Medium · CVSS 6.4
A container privilege escalation flaw was found in certain Multi-Cloud Object Gateway Core images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root user, can leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the container
Published Mar 13, 2026 · Updated Jul 10, 2026
Critical · CVSS 9.8
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to access protected user data.
Published Mar 31, 2025 · Updated Jul 9, 2026
Medium · CVSS 6.3
This issue was addressed with improved checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. An app may be able to break out of its sandbox.
Published Mar 31, 2025 · Updated Jul 9, 2026
Critical · CVSS 9.8
The issue was addressed with improved restriction of data container access. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5, tvOS 18.4, watchOS 11.4. An app may be able to access sensitive user data.
Published Mar 31, 2025 · Updated Jul 9, 2026
Medium · CVSS 5.5
A path handling issue was addressed with improved validation. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5, tvOS 18.4, watchOS 11.4. A malicious app may be able to access private information.
Published Mar 31, 2025 · Updated Jul 9, 2026
Critical · CVSS 9.8
This issue was addressed with improved access restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicious app acting as a HTTPS proxy could get access to sensitive user data.
Published Mar 31, 2025 · Updated Jul 9, 2026
High · CVSS 8.8
A type confusion issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5. An attacker with user privileges may be able to read kernel memory.
Published Mar 31, 2025 · Updated Jul 9, 2026
Critical · CVSS 9.8
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to enable iCloud storage features without user consent.
Published Mar 31, 2025 · Updated Jul 9, 2026
Critical · CVSS 9.8
This issue was addressed with improved memory handling. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4. Processing a maliciously crafted video file may lead to unexpected app termination or corrupt process memory.
Published Mar 31, 2025 · Updated Jul 9, 2026
Critical · CVSS 9.8
An injection issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to access user-sensitive data.
Published Mar 31, 2025 · Updated Jul 9, 2026
Medium · CVSS 4.6
The issue was addressed with improved checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, visionOS 2.4, watchOS 11.4. An attacker with physical access to a locked device may be able to view sensitive user information.
Published Mar 31, 2025 · Updated Jul 9, 2026
High · CVSS 8.1
The issue was addressed with improved input validation. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, visionOS 2.4, watchOS 11.4. A malicious website may be able to claim WebAuthn credentials from another website that shares a registrable suffix.
Published Mar 31, 2025 · Updated Jul 8, 2026
Critical · CVSS 9.8
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to modify protected parts of the file system.
Published Mar 31, 2025 · Updated Jul 8, 2026
Critical · CVSS 9.8
A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to cause unexpected system termination.
Published Mar 31, 2025 · Updated Jul 8, 2026
Critical · CVSS 9.8
A library injection issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. Apps that appear to use App Sandbox may be able to launch without restrictions.
Published Mar 31, 2025 · Updated Jul 8, 2026
High · CVSS 7.8
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to gain root privileges.
Published Mar 31, 2025 · Updated Jul 8, 2026
Critical · CVSS 9.8
An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. Playing a malicious audio file may lead to an unexpected app termination.
Published Mar 31, 2025 · Updated Jul 8, 2026
Critical · CVSS 9.8
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to access protected user data.
Published Mar 31, 2025 · Updated Jul 8, 2026
Critical · CVSS 9.8
A type confusion issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An attacker may be able to cause unexpected app termination.
Published Mar 31, 2025 · Updated Jul 8, 2026
Medium · CVSS 5.5
A logic error was addressed with improved error handling. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. Parsing an image may lead to disclosure of user information.
Published Mar 31, 2025 · Updated Jul 8, 2026
Critical · CVSS 9.8
This issue was addressed through improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, watchOS 11.4. An app may be able to break out of its sandbox.
Published Mar 31, 2025 · Updated Jul 8, 2026
Medium · CVSS 5.5
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5. A malicious app may be able to access private information.
Published Mar 31, 2025 · Updated Jul 8, 2026
Critical · CVSS 9.8
This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. An app may be able to delete files for which it does not have permission.
