Security

CVE-2026-40582 | ChurchCRM up to 7.1.x API Endpoint /api/public/user/login authentication bypass (GHSA-8cwr-x83m-mh9x)

A vulnerability labeled as critical has been found in ChurchCRM up to 7.1.x. Affected by this issue is some unknown

A vulnerability marked as problematic has been reported in freedomofpress securedrop-client up to 0.17.4. This affects an unknown part of

A vulnerability described as problematic has been identified in poporon Pz-LinkCard Plugin up to 2.5.8.1 on WordPress. This vulnerability affects

A vulnerability classified as problematic has been found in Youzify Plugin up to 1.3.6 on WordPress. This issue affects some

A vulnerability classified as problematic was found in prasunsen Hostel Plugin up to 1.1.6 on WordPress. Impacted is an unknown

A vulnerability, which was classified as problematic, has been found in godaddy Page Builder Gutenberg Blocks Plugin up to 3.1.16

A vulnerability, which was classified as problematic, was found in dragwyb Flipbox Addon for Elementor Plugin up to 2.0.8 on

A vulnerability has been found in MinecAnton209 NovumOS up to 0.23 and classified as critical. This affects an unknown function.

A vulnerability was found in MinecAnton209 NovumOS up to 0.23 and classified as critical. This impacts an unknown function. Executing

A vulnerability was found in Kimai up to 2.52.x. It has been classified as problematic. Affected is the function escapeForHtml

Vercel Breach Tied to Context AI Hack Exposes Limited Customer Credentials
Stablecoins, RWAs and Hong Kong’s interface moment
Pill and pipeline: US drug supply needs a China reality check
Canonical expands Ubuntu support to next-generation MediaTek Genio 520 and 720 platforms