IBM InfoSphere Information Server versions 11.7.0.0 through 11.7.1.6 contain an information disclosure vulnerability (CWE-209) that allows authenticated attackers to access sensitive information over the network without user interaction. The vulnerability has a CVSS score of 4.3 with low attack complexity and low privileges required, meaning any logged-in user can exploit it. A vendor patch is available, reducing immediate risk for organizations that can deploy updates promptly.
A sandbox escape vulnerability in Apple's WebKit browser engine allows malicious websites to process restricted web content outside the security sandbox, potentially enabling unauthorized access to protected system resources. The vulnerability affects Safari and all Apple operating systems including iOS, iPadOS, macOS, tvOS, visionOS, and watchOS. Apple has addressed this issue through improved memory handling in Safari 26.4 and corresponding OS updates across all affected platforms.
An authorization and state management flaw in Apple's WebKit browser engine allows maliciously crafted webpages to fingerprint users by exploiting improper state handling during web interactions. This vulnerability affects Safari 26.4, iOS 26.4, iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4, and watchOS 26.4 across all Apple platforms. An attacker can exploit this by hosting a specially crafted webpage that leverages the state management weakness to extract browser or device identifiers without user knowledge, enabling user tracking and profiling attacks. No CVSS score, EPSS data, or public proof-of-concept details are currently available, though Apple has released fixes across all affected platforms.
Memory corruption in Apple Safari, iOS, iPadOS, macOS, and visionOS allows remote attackers to crash affected processes by delivering maliciously crafted web content to users. The vulnerability requires user interaction to view the malicious content and does not enable code execution or information disclosure. A patch is currently unavailable for this issue.
A logic error in Apple's script message handler implementation allows malicious websites to access script message handlers intended for other origins, resulting in unauthorized cross-origin information disclosure. This vulnerability affects Safari 26.4 and earlier, iOS/iPadOS 18.7.7 and earlier, macOS Tahoe 26.4 and earlier, and visionOS 26.4 and earlier. An attacker can craft a malicious website that exploits improper state management in the message handler routing mechanism to intercept sensitive data intended for legitimate web applications, potentially exposing authentication tokens, user data, or other confidential information passed through script messaging interfaces.
A cross-site scripting (XSS) vulnerability exists in Apple's Safari browser and iOS/iPadOS operating systems due to insufficient input validation in website content handling. An attacker can craft a malicious website that, when visited by a user, executes arbitrary JavaScript in the context of the victim's browser, potentially stealing credentials, session tokens, or performing actions on behalf of the user. Apple has released patches across Safari 26.4, iOS 18.7.7, iPadOS 18.7.7, iOS 26.4, iPadOS 26.4, and macOS Tahoe 26.4 to address this logic flaw, though no CVSS score, EPSS data, or KEV status has been publicly disclosed, suggesting this may be a proactive disclosure rather than an actively exploited vulnerability.
A Cross-Site Request Forgery (CSRF) vulnerability exists in the Drupal Theme Negotiation by Rules module, affecting all versions from 0.0.0 before 1.2.1. An attacker can exploit this flaw to perform unauthorized actions on behalf of authenticated users by crafting malicious requests that bypass CSRF protections in the theme negotiation functionality. The vulnerability has been officially documented by the Drupal security team via SA-contrib-2026-012, and users of this contrib module should prioritize patching to version 1.2.1 or later.
IBM InfoSphere Information Server versions 11.7.0.0 through 11.7.1.6 contain a cross-site request forgery (CSRF) vulnerability in the DataStage Flow Designer component that allows unauthenticated attackers to trigger unauthorized state-changing actions on behalf of authenticated users. The vulnerability has a CVSS score of 4.3 with low attack complexity and no privileges required, though it requires user interaction (UI:R). A vendor patch is available, and this represents an integrity-focused attack vector rather than confidentiality or availability impact.
