Account Takeover via Predictable SSO Ticket Generation

Published 2026-06-23 by Zohocorp

Authenticated unintended access to critical program parameters

Published 2026-06-23 by CERTVDE

Mojolicious::Plugin::Web::Auth::OAuth2 versions through 0.17 for Perl have an insecure default state parameter

Published 2026-06-23 by CPANSec

Frontend File Manager Plugin <= 23.6 - Unauthenticated Arbitrary File Download

Published 2026-06-23 by WPScan

Frontend File Manager Plugin <= 23.6 - Subscriber+ Stored Cross-Site Scripting via File Rename

Published 2026-06-23 by WPScan

Simple Basic Contact Form <= 20250114 - Reflected XSS

Published 2026-06-23 by WPScan

Infility Global < 2.15.19 - Subscriber+ SQL Injection via order Parameter

Published 2026-06-23 by WPScan

Infility Global < 2.15.20 - Editor+ SQL Injection via orderby Parameter

Published 2026-06-23 by WPScan

Published 2026-06-23 by snyk

Openssh: heap out-of-bounds read in red hat enterprise linux versions of openssh gssapi indicator cleanup due to missing null sentinel termination

Published 2026-06-23 by redhat