Published Mar 31, 2025 · Updated Jul 8, 2026
Medium · CVSS 5.5
A privacy issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.4, macOS Sequoia 15.5, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to access user-sensitive data.
Published Mar 31, 2025 · Updated Jul 8, 2026
Critical · CVSS 9.8
An authentication issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A Shortcut may run with admin privileges without authentication.
Published Mar 31, 2025 · Updated Jul 8, 2026
Critical · CVSS 9.8
A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, visionOS 2.4, watchOS 11.4. An app may be able to cause unexpected system termination.
Published Mar 31, 2025 · Updated Jul 8, 2026
Critical · CVSS 9.8
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An attacker in a privileged position may be able to perform a denial-of-service.
Published Mar 31, 2025 · Updated Jul 8, 2026
High · CVSS 7.4
FastMCP is the standard framework for building MCP applications. Prior to version 2.14.2, the server does not properly respect the resource parameter submitted by the client in the authorization and token request. Instead of issuing the token explicitly for the MCP server, the token is issued for the base_url passed to the OAuthProxy during initialization. This issue has been patched 2.14.2.
Published Mar 16, 2026 · Updated Jul 8, 2026
High · CVSS 8.8
Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute arbitrary code
Published Mar 25, 2026 · Updated Jul 7, 2026
Critical · CVSS 9.8
An issue in Lantronix EDS3000PS v.3.1.0.0R2 allows an attacker to execute arbitrary code and obtain sensitive information via the ltrx_evo component
Published Mar 11, 2026 · Updated Jul 5, 2026
Medium · CVSS 6.1
A Cross-Site Scripting (XSS) vulnerability exists in Znuny::ITSM 6.5.x in the customer.pl endpoint via the OTRSCustomerInterface parameter
Published Mar 23, 2026 · Updated Jul 5, 2026
High · CVSS 8.8
The `flow/admin/moniteur.php` script in Use It Flow administration website before 10.0.0 is vulnerable to Remote Code Execution. When handling GET requests, the script takes user-supplied input from the `action` URL parameter, performs insufficient validation, and incorporates this input into a string that is subsequently executed by the `eval()` function. Although a `method_exists()` check is performed, it only validates the part of the user input *before* the first parenthesis `(`, allowing an attacker to append arbitrary PHP code after a valid method call structure. Successful exploitation allows an unauthenticated or trivially authenticated attacker to execute arbitrary PHP code on the server with the privileges of the web server process.
Published Mar 16, 2026 · Updated Jul 5, 2026
Medium · CVSS 6.1
A Reflected Cross-Site Scripting (XSS) vulnerability has been identified in DSpace JSPUI 6.5 within the search/discover filtering functionality. The vulnerability exists due to improper sanitization of user-supplied input via the filter_type_1 parameter.
Published Mar 27, 2026 · Updated Jul 5, 2026
High · CVSS 8.8
The Terrapack software, from ASTER TEC / ASTER S.p.A., with the indicated components and versions has a file upload vulnerability that may allow attackers to execute arbitrary code. Vulnerable components include Terrapack TkWebCoreNG:: 1.0.20200914, Terrapack TKServerCGI 2.5.4.150, and Terrapack TpkWebGIS Client 1.0.0.
Published Mar 20, 2026 · Updated Jul 5, 2026
Critical · CVSS 9.8
An issue was discovered in Lantronix EDS3000PS 3.1.0.0R2. The host parameter of the TFTP client in the Filesystem Browser page is not properly sanitized. This can be exploited to escape from the original command and execute an arbitrary one with root privileges.
Published Mar 11, 2026 · Updated Jul 5, 2026
Critical · CVSS 9.1
An issue was discovered in Lantronix EDS3000PS 3.1.0.0R2. The authentication on management pages can be bypassed by appending a specific suffix to the URL and by sending an Authorization header that uses "admin" as the username.
Published Mar 11, 2026 · Updated Jul 5, 2026
Critical · CVSS 9.8 · CISA KEV
An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The HTTP RPC module executes a shell command to write logs when user's authantication fails. The username is directly concatenated with the command without any sanitization. This allow attackers to inject arbitrary OS commands into the username parameter. Injected commands are executed with root privileges.
