9
CVE-2026-3564 - ScreenConnect Instance Level Cryptographic Material Exposure
A condition in ScreenConnect may allow an actor with access to server-level cryptographic material used for authentication to obtain unauthorized access, including elevated privileges, in certain scenarios.
6.8
CVE-2025-13406 - Scanning for higher HART revision device leads into NULL pointer dereference in live list
NULL Pointer Dereference vulnerability in Softing Industrial Automation GmbH smartLink SW-HT (Webserver modules) allows HTTP DoS.This issue affects smartLink SW-HT: 1.43.
7.8
CVE-2026-3888 - Local Privilege Escalation in snapd
Local privilege escalation in snapd on Linux allows local attackers to get root privilege by re-creating snap's private /tmp directory when systemd-tmpfiles is configured to automatically clean up this directory. This issue affects Ubuntu 16.04 LTS, 18.04 LTS, 20.04 LTS, 22.04 LTS, and 24.04 LTS.
5.4
CVE-2026-4324 - Rubygem-katello: katello: denial of service and potential information disclosure via sql injection
A flaw was found in the Katello plugin for Red Hat Satellite. This vulnerability, caused by improper sanitization of user-provided input, allows a remote attacker to inject arbitrary SQL commands into the sort_by parameter of the /api/hosts/bootc_images API endpoint. This can lead to a Denial of Seโฆ
4.7
CVE-2025-62320 - HTML Injection Leading to Data Exfiltration to External Server vulnerability affects HCL Unica Platโฆ
HTML Injection can be carried out in Product when a web application does not properly check or clean user input before showing it on a webpage. Because of this, an attacker may insert unwanted HTML code into the page. When the browser loads the page, it may automatically interact with external resoโฆ
2.7
CVE-2025-31966 - Boolean-Based SQL Injection in Multiple Unica Components
HCL Sametime is vulnerable to broken server-side validation. While the application performs client-side input checks, these are not enforced by the web server. An attacker can bypass these restrictions by sending manipulated HTTP requests directly to the server.
4.3
CVE-2026-28563 - Apache Airflow: DAG authorization bypass
Apache Airflow versions 3.1.0 through 3.1.7 /ui/dependencies endpoint returns the full DAG dependency graph without filtering by authorized DAG IDs. This allows an authenticated user with only DAG Dependencies permission to enumerate DAGs they are not authorized to view. Users are recommended to โฆ
6.5
CVE-2026-26929 - Apache Airflow: Wildcard DagVersion Listing Bypasses PerโDAG RBAC and Leaks Metadata
Apache Airflow versions 3.0.0 through 3.1.7ย FastAPI DagVersion listing API does not apply per-DAG authorization filtering when the request is made with dag_id set to "~" (wildcard for all DAGs). As a result, version metadata of DAGs that the requester is not authorized to access is returned. Userโฆ
8.1
CVE-2026-30911 - Apache Airflow: Execution API HITL Endpoints Missing Per-Task Authorization
Apache Airflow versions 3.1.0 through 3.1.7 missing authorization vulnerability in the Execution API's Human-in-the-Loop (HITL) endpoints that allows any authenticated task instance to read, approve, or reject HITL workflows belonging to any other task instance. Users are recommended to upgrade tโฆ
7.5
CVE-2026-28779 - Apache Airflow: Path of session token in cookie does not consider base_url - session hijacking via โฆ
Apache Airflow versions 3.1.0 through 3.1.7ย session token (_token) in cookies is set to path=/ regardless of the configured [webserver] base_url or [api] base_url. This allows any application co-hosted under the same domain to capture valid Airflow session tokens from HTTP request headers, allowingโฆ