u/cve-daily

▲ 3 r/pwnhub

Invocation of process using visible sensitive information vulnerability in TUBITAK BILGEM Software Technologies Research Institute... (CVE-2026-12250 Discussion)

CVE ID: CVE-2026-12250 Severity: HIGH | CVSS Score: 7.9/10


Invocation of process using visible sensitive information vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Domain Joiner allows Excavation.

This issue affects Pardus Domain Joiner: from 0.5.2 before 0.5.4.


🔗 View on NVD

Discussion thread created via CVE Daily tracker. Share your analysis, PoCs, mitigations and detections below.

reddit.com
u/cve-daily — 5 hours ago
▲ 2 r/pwnhub

A security flaw has been discovered in CodeAstro Apartment Visitor Management System 1.0. The impacted... (CVE-2026-14689 Discussion)

CVE ID: CVE-2026-14689 Severity: MEDIUM | CVSS Score: 6.3/10


A security flaw has been discovered in CodeAstro Apartment Visitor Management System 1.0. The impacted element is an unknown function of the file /apartment-visitor/add-apartment.php. The manipulation of the argument apartmentno results in sql injection. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks.


🔗 View on NVD

Discussion thread created via CVE Daily tracker. Share your analysis, PoCs, mitigations and detections below.

reddit.com
u/cve-daily — 10 hours ago
▲ 2 r/pwnhub

A vulnerability has been found in HdrHistogram up to 2.2.2. This vulnerability affects the function... (CVE-2026-14685 Discussion)

CVE ID: CVE-2026-14685 Severity: LOW | CVSS Score: 3.3/10


A vulnerability has been found in HdrHistogram up to 2.2.2. This vulnerability affects the function recordValueWithCount of the file src/main/java/org/HdrHistogram/AbstractHistogram.java of the component AbstractHistogram. Such manipulation of the argument Count leads to state issue. The attack can only be performed from a local environment. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded ye


🔗 View on NVD

Discussion thread created via CVE Daily tracker. Share your analysis, PoCs, mitigations and detections below.

reddit.com
u/cve-daily — 10 hours ago
▲ 2 r/pwnhub

Crypt::DSA versions before 1.22 for Perl draw the DSA signing nonce and private key from... (CVE-2026-14570 Discussion)

CVE ID: CVE-2026-14570 Severity: UNKNOWN


Crypt::DSA versions before 1.22 for Perl draw the DSA signing nonce and private key from a biased random generator, leading to private-key recovery.

"Crypt::DSA::Util::makerandom forces the high bit of every value it returns to obtain an exactly N-bit integer for prime search. The signing nonce and the private key are drawn from makerandom. Because the high bit is always set, the result is not uniform: its top bit is fixed, producing insecure values."

An attacker who collects a modest number o


🔗 View on NVD

Discussion thread created via CVE Daily tracker. Share your analysis, PoCs, mitigations and detections below.

reddit.com
u/cve-daily — 11 hours ago
▲ 2 r/pwnhub

A flaw has been found in HdrHistogram up to 2.2.2. This affects the function org.HdrHistogram.AbstractHistogram.decodeFromByteBuffer... (CVE-2026-14684 Discussion)

CVE ID: CVE-2026-14684 Severity: LOW | CVSS Score: 3.3/10


A flaw has been found in HdrHistogram up to 2.2.2. This affects the function org.HdrHistogram.AbstractHistogram.decodeFromByteBuffer of the file src/main/java/org/HdrHistogram/AbstractHistogram.java. This manipulation of the argument numberOfSignificantValueDigits causes uncontrolled memory allocation. The attack can only be executed locally. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet.


