Cross-site scripting in Allegra's downloadAttachment method enables authenticated remote attackers to inject and execute arbitrary JavaScript within a victim user's browser session. Exploitation requires an authenticated low-privilege attacker account and mandatory victim interaction - the target must visit a malicious page or open a crafted file - limiting the realistic attack surface. Reported by Zero Day Initiative (ZDI-CAN-28236 / ZDI-26-358), patched in Allegra 9.0.0. No public exploit code and no active exploitation (CISA KEV) identified at time of analysis.
Heap out-of-bounds read in NanaZip's inherited 7-Zip LvmHandler component allows an unauthenticated remote attacker to crash the application or potentially expose heap memory by tricking a user into opening a maliciously crafted LVM2 disk image. All NanaZip installations from version 3.0.1000.0 up to (but not including) 6.0.1698.0 on Windows are vulnerable. No public exploit code or active exploitation has been identified; an EPSS score of 0.04% at the 11th percentile reflects very low real-world exploitation probability.
Unauthorized access to webhook event data in Discourse exposes internal webhook payloads to any authenticated user - or unauthenticated users on instances with login_required disabled - across versions 2026.1.0 through several branch heads. The flaw resides in the MessageBus channel /web_hook_events/<id>, which the Jobs::RedeliverWebHookEvents job publishes to without enforcing group_id restrictions, allowing unrestricted channel subscription. Compounded by trivially enumerable sequential integer webhook IDs, any low-privilege or anonymous actor can iterate over webhook event history without authorization. No public exploit code exists and EPSS is 0.03% (9th percentile), indicating no observed widespread exploitation at time of analysis.
Discourse's AI 'explain' helper exposes raw content of hidden posts to any authenticated user with access to the feature, due to an incomplete authorization check on parent posts. Affected instances span three release tracks - 2026.1.x, 2026.3.x, and 2026.4.x - and any user who can invoke the AI helper and find a visible reply to a hidden post can silently read the hidden post's raw text. No public exploit code has been identified and EPSS places exploitation probability at 0.03% (9th percentile), indicating this is a low-urgency but genuine confidentiality bypass for deployments where hidden post content is sensitive.
Discourse's GroupPostSerializer leaks user real names to authenticated users even when site administrators have explicitly disabled name display via the enable_names site setting. Affected versions span the 2026.1.x, 2026.3.x, and 2026.4.x release lines. An authenticated user querying group post endpoints receives real name data that the platform operator intended to suppress, undermining privacy configurations on Discourse instances that host pseudonymous or anonymous communities. No public exploit code exists and no active exploitation has been identified; the EPSS score of 0.03% (9th percentile) reflects low exploitation probability.
Discourse's ReviewableQueuedPostSerializer unconditionally exposes full inbound email source - including SMTP headers, sender trace, mail user agent, and body - to category moderation group members accessing the review queue, bypassing the view_raw_email_allowed_groups trust boundary that restricts the dedicated raw-email endpoint. Affected versions span the 2026.1.x, 2026.3.x, and 2026.4.x series on deployments using Discourse's incoming email feature. No public exploit has been identified and EPSS stands at 0.03% (9th percentile), indicating low automated exploitation probability, though the exposed data - including sender IP addresses and routing headers - presents meaningful privacy and de-anonymization risk to users who submitted posts via email.
Discourse platform versions across three active release tracks expose whisper translation audit logs through bot debug endpoints to any authenticated low-privilege user. The vulnerability (CWE-200) exists across release lines 2026.1.x, 2026.3.x, and 2026.4.x, and has been patched by the vendor across all affected tracks. No public exploit exists and EPSS sits at the 9th percentile (0.03%), indicating this is a low-probability exploitation target; however, the exposure of internal moderation audit logs may pose compliance and confidentiality risks on community platforms handling sensitive staff communications.
Sensitive system information exposure in the Hash Elements WordPress plugin (all versions through 1.5.4) enables authenticated low-privilege users to retrieve embedded sensitive data from the plugin's output or internal responses. Classified under CWE-497, the plugin surfaces system-level information - potentially including API keys, server paths, or configuration values - to parties who should not have access to it. No public exploit has been identified at time of analysis, and the vulnerability is not listed in the CISA KEV catalog, but the low authentication barrier (subscriber-level or equivalent WordPress account) broadens the pool of potential abusers on multi-user WordPress installations.
Mattermost's WebSocket layer improperly broadcasts `role_updated` events to all authenticated connections regardless of team or channel membership, enabling guest-level authenticated users to observe permission scheme change notifications for private teams they do not belong to. Affected versions span the 10.11.x, 11.5.x, and 11.6.x release lines. No public exploit code exists and this vulnerability is not listed in the CISA KEV catalog, but the low attack complexity and broad version impact make patching a straightforward priority for any Mattermost deployment with guest accounts enabled.
Mattermost's team creation API endpoint (POST /api/v4/teams) fails to enforce the PermissionInviteUser authorization check, allowing authenticated users holding only PermissionCreateTeam to configure invite-controlled team settings - including making a team publicly joinable via open invite and restricting membership by allowed domains - that they are explicitly prohibited from setting on existing teams. Affected versions span the 10.11.x, 11.5.x, and 11.6.x release trains up to their respective latest builds. No public exploit identified at time of analysis, and the flaw has not been listed in CISA KEV.
Unauthorized disclosure of pending invitation emails and member data in Solidtime prior to v0.12.2 allows any authenticated team member to bypass explicit permission controls via the Jetstream web team page. The team page controller gates access only with a coarse `belongsToTeam()` check and then serializes all invitation and member records into Inertia props embedded in the HTML response body, circumventing the `invitations:view` and `members:view` permissions that protect the same data on the API. This is no public exploit identified at time of analysis, with an EPSS of 0.02% reflecting low exploitation probability, though the bypass requires no skill beyond loading the team page as a valid member.
Denial of service via gzip bomb in swift-nio-extras NIOHTTPRequestDecompressor affects any Swift server using the `.ratio(N)` decompression limit, allowing unauthenticated remote attackers to exhaust server memory without limit. The ratio enforcement logic incorrectly uses the attacker-supplied `Content-Length` request header as the denominator of the compression ratio check instead of the actual number of compressed bytes received, making the check trivially bypassable. No public exploit code has been identified at time of analysis, but the bypass technique is straightforward and requires no special tooling - any HTTP client capable of crafting a gzip payload with a falsified `Content-Length` header can trigger it repeatedly to sustain memory amplification.
CRLF injection in SwiftNIO's outbound HTTP/1.1 start line handling enables HTTP request smuggling and HTTP response splitting in applications built on swift-nio 2.0.0 through 2.99.0. The validators NIOHTTPRequestHeadersValidator and NIOHTTPResponseHeadersValidator enforce header field name and value correctness but leave the request URI, HTTP method, and response reason phrase unvalidated, allowing CR/LF sequences to be injected by any attacker who controls those fields. Successful exploitation can smuggle arbitrary HTTP requests past intermediaries, bypass WAF rules, or poison shared web caches. No public exploit identified at time of analysis, and the vulnerability is not listed in CISA KEV; however, exploitation in vulnerable proxy deployments is described as low-effort by the advisory authors.