Home
Editors’ Pick
Támogassa munkánkat!
Security
Dedicated
- Linux
- IoT
- ICS
- 5G
- OSINT
Media
- Blogs
- Video
- Podcasts
News
Github Collection

Security

April 18, 2026 Yanac

CVE-2026-2262 | easyappointments Easy Appointments Plugin up to 3.12.21 on WordPress REST API Endpoint ea_appointments information disclosure

A vulnerability, which was classified as problematic, was found in easyappointments Easy Appointments Plugin up to 3.12.21 on WordPress. Affected

Security Vulns

April 18, 2026 Yanac

CVE-2026-40486 | Kimai up to 2.52.x Preferences API Endpoint preferences isEnabled dynamically-determined object attributes (GHSA-qh43-xrjm-4ggp)

A vulnerability has been found in Kimai up to 2.52.x and classified as problematic. This affects the function isEnabled of

Security Vulns

April 18, 2026 Yanac

CVE-2026-40339 | gphoto libgphoto2 up to 2.5.33 camlibs/ptp2/ptp-pack.c ptp_unpack_Sony_DPD out-of-bounds (GHSA-42cm-m9hc-r7q8)

A vulnerability was found in gphoto libgphoto2 up to 2.5.33 and classified as critical. This vulnerability affects the function ptp_unpack_Sony_DPD

Security Vulns

April 18, 2026 Yanac

CVE-2026-40485 | ChurchCRM up to 7.1.x Public API Login Endpoint /api/public/user/login excessive authentication (GHSA-x2qh-xmhq-4jpx)

A vulnerability was found in ChurchCRM up to 7.1.x. It has been classified as problematic. This issue affects some unknown

Security Vulns

April 18, 2026 Yanac

CVE-2026-40333 | gphoto libgphoto2 up to 2.5.33 camlibs/ptp2/ptp-pack.c ptp_unpack_EOS_events length out-of-bounds (GHSA-hq94-cp6h-3gjp)

A vulnerability was found in gphoto libgphoto2 up to 2.5.33. It has been declared as critical. Impacted is the function

Security Vulns

April 18, 2026 Yanac

CVE-2026-40340 | gphoto libgphoto2 up to 2.5.33 camlibs/ptp2/ptp-pack.c ptp_unpack_OI out-of-bounds (GHSA-xfw3-xvjp-5wcv)

A vulnerability was found in gphoto libgphoto2 up to 2.5.33. It has been rated as critical. The affected element is

Security Vulns

April 18, 2026 Yanac

CVE-2026-40476 | webonyx graphql-php up to 15.31.4 OverlappingFieldsCanBeMerged algorithmic complexity (GHSA-68jq-c3rv-pcrr)

A vulnerability categorized as problematic has been discovered in webonyx graphql-php up to 15.31.4. The impacted element is the function

Security Vulns

April 18, 2026 Yanac

CVE-2026-40477 | thymeleaf/thymeleaf-spring5/thymeleaf-spring6 up to 3.1.3 expression language injection (GHSA-r4v4-5mwr-2fwr)

A vulnerability identified as problematic has been detected in thymeleaf, thymeleaf-spring5 and thymeleaf-spring6 up to 3.1.3. This affects an unknown

Security Vulns

April 18, 2026 Yanac

CVE-2026-40478 | thymeleaf/thymeleaf-spring5/thymeleaf-spring6 up to 3.1.3 expression language injection (GHSA-xjw8-8c5c-9r79)

A vulnerability labeled as problematic has been found in thymeleaf, thymeleaf-spring5 and thymeleaf-spring6 up to 3.1.3. This impacts an unknown

Security Vulns

April 18, 2026 Yanac

CVE-2026-35582 | NSA Emissary up to 8.42.x Temporary File Executrix.getCommand os command injection (GHSA-3p24-9x7v-7789)

A vulnerability marked as critical has been reported in NSA Emissary up to 8.42.x. Affected is the function Executrix.getCommand of

← Previous
Next →

Recent

Nothing’s modular CMF Headphone Pro are down to their lowest price to date
NIST to stop rating non-priority flaws due to volume increase
SecTor 2025 | How Adversaries Beat User-Mode Protection Engines for Over a Decade
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 93