6.5
CVE-2026-28271 - Kiteworks Core is vulnerable to Server-Side Request Forgery (SSRF)
Kiteworks is a private data network (PDN). Prior to version 9.2.0, a vulnerability in Kiteworks configuration functionality allows bypassing of SSRF protections through DNS rebinding attacks. Malicious administrators could exploit this to access internal services that should be restricted. Version β¦
4.9
CVE-2026-28270 - Kiteworks Core has an Unrestricted Upload of File with Dangerous Type
Kiteworks is a private data network (PDN). Prior to version 9.2.0, a vulnerability in Kiteworks configuration allows uploading of arbitrary files without proper validation. Malicious administrators could exploit this to upload unauthorized file types to the system. Version 9.2.0 contains a patch foβ¦
9.8
CVE-2026-28268 - Vikunja Vulnerable to Account Takeover via Password Reset Token Reuse
Vikunja is an open-source self-hosted task management platform. Versions prior to 2.1.0 have a business logic vulnerability exists in the password reset mechanism of vikunja/api that allows password reset tokens to be reused indefinitely. Due to a failure to invalidate tokens upon use and a criticaβ¦
6.5
CVE-2018-25160 - HTTP::Session2 versions through 1.09 for Perl does not validate the format of user provided sessionβ¦
HTTP::Session2 versions through 1.09 for Perl does not validate the format of user provided session ids, enabling code injection or other impact depending on session backend. For example, if an application uses memcached for session storage, then it may be possible for a remote attacker to inject β¦
5.5
CVE-2026-28231 - pillow_heif Has Integer Overflow in Encode Path Buffer Validation that Leads to Heap Out-of-Bounds β¦
pillow_heif is a Python library for working with HEIF images and plugin for Pillow. Prior to version 1.3.0, an integer overflow in the encode path buffer validation of `_pillow_heif.c` allows an attacker to bypass bounds checks by providing large image dimensions, resulting in a heap out-of-bounds β¦
6.5
CVE-2026-3255 - HTTP::Session2 versions before 1.12 for Perl may generate weak session ids using the rand() function
HTTP::Session2 versions before 1.12 for Perl for Perl may generate weak session ids using the rand() function. The HTTP::Session2 session id generator returns a SHA-1 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epβ¦
7.5
CVE-2026-27836 - phpMyFAQ Allows Unauthenticated Account Creation via WebAuthn Prepare Endpoint
phpMyFAQ is an open source FAQ web application. Prior to version 4.0.18, the WebAuthn prepare endpoint (`/api/webauthn/prepare`) creates new active user accounts without any authentication, CSRF protection, captcha, or configuration checks. This allows unauthenticated attackers to create unlimited β¦
9.4
CVE-2026-27947 - Group-Office Vulnerable to Remote Code Execution (RCE)
Group-Office is an enterprise customer relationship management and groupware tool. Versions prior to 26.0.9, 25.0.87, and 6.8.154 have an authenticated Remote Code Execution vulnerability in the TNEF attachment processing flow. The vulnerable path extracts attacker-controlled files from `winmail.daβ¦
7.1
CVE-2026-27832 - Group-Office Has Authenticated SQL Injection in advancedQueryData.comparator
Group-Office is an enterprise customer relationship management and groupware tool. Versions prior to 26.0.8, 25.0.87, and 6.8.153 have a SQL Injection (SQLi) vulnerability, exploitable through the `advancedQueryData` parameter (`comparator` field) on an authenticated endpoint. The endpoint `index.pβ¦
5.3
CVE-2026-27824 - calibre has IP Ban Bypass via X-Forwarded-For Header Spoofing
calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, the calibre Content Server's brute-force protection mechanism uses a ban key derived from both `remote_addr` and the `X-Forwarded-For` header. Since the `X-Forwarded-For` heaβ¦