Published Mar 11, 2026 · Updated Jul 5, 2026
High · CVSS 8.8
An issue was discovered in Lantronix EDS5000 2.1.0.0R3. An authenticated attacker can inject OS commands into the "tunnel" parameter when killing a tunnel connection. Injected commands are executed with root privileges.
Published Mar 11, 2026 · Updated Jul 5, 2026
High · CVSS 8.8
An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The Log Info page allows users to see log files by specifying their names. Due to a missing sanitization in the file name parameter, an authenticated attacker can inject arbitrary OS commands that are executed with root privileges.
Published Mar 11, 2026 · Updated Jul 5, 2026
Critical · CVSS 9.8
An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The SSH Client and SSH Server pages are affected by multiple OS injection vulnerabilities due to missing sanitization of input parameters. An attacker can inject arbitrary commands in delete actions of various objects, such as server keys, users, and known hosts. Commands are executed with root privileges.
Published Mar 11, 2026 · Updated Jul 5, 2026
High · CVSS 8.8
An issue was discovered in Lantronix EDS5000 2.1.0.0R3. An authenticated attacker can inject OS commands into the "name" parameter when deleting SSL credentials through the management interface. Injected commands are executed with root privileges.
Published Mar 11, 2026 · Updated Jul 5, 2026
High · CVSS 7.5
Incorrect access control in the REST API of Ibexa & Ciril GROUP eZ Platform / Ciril Platform 2.x allows unauthenticated attackers to access sensitive data via enumerating object IDs.
Published Mar 6, 2026 · Updated Jul 5, 2026
Low · CVSS 3.3
Easy Grade Pro 4.1.0.2 contains a file parsing logic flaw in the handling of proprietary .EGP gradebook files. By modifying specific fields at precise offsets within an otherwise valid .EGP file, an attacker can trigger an out-of-bounds memory read during parsing. This results in an unhandled access violation and application crash, leading to a local denial-of-service condition when the crafted file is opened by a user.
Published Mar 11, 2026 · Updated Jul 5, 2026
Critical · CVSS 9.8
A deserialization vulnerability in LimeSurvey before v6.15.0+250623 allows a remote attacker to execute arbitrary code on the server.
Published Mar 10, 2026 · Updated Jul 5, 2026
High · CVSS 7.5
SQL Injection vulnerability in LimeSurvey before v.6.15.4+250710 allows a remote attacker to obtain sensitive information from the database.
Published Mar 10, 2026 · Updated Jul 5, 2026
Medium · CVSS 5.4
SyncFusion 30.1.37 is vulnerable to Cross Site Scripting (XSS) via the Document-Editor reply to comment field and Chat-UI Chat message.
Published Mar 20, 2026 · Updated Jul 5, 2026
Critical · CVSS 9.9
Insecure Access Control in Contact Plan, E-Mail, SMS and Fax components in Asseco SEE Live 2.0 allows remote attackers to access and execute attachments via a computable URL.
Published Mar 11, 2026 · Updated Jul 5, 2026
Medium · CVSS 6.5
Local File Inclusion in Contact Plan, E-Mail, SMS and Fax components in Asseco SEE Live 2.0 allows remote authenticated users to access files on the host via "path" parameter in the downloadAttachment and downloadAttachmentFromPath API calls.
Published Mar 12, 2026 · Updated Jul 5, 2026
Medium · CVSS 6.5
Tenda W18E v2.0 v16.01.0.11 was discovered to contain a stack overflow in the wifiSSID parameter at /goform/setModules. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
Published Mar 20, 2025 · Updated Jul 5, 2026
Medium · CVSS 4.8
A stored cross-scripting (XSS) vulnerability in Openmrs v2.4.3 Build 0ff0ed allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the personName.middleName parameter at /openmrs/admin/patients/shortPatientForm.form.
Published Mar 11, 2025 · Updated Jul 5, 2026