6.5
CVE-2026-3255 - HTTP::Session2 versions before 1.12 for Perl may generate weak session ids using the rand() function
HTTP::Session2 versions before 1.12 for Perl for Perl may generate weak session ids using the rand() function. The HTTP::Session2 session id generator returns a SHA-1 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epβ¦
7.5
CVE-2026-27836 - phpMyFAQ Allows Unauthenticated Account Creation via WebAuthn Prepare Endpoint
phpMyFAQ is an open source FAQ web application. Prior to version 4.0.18, the WebAuthn prepare endpoint (`/api/webauthn/prepare`) creates new active user accounts without any authentication, CSRF protection, captcha, or configuration checks. This allows unauthenticated attackers to create unlimited β¦
9.4
CVE-2026-27947 - Group-Office Vulnerable to Remote Code Execution (RCE)
Group-Office is an enterprise customer relationship management and groupware tool. Versions prior to 26.0.9, 25.0.87, and 6.8.154 have an authenticated Remote Code Execution vulnerability in the TNEF attachment processing flow. The vulnerable path extracts attacker-controlled files from `winmail.daβ¦
7.1
CVE-2026-27832 - Group-Office Has Authenticated SQL Injection in advancedQueryData.comparator
Group-Office is an enterprise customer relationship management and groupware tool. Versions prior to 26.0.8, 25.0.87, and 6.8.153 have a SQL Injection (SQLi) vulnerability, exploitable through the `advancedQueryData` parameter (`comparator` field) on an authenticated endpoint. The endpoint `index.pβ¦
5.3
CVE-2026-27824 - calibre has IP Ban Bypass via X-Forwarded-For Header Spoofing
calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, the calibre Content Server's brute-force protection mechanism uses a ban key derived from both `remote_addr` and the `X-Forwarded-For` header. Since the `X-Forwarded-For` heaβ¦
6.4
CVE-2026-27810 - calibre Vulnerable to HTTP Response Header Injection
calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, an HTTP Response Header Injection vulnerability in the calibre Content Server allows any authenticated user to inject arbitrary HTTP headers into server responses via an unsaβ¦
6.5
CVE-2026-27734 - Beszel Vulnerable to Docker API Path Traversal via Unsanitized Container ID
Beszel is a server monitoring platform. Prior to version 0.18.2, the hub's authenticated API endpoints GET /api/beszel/containers/logs and GET /api/beszel/containers/info pass the user-supplied "container" query parameter to the agent without validation. The agent constructs Docker Engine API URLs β¦
6.5
CVE-2026-27793 - Seerr has Broken Object-Level Authorization in User Profile Endpoint that Exposes Third-Party Notifβ¦
Seerr is an open-source media request and discovery manager for Jellyfin, Plex, and Emby. Prior to version 3.1.0, the `GET /api/v1/user/:id` endpoint returns the full settings object for any user, including Pushover, Pushbullet, and Telegram credentials, to any authenticated requester regardless ofβ¦
5.4
CVE-2026-27792 - Seerr missing authentication on pushSubscription endpoints
Seerr is an open-source media request and discovery manager for Jellyfin, Plex, and Emby. A missing authorization vulnerability has been identified in the application starting in version 2.7.0 and prior to version 3.1.0. It allows authenticated users to access and modify data belonging to other useβ¦
7.3
CVE-2026-27707 - Plex-configured Seerr instances vulnerable to unauthenticated account registration via Jellyfin autβ¦
Seerr is an open-source media request and discovery manager for Jellyfin, Plex, and Emby. Starting in version 2.0.0 and prior to version 3.1.0, an authentication guard logic flaw in `POST /api/v1/auth/jellyfin` allows an unauthenticated attacker to register a new Seerr account on any Plex-configureβ¦