Unauthorized file deletion in macOS Sequoia, Sonoma, and Tahoe allows unprivileged applications to delete files without proper permissions due to insufficient path validation. An attacker could exploit this vulnerability through a malicious app to remove sensitive files outside the application's intended scope. This medium-severity local vulnerability affects multiple recent macOS versions and currently has no available patch.
An information disclosure vulnerability in Apple's operating systems allows applications to enumerate a user's installed apps without proper authorization. This affects iOS, iPadOS, macOS, tvOS, visionOS, and watchOS versions prior to 26.4. An attacker can distribute a malicious app that queries the system to discover what applications a user has installed, potentially enabling targeted attacks or privacy violations. No CVSS score, EPSS data, or known public exploits are currently documented, but the vulnerability has been fixed across all Apple platforms, indicating Apple assessed this as requiring immediate remediation.
A logic issue in macOS Tahoe allows a malicious application to escape its sandbox and execute code outside of the restricted security boundary. This vulnerability affects macOS versions prior to 26.4 and represents a critical sandbox bypass that could enable arbitrary code execution with elevated privileges. While no CVSS score or active exploitation data is currently available, the sandbox escape capability makes this a high-priority patch for all affected macOS users.
A permissions enforcement vulnerability in macOS allows applications to bypass security restrictions and access protected user data due to insufficient authorization checks. This issue affects macOS Sequoia (prior to 15.7.5), macOS Sonoma (prior to 14.8.5), and macOS Tahoe (prior to 26.4). An attacker with the ability to execute an application on the affected system could potentially access sensitive user information without proper user consent or authorization. No CVSS score, EPSS data, or active exploitation in the wild (KEV status) has been disclosed by Apple.
IBM Maximo Application Suite Monitor Component versions 8.10, 8.11, 9.0, and 9.1 contain an improper neutralization vulnerability in log file handling that allows unauthorized users to inject arbitrary data into log messages. An attacker with local access can manipulate log entries to inject malicious content, potentially leading to log tampering and integrity compromise. While the CVSS score of 4.0 reflects low severity with no confidentiality or availability impact, the vulnerability requires no authentication or special privileges, making it a concern for environments with local access controls.
GitLab EE versions 18.1 through 18.8.6, 18.9.0 through 18.9.2, and 18.10.0 suffer from improper caching of authorization decisions that allows authenticated users to gain unauthorized access to resources under certain conditions. The vulnerability requires user interaction and has relatively high attack complexity, but impacts confidentiality and integrity of accessed resources. No public evidence of active exploitation or proof-of-concept code is currently documented.
An authenticated path traversal vulnerability in Zoraxy's configuration import endpoint (POST /api/conf/import) allows authenticated users to write arbitrary files outside the intended config directory by exploiting insufficient zip entry name sanitization, enabling remote code execution through malicious plugin creation. The vulnerability affects Zoraxy versions prior to 3.3.2 and has a CVSS score of 3.3 due to high privilege requirements, but poses significant real-world risk because Docker socket mapping could facilitate host takeover. A functional proof-of-concept demonstrating full RCE via entrypoint modification and plugin execution is publicly available.
A local privilege escalation vulnerability in Apple's Keychain implementation allows an attacker with local access to bypass permissions checking and retrieve sensitive stored credentials and secrets. The vulnerability affects iOS 18.7.7 and earlier, iPadOS 18.7.7 and earlier, iOS 26.4 and earlier, iPadOS 26.4 and earlier, macOS Sequoia 15.7.5 and earlier, macOS Sonoma 14.8.5 and earlier, macOS Tahoe 26.4 and earlier, visionOS 26.4 and earlier, and watchOS 26.4 and earlier. No public exploitation has been confirmed, and patched versions are now available across all affected platforms.
A privacy vulnerability in macOS Tahoe allows documents to be inadvertently written to temporary files during print preview operations, potentially exposing sensitive information to unauthorized access. This affects macOS versions prior to 26.4. An attacker with local file system access could retrieve unencrypted documents from temporary storage, circumventing user expectations of privacy during print operations.
