8.1
CVE-2026-40892 - PJSIP: Stack buffer overflow in pjsip_auth_create_digest2()
PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, a stack buffer overflow exists in pjsip_auth_create_digest2() in PJSIP when using pre-computed digest credentials (PJSIP_CRED_DATA_DIGEST). The function copies credential data using cred_info->data.sβ¦
8.7
CVE-2026-40909 - WWBN AVideo has a Path Traversal in Locale Save Endpoint that Enables Arbitrary PHP File Write to Aβ¦
WWBN AVideo is an open source video platform. In versions 29.0 and prior, the locale save endpoint (`locale/save.php`) constructs a file path by directly concatenating `$_POST['flag']` into the path at line 30 without any sanitization. The `$_POST['code']` parameter is then written verbatim to thatβ¦
5.3
CVE-2026-40908 - WWBN AVideo has an Unauthenticated Information Disclosure via git.json.php that Exposes Developer Eβ¦
WWBN AVideo is an open source video platform. In versions 29.0 and prior, the file `git.json.php` at the web root executes `git log -1` and returns the full output as JSON to any unauthenticated user. This exposes the exact deployed commit hash (enabling version fingerprinting against known CVEs), β¦
7.5
CVE-2026-40890 - github.com/gomarkdown/markdown: Out-of-bounds Read in SmartypantsRenderer
The package `github.com/gomarkdown/markdown` is a Go library for parsing Markdown text and rendering as HTML. Processing a malformed input containing a < character that is not followed by a > character anywhere in the remaining text with a SmartypantsRenderer will lead to Out of Bounds read or a paβ¦
6.5
CVE-2026-40907 - WWBN AVideo has IDOR in Live Restreams list.json.php that Exposes Other Users' Stream Keys and OAutβ¦
WWBN AVideo is an open source video platform. In versions 29.0 and prior, the endpoint `plugin/Live/view/Live_restreams/list.json.php` contains an Insecure Direct Object Reference (IDOR) vulnerability that allows any authenticated user with streaming permission to retrieve other users' live restreaβ¦
9.1
CVE-2026-40903 - Goshs - ArtiPACKED Vulnerability β GitHub Actions Credential Persistence
goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.6, goshs has an ArtiPACKED vulnerability. ArtiPACKED can lead to leakage of the GITHUB_TOKEN through workflow artifacts, even though the token is not present in the repository source code. This vulnerability is fixed in 2.0.0-beta.6.
8.7
CVE-2026-6819 - HKUDS OpenHarness Plugin Management Command Exposure
HKUDS OpenHarness prior to PR #156 remediation exposes plugin lifecycle commands including /plugin install, /plugin enable, /plugin disable, and /reload-plugins to remote senders by default. Attackers who gain access through the channel layer can remotely manage plugin trust and activation state, eβ¦
7.7
CVE-2026-40885 - goshs: Public collaborator feed leaks .goshs ACL credentials and enables unauthorized access
goshs is a SimpleHTTPServer written in Go. From 2.0.0-beta.4 to 2.0.0-beta.5, goshs leaks file-based ACL credentials through its public collaborator feed when the server is deployed without global basic auth. Requests to .goshs-protected folders are logged before authorization is enforced, and the β¦
9.8
CVE-2026-40884 - goshs: Empty-username SFTP password authentication bypass in goshs
goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.6, goshs contains an SFTP authentication bypass when the documented empty-username basic-auth syntax is used. If the server is started with -b ':pass' together with -sftp, goshs accepts that configuration but does not install any SFTP pβ¦
6.1
CVE-2026-40883 - goshs: CSRF in state-changing GET routes enables authenticated file deletion and directory creation
goshs is a SimpleHTTPServer written in Go. From 2.0.0-beta.4 to 2.0.0-beta.5, goshs contains a cross-site request forgery issue in its state-changing HTTP GET routes. An external attacker can cause an already authenticated browser to trigger destructive actions such as ?delete and ?mkdir because goβ¦