CVE Vulnerabilities - 15 May 2026

Some Google Cloud Application Integration internal API endpoints allowed unauthorized access to sensitive information. This could be exploited by attackers to steal sensitive data or take control of t...

An attacker can inject malicious code into the PDF export feature of DHTMLX Gantt and Scheduler, potentially taking control of the server. This is a serious risk because it allows an unauthenticated a...

A security issue affects radare2 6.1.5. Attackers can send malicious data to cause radare2 to crash or potentially take control of the system. We recommend updating to a newer version of radare2 to fi...

The phpMyFAQ software before version 4.1.2 has a security weakness that could allow unauthorized access to sensitive data. This weakness affects the security of user credentials, admin tokens, and SMT...

A security flaw in the WP Super Edit plugin for WordPress allows hackers to upload harmful files without being checked. This can lead to a hacker gaining control of your website or server. To fix this...

The radare2 debugging tool has a security flaw that can be exploited by attackers using a remote debugging feature. This flaw can cause radare2 to crash or allow attackers to take control of the syste...

The MCP Calculate Server, used for mathematical calculations, has a security issue that allows attackers to execute malicious code. This could lead to unauthorized access to your system. Update to the...

The Form Notify plugin for WordPress versions up to 1.1.10 allows attackers to access any account, including admin accounts, on your site by tricking the plugin into thinking they're a different user....

Diagram's export module allows unauthorized users to include local files in generated PDFs, potentially revealing sensitive information. This issue has been fixed in version 1.1.1. Update to the lates...

The AMD Device Metrics Exporter in the ROCm ecosystem has a security issue that allows a remote attacker to make unauthorized changes to the GPU configuration, which could cause the GPU to become unav...

A security issue in coreMQTT's MQTT v5.0 property parser can cause a denial of service when an MQTT broker sends a specially crafted packet. This affects users who are not running the latest version o...

An attacker can try many different passwords for a user's two-factor authentication code, eventually guessing it correctly and gaining full access to the admin panel. This is a serious issue because a...

LibJWT, a library used for JSON Web Tokens, has a flaw in versions 3.0.0 to 3.3.2. This can allow an attacker to create fake tokens without knowing the secret key. If you're using LibJWT, update to ve...

This update affects Red Hat Hardened Images RPMs. It addresses several security and non-security issues, ensuring the integrity and stability of the images. IT teams should review and apply the update...

An attacker with a Schlix CMS account can upload a malicious file that executes their own code. This could allow them to access sensitive data or take control of the website. Update to the latest vers...

Authenticated app users can update datasource connection parameters, potentially exposing internal services. This is because the update endpoint is protected with a permission level that allows all au...

Tabby Terminal Emulator has a security flaw that lets hackers run malicious commands on your computer by clicking a specially crafted link. This is a serious issue because it can lead to unauthorized ...

OpenEXR, a library for reading and writing image files, has been updated on Red Hat Linux systems to fix a security issue. If left unpatched, attackers could potentially run malicious code on affected...

A security issue affects OpenEXR on Red Hat Linux systems. If exploited, an attacker could potentially read sensitive files on the system. It's recommended to update OpenEXR to the latest version avai...

A security issue has been discovered in the OpenEXR library used by Red Hat products. This issue could allow an attacker to execute arbitrary code on a vulnerable system. You should update your Red Ha...

OpenEXR, a library for reading and writing image files, has been updated to fix a security issue. This issue could allow an attacker to manipulate image data, potentially leading to data corruption or...

PackageKit, a package management system, has been updated to fix a security issue. This issue could allow an attacker to run malicious code on a user's system. Red Hat recommends updating PackageKit t...

PackageKit, a software package manager for Linux systems, has a security issue that allows unprivileged users to access sensitive files. This could potentially allow attackers to gain unauthorized acc...

PackageKit is a software package manager on Linux systems. An update is available to fix a security issue that could allow an attacker to execute malicious code on your system. It's recommended to upd...

The DynamiApps Frontend Admin plugin for WordPress has a security flaw that could allow an attacker to gain administrator access to your website. This is a serious issue because it could let an attack...