🔗 View on NVD

Discussion thread created via CVE Daily tracker. Share your analysis, PoCs, mitigations and detections below.

reddit.com
u/cve-daily — 11 hours ago
▲ 3 r/pwnhub

A vulnerability was found in SourceCodester Multi-Vendor Online Grocery Management System 1.0. This affects the... (CVE-2026-14695 Discussion)

CVE ID: CVE-2026-14695 Severity: HIGH | CVSS Score: 7.3/10


A vulnerability was found in SourceCodester Multi-Vendor Online Grocery Management System 1.0. This affects the function save_client of the file classes/Users.php of the component Registration Handler. The manipulation of the argument Name results in sql injection. It is possible to launch the attack remotely. The exploit has been made public and could be used.


🔗 View on NVD

Discussion thread created via CVE Daily tracker. Share your analysis, PoCs, mitigations and detections below.

reddit.com
u/cve-daily — 14 hours ago
▲ 3 r/pwnhub

In multi-tenanted deployments, the application consent management mechanism fails to correctly isolate consent scopes between... (CVE-2025-13475 Discussion)

CVE ID: CVE-2025-13475 Severity: LOW | CVSS Score: 3.5/10


In multi-tenanted deployments, the application consent management mechanism fails to correctly isolate consent scopes between tenants. Consent granted by a user for a specific SaaS application within one tenant can be incorrectly applied to SaaS applications with the same name in other tenants, leading to unintended cross-tenant consent sharing.

This vulnerability may result in the exposure of user data across tenants, enabling SaaS applications in different tenants to access and modify informa


🔗 View on NVD

Discussion thread created via CVE Daily tracker. Share your analysis, PoCs, mitigations and detections below.

reddit.com
u/cve-daily — 23 hours ago
▲ 2 r/pwnhub

Hoppscotch is an API development ecosystem. In self-hosted deployments of hoppscotch-backend from version 2026.4.1 and... (CVE-2026-50160 Discussion)

CVE ID: CVE-2026-50160 Severity: CRITICAL | CVSS Score: 10/10


Hoppscotch is an API development ecosystem. In self-hosted deployments of hoppscotch-backend from version 2026.4.1 and earlier, the unauthenticated POST /v1/onboarding/config endpoint is vulnerable to mass assignment. The global NestJS ValidationPipe is configured without whitelist: true, so extra properties on the request body that are not declared in SaveOnboardingConfigRequest are not stripped and are iterated in the service layer as if they were legitimate InfraConfig entries. Because keys s


🔗 View on NVD

Discussion thread created via CVE Daily tracker. Share your analysis, PoCs, mitigations and detections below.

reddit.com
u/cve-daily — 1 day ago
▲ 2 r/pwnhub

The silent Just-In-Time (JIT) provisioning feature in federated authentication implementations fails to properly segregate user... (CVE-2024-1248 Discussion)

CVE ID: CVE-2024-1248 Severity: MEDIUM | CVSS Score: 4.8/10


The silent Just-In-Time (JIT) provisioning feature in federated authentication implementations fails to properly segregate user roles during account creation when a federated user shares a username with a local user. This allows the provisioning process to overwrite existing roles of local users with roles assigned to the federated user.

Exploitation requires a federated identity provider (IDP) with silent JIT provisioning enabled and an attacker's knowledge of a local user's username. When the


🔗 View on NVD

Discussion thread created via CVE Daily tracker. Share your analysis, PoCs, mitigations and detections below.

reddit.com
u/cve-daily — 1 day ago
▲ 5 r/pwnhub

The Database for Contact Form 7, WPforms, Elementor forms plugin for WordPress is vulnerable to... (CVE-2026-9145 Discussion)

CVE ID: CVE-2026-9145 Severity: MEDIUM | CVSS Score: 6.5/10


The Database for Contact Form 7, WPforms, Elementor forms plugin for WordPress is vulnerable to Arbitrary File Copy via the create_entry_el() function in versions up to, and including, 1.5.1. The function reads raw_value from Elementor Pro's Form_Record object for upload-type fields and passes it directly to PHP's copy() without validating that the value corresponds to a legitimately uploaded file — when no file is present in $_FILES, raw_value reflects the attacker-controlled POST string. copy(