A permissions validation flaw in macOS Tahoe allows applications to circumvent Gatekeeper security checks, potentially enabling execution of untrusted or malicious code that would normally be blocked by Apple's code signing and notarization mechanisms. This vulnerability affects macOS Tahoe versions prior to 26.4 and is fixed in the 26.4 release. An attacker with the ability to distribute a specially crafted application could bypass endpoint security controls designed to protect users from unsigned or malicious software.
A privilege escalation vulnerability exists in Panorama Suite where certificate private keys installed via the Network and Security tool are granted unnecessary access rights to the operator group, potentially allowing local privileged users to access sensitive cryptographic material. Panorama Suite 2025 versions up to 25.00.004 are affected unless patch PS-2500-00-0357 or higher is applied, while version 25.10.007 (Updated Dec. 25) is not vulnerable. This vulnerability has not been reported as actively exploited (no KEV status), but represents a real information disclosure risk due to improper Windows file permission assignment on security-critical objects.
IBM InfoSphere Information Server versions 11.7.0.0 through 11.7.1.6 contain an information disclosure vulnerability where sensitive data is exposed through HTTP GET query strings, allowing attackers with low privileges and network access to obtain confidential information via man-in-the-middle techniques. The CVSS score of 3.1 reflects low severity due to high attack complexity and limited privileges required, though the vulnerability has a patch available from IBM and represents a classic cleartext credential exposure risk in enterprise data integration platforms.
Rails Active Storage's proxy controller fails to limit the number of byte ranges accepted in HTTP Range headers, allowing attackers to craft requests with thousands of small ranges that consume disproportionate CPU resources compared to legitimate file requests. This denial-of-service vulnerability affects Ruby on Rails applications using the ActiveStorage library (pkg:rubygems/activestorage). An attacker can trigger resource exhaustion by sending Range requests with many byte ranges, potentially rendering the application unavailable to legitimate users.
PrestaShop versions prior to 8.2.5 and 9.1.0 contain an improper use of validation framework vulnerability that allows information disclosure through integrity violations. An attacker with high privileges and user interaction can potentially bypass validation controls to access or modify sensitive information. The vulnerability has a low CVSS score of 2.0 reflecting limited real-world impact, though it represents a validation framework weakness in a widely-deployed e-commerce platform.
A validation bypass vulnerability exists in the Linux kernel's netfilter nft_set_rbtree module that fails to properly validate overlapping open intervals in packet filtering rule sets. This affects all Linux distributions running vulnerable kernel versions, allowing local or remote attackers with network configuration privileges to bypass firewall rules through malformed interval specifications. The vulnerability is classified as an information disclosure issue and has been patched upstream, though no active exploitation in the wild has been documented.
A lifecycle management vulnerability in the Linux kernel's USB NCM (Network Control Model) gadget function causes the network device to outlive its parent gadget device, resulting in NULL pointer dereferences and dangling sysfs symlinks when the USB gadget is disconnected. This affects all Linux kernel versions with the vulnerable USB gadget NCM implementation, and an attacker with local access to trigger USB gadget bind/unbind cycles can cause a kernel panic (denial of service). No CVSS vector, EPSS score, or active KEV status is available, but patches are confirmed available in the Linux stable tree.
crun versions 1.19 through 1.26 misparse the `-u` (--user) option during container execution, causing a numeric UID value of 1 to be incorrectly interpreted as UID 0 (root) instead, resulting in privilege escalation where containerized processes execute with root privileges instead of the intended unprivileged user. The vulnerability affects the containers/crun OCI runtime container (cpe:2.3:a:containers:crun:*:*:*:*:*:*:*:*) and has been patched in version 1.27. No public exploit code or active exploitation has been identified, though the EPSS score of 0.01% (percentile 2%) indicates minimal real-world exploitation likelihood despite the privilege escalation tag.
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. No vendor patch available.