CVE-2026-40481 | monetr up to 1.12.3 Public Stripe Webhook Endpoint resource consumption (GHSA-v7xq-3wx6-fqc2)
A vulnerability, which was classified as problematic, has been found in monetr up to 1.12.3. Affected by this vulnerability is
Read More
Security
03
CVE-2026-2262 | easyappointments Easy Appointments Plugin up to 3.12.21 on WordPress REST API Endpoint ea_appointments information disclosure
A vulnerability, which was classified as problematic, was found in easyappointments Easy Appointments Plugin up to 3.12.21 on WordPress. Affected
Read More
CVE-2026-40486 | Kimai up to 2.52.x Preferences API Endpoint preferences isEnabled dynamically-determined object attributes (GHSA-qh43-xrjm-4ggp)
A vulnerability has been found in Kimai up to 2.52.x and classified as problematic. This affects the function isEnabled of
Read More
CVE-2026-40339 | gphoto libgphoto2 up to 2.5.33 camlibs/ptp2/ptp-pack.c ptp_unpack_Sony_DPD out-of-bounds (GHSA-42cm-m9hc-r7q8)
A vulnerability was found in gphoto libgphoto2 up to 2.5.33 and classified as critical. This vulnerability affects the function ptp_unpack_Sony_DPD
Read More
CVE-2026-40485 | ChurchCRM up to 7.1.x Public API Login Endpoint /api/public/user/login excessive authentication (GHSA-x2qh-xmhq-4jpx)
A vulnerability was found in ChurchCRM up to 7.1.x. It has been classified as problematic. This issue affects some unknown
Read More
CVE-2026-40333 | gphoto libgphoto2 up to 2.5.33 camlibs/ptp2/ptp-pack.c ptp_unpack_EOS_events length out-of-bounds (GHSA-hq94-cp6h-3gjp)
A vulnerability was found in gphoto libgphoto2 up to 2.5.33. It has been declared as critical. Impacted is the function
Read More
CVE-2026-40340 | gphoto libgphoto2 up to 2.5.33 camlibs/ptp2/ptp-pack.c ptp_unpack_OI out-of-bounds (GHSA-xfw3-xvjp-5wcv)
A vulnerability was found in gphoto libgphoto2 up to 2.5.33. It has been rated as critical. The affected element is
Read More
CVE-2026-40476 | webonyx graphql-php up to 15.31.4 OverlappingFieldsCanBeMerged algorithmic complexity (GHSA-68jq-c3rv-pcrr)
A vulnerability categorized as problematic has been discovered in webonyx graphql-php up to 15.31.4. The impacted element is the function
Read More
CVE-2026-40477 | thymeleaf/thymeleaf-spring5/thymeleaf-spring6 up to 3.1.3 expression language injection (GHSA-r4v4-5mwr-2fwr)
A vulnerability identified as problematic has been detected in thymeleaf, thymeleaf-spring5 and thymeleaf-spring6 up to 3.1.3. This affects an unknown
Read More
CVE-2026-40478 | thymeleaf/thymeleaf-spring5/thymeleaf-spring6 up to 3.1.3 expression language injection (GHSA-xjw8-8c5c-9r79)
A vulnerability labeled as problematic has been found in thymeleaf, thymeleaf-spring5 and thymeleaf-spring6 up to 3.1.3. This impacts an unknown
Read More