Open WebUI IDOR: Calendar event re-parenting allows writing events into another user's calendar

NocoDB: Server-Side Request Forgery via Spreadsheet Import Endpoint

NocoDB: Server-Side Request Forgery via Base Migration URL

NocoDB: Stored Cross-Site Scripting via Secure Attachment

NocoDB: Refresh Tokens Persist Through Password Recovery

NocoDB: Server-Side Request Forgery via Spreadsheet Fetch URL

vLLM: OOM Denial of Service via Audio Decompression Bomb

vLLM: incomplete CVE-2026-22778 fix leaks PIL repr addresses via Anthropic router

vLLM: GGUF dequantize kernel int truncation exposes uninitialized GPU memory in multi-tenant serving

vLLM: temperature=NaN and temperature=Infinity bypass validation and propagate to GPU kernels

Traefik: Kubernetes Gateway crossProviderNamespaces bypass allows HTTPRoute outside the allowlist to expose internal Traefik services

Chrome DevTools for agents: daemon.pid write follows symlinks in /tmp fallback runtime directory

Pi Agent: Pi loads project-local extensions without approval

The Points Management System For Gamification, Ranks, Badges, and Loyalty Rewards Program – myCred plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'wrap' Shortcode Attribute in all versions up to, and including, 3.1 due to insufficient input sanitization and output es...

The Permalink Manager Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via post titles in the admin URI Editor interface in all versions up to, and including, 2.5.3.3 due to insufficient output escaping. This makes it possible for authenticated attackers, with Contributor-level...

The LearnPress WordPress plugin before 4.3.7 does not gate the `edit` context on one of its REST endpoint behind the `edit_users` capability, allowing unauthenticated visitors to retrieve each returned user's roles, full capabilities map, extra capabilities, locale, and registration date via a...