2.0-rc1 through 2026.2.2, authenticated non-admin users with at...

Applications


                                    CVE-2026-40166

Lire l'article

high 7.1

29/05/2026

Vulnérabilité high détectée - CVE-2026-39968

TypeBot is a chatbot builder tool. In versions 3.15.2 and prior, the fix for GHSA-4xc5-wfwc-jw47 ("Credential Theft via Client-Side Script Execution a...

Applications


                                    CVE-2026-39968

Lire l'article

medium 6.5

29/05/2026

Vulnérabilité medium détectée - CVE-2026-39969

TypeBot is a chatbot builder tool. In versions 3.16.0 and prior, the WhatsApp Cloud API webhook endpoint (POST /v1/workspaces/{workspaceId}/whatsapp/{...

Applications


                                    CVE-2026-39969

Lire l'article

unknown

29/05/2026

Vulnérabilité unknown détectée - CVE-2026-39970

TypeBot is a chatbot builder tool. Versions 3.15.2 and prior contain a critical stored XSS vulnerability in the app.typebot.io profile picture upload ...

Applications Web


                                    CVE-2026-39970

Lire l'article

high 7.8

29/05/2026

Vulnérabilité high détectée - CVE-2026-9255

Missing input source validation in the tool authorization prompt in Kiro CLI before 1.28.0 allows a local attacker to execute arbitrary tools, includi...

Applications


                                    CVE-2026-9255

Lire l'article

9 10 11 12 13