Common Vulnerabilities and Exposures (CVE)
CVE-2026-1618
Authentication Bypass Using an Alternate Path or Channel vulnerability in Universal Software Inc. FlexCity/Kiosk allows Privilege Escalation. This issue affects FlexCity/Kiosk: from 1.0 before 1.0.36.
CVE-2026-1619
Authorization Bypass Through User-Controlled Key vulnerability in Universal Software Inc. FlexCity/Kiosk allows Exploitation of Trusted Identifiers. This issue affects FlexCity/Kiosk: from 1.0 before 1.0.36.
CVE-2025-7425
A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key() process, result in tree fragments, this corruption prevents the proper...
CVE-2026-1819
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Karel Electronics Industry and Trade Inc. ViPort allows Stored XSS. This issue affects ViPort: through 23012026.
CVE-2026-2339
Missing Authentication for Critical Function vulnerability in TUBITAK BILGEM Software Technologies Research Institute Liderahenk allows Remote Code Inclusion, Privilege Abuse, Command Injection. This issue affects Liderahenk: before 3.5.1.
CVE-2026-2624
Missing Authentication for Critical Function vulnerability in ePati Cyber Security Technologies Inc. Antikor Next Generation Firewall (NGFW) allows Authentication Bypass. This issue affects Antikor Next Generation Firewall (NGFW): from v...
CVE-2026-3120
Improper Control of Generation of Code ('Code Injection') vulnerability in Profelis Information and Consulting Trade and Industry Limited Company SambaBox allows OS Command Injection. This issue affects SambaBox: from 5.1 before 5.3.
CVE-2026-5140
Improper neutralization of CRLF sequences ('CRLF injection') vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Update allows Authentication Bypass. This issue affects Pardus Update: from 0.6.3 before 0.6.4.
CVE-2026-5141
Improper Privilege Management, Improper Access Control, Incorrect privilege assignment vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Software Center allows Hijacking a privileged process. This issue affect...
CVE-2026-5161
Improper link resolution before file access ('link following') vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus About allows Symlink Attack. This issue affects Pardus About: before 1.2.2.
CVE-2026-5166
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Software Center allows Path Traversal. This issue affects Pardus Software Center...
CVE-2026-6849
Improper neutralization of special elements used in an OS command ('OS command injection') vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus OS My Computer allows OS Command Injection. This issue affects Pardu...
CVE-2026-7382
Exposure of Sensitive Information to an Unauthorized Actor, Exposure of private personal information to an unauthorized actor vulnerability in MeWare Software Development Inc. PDKS allows Excavation. This issue affects PDKS: from V16.20200...
CVE-2026-7399
Authorization bypass through User-Controlled key vulnerability in MeWare Software Development Inc. PDKS allows Privilege Abuse. This issue affects PDKS: from V16.20200313 before VMYR_3.5.2025117.
CVE-2026-7402
Improper Control of Interaction Frequency vulnerability in MeWare Software Development Inc. PDKS allows Flooding. This issue affects PDKS: from V16.20200313 before VMYR_3.5.2025117.