CVE ID :CVE-2026-42605 Published : May 9, 2026, 8:16 p.m. | 52 minutes ago Description :AzuraCast is a self-hosted, all-in-one web radio management suite. Prior to version 0.23.6, the currentDirectory request parameter in the Flow.js media upload endpoint (POST /api/station/{station_id}/files/upload) is…
CVE ID :CVE-2026-42606 Published : May 9, 2026, 8:16 p.m. | 52 minutes ago Description :AzuraCast is a self-hosted, all-in-one web radio management suite. Prior to version 0.23.6, the ApplyXForwarded middleware unconditionally trusts the client-supplied X-Forwarded-Host HTTP header with no trusted…
CVE ID :CVE-2026-42601 Published : May 9, 2026, 8:16 p.m. | 52 minutes ago Description :ArchiveBox is an open source self-hosted web archiving system. In versions 0.8.6rc0 and prior, the /add/ endpoint (AddView in core) accepts a config JSON field that…
CVE ID :CVE-2026-42571 Published : May 9, 2026, 8:16 p.m. | 52 minutes ago Description :Pelican is a platform for creating data federations. From versions 7.21.0 to before 7.21.5, 7.22.0 to before 7.22.3, 7.23.0 to before 7.23.3, and 7.24.0 to before…
CVE ID :CVE-2026-42569 Published : May 9, 2026, 8:16 p.m. | 52 minutes ago Description :phpVMS is a PHP application to run and simulate an airline. Prior to version 7.0.6, a critical vulnerability in phpVMS allowed unauthenticated access to a legacy…
Welcome to WordPress. This is your first post. Edit or delete it, then start writing!