🔗 View on NVD

Discussion thread created via CVE Daily tracker. Share your analysis, PoCs, mitigations and detections below.

reddit.com
u/cve-daily — 1 day ago
▲ 2 r/pwnhub

picklescan before 0.0.30 fails to detect malicious pickle files using idlelib.run.Executive.runcode in reduce methods. Attackers... (CVE-2025-71342 Discussion)

CVE ID: CVE-2025-71342 Severity: HIGH | CVSS Score: 8.1/10


picklescan before 0.0.30 fails to detect malicious pickle files using idlelib.run.Executive.runcode in reduce methods. Attackers can embed undetected code in pickle files that executes during pickle.load, enabling remote code execution in PyTorch models and supply chain attacks.


🔗 View on NVD

Discussion thread created via CVE Daily tracker. Share your analysis, PoCs, mitigations and detections below.

reddit.com
u/cve-daily — 1 day ago
▲ 2 r/pwnhub

picklescan before 0.0.30 fails to detect malicious pickle files that exploit lib2to3.pgen2.pgen.ParserGenerator.make_label function in the... (CVE-2025-71343 Discussion)

CVE ID: CVE-2025-71343 Severity: HIGH | CVSS Score: 8.1/10


picklescan before 0.0.30 fails to detect malicious pickle files that exploit lib2to3.pgen2.pgen.ParserGenerator.make_label function in the reduce method. Attackers can craft malicious pickle files with embedded code that evades detection but executes arbitrary commands when pickle.load() is called.


🔗 View on NVD

Discussion thread created via CVE Daily tracker. Share your analysis, PoCs, mitigations and detections below.

reddit.com
u/cve-daily — 1 day ago
▲ 2 r/pwnhub

A use-after-free vulnerability exists in libcurl when an application configures an HTTP/2 stream-dependency tree via... (CVE-2026-10536 Discussion)

CVE ID: CVE-2026-10536 Severity: UNKNOWN


A use-after-free vulnerability exists in libcurl when an application configures an HTTP/2 stream-dependency tree via CURLOPT_STREAM_DEPENDS or CURLOPT_STREAM_DEPENDS_E, subsequently invokes curl_easy_reset(), and finally terminates the handle with curl_easy_cleanup(). During this final cleanup phase, libcurl attempts to access and modify an internal structure that was already freed during the reset operation.


🔗 View on NVD

Discussion thread created via CVE Daily tracker. Share your analysis, PoCs, mitigations and detections below.

reddit.com
u/cve-daily — 2 days ago
▲ 4 r/pwnhub

A vulnerability was identified in RT-Thread up to 5.0.2. Affected by this vulnerability is the... (CVE-2026-14605 Discussion)

CVE ID: CVE-2026-14605 Severity: HIGH | CVSS Score: 7.8/10


A vulnerability was identified in RT-Thread up to 5.0.2. Affected by this vulnerability is the function recvmsg in the library bsp/loongson/ls1cdev/libraries/ls1c_can.h of the component ls1c CAN Handler. Such manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.


🔗 View on NVD

Discussion thread created via CVE Daily tracker. Share your analysis, PoCs, mitigations and detections below.

reddit.com
u/cve-daily — 2 days ago
▲ 2 r/pwnhub

** UNSUPPORTED WHEN ASSIGNED ** Improper Validation of Specified Quantity in Input in the ASUS... (CVE-2022-4990 Discussion)

CVE ID: CVE-2022-4990 Severity: UNKNOWN


** UNSUPPORTED WHEN ASSIGNED ** Improper Validation of Specified Quantity in Input in the ASUS AI Suite 3 driver allows a local user to bypass security validation and access restricted memory blocks via crafted IOCTL requests, leading to privilege escalation.


🔗 View on NVD

Discussion thread created via CVE Daily tracker. Share your analysis, PoCs, mitigations and detections below.

reddit.com
u/cve-daily — 2 days ago