News & Sicurezza

CVE ID :CVE-2026-39326 Published : April 7, 2026, 5:30 p.m. | 25 minutes ago Description :ChurchCRM is an open-source church management system. Prior to 7.1.0, an SQL injection vulnerability was found in the endpoint /PropertyTypeEditor.php in ChurchCRM. Authenticated users with the role isMenuOptionsEnabled can inject arbitrary SQL statements through the Name and Description parameters and thus extract and modify information from the database. This vulnerability is fixed in 7.1.0. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2026-39325 Published : April 7, 2026, 5:29 p.m. | 26 minutes ago Description :ChurchCRM is an open-source church management system. Prior to 7.1.0, an SQL injection vulnerability was found in the endpoint /SettingsUser.php in ChurchCRM 7.0.5. Authenticated administrative users can inject arbitrary SQL statements through the type array parameter via the index and thus extract and modify information from the database. This vulnerability is fixed in 7.1.0. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2026-39323 Published : April 7, 2026, 5:28 p.m. | 27 minutes ago Description :ChurchCRM is an open-source church management system. Prior to 7.1.0, a critical SQL injection vulnerability exists in ChurchCRM's PropertyTypeEditor.php where the Name and Description POST parameters are sanitized only with strip_tags() before direct concatenation into SQL queries. This allows authenticated users with "Manage Properties" permission to execute arbitrary SQL commands including data exfiltration, modification, and deletion. Injected data persists in the database and is reflected across multiple application pages without output encoding. This vulnerability is fixed in 7.1.0. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2026-39318 Published : April 7, 2026, 5:27 p.m. | 28 minutes ago Description :ChurchCRM is an open-source church management system. Prior to 7.1.0, the GroupPropsFormRowOps.php file contains a SQL injection vulnerability. User input in the Field parameter is directly inserted into SQL queries without proper sanitization. The mysqli_real_escape_string() function does not escape backtick characters, allowing attackers to break out of SQL identifier context and execute arbitrary SQL statements. This vulnerability is fixed in 7.1.0. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2026-39335 Published : April 7, 2026, 5:23 p.m. | 32 minutes ago Description :ChurchCRM is an open-source church management system. Prior to 7.1.1, there is Stored XSS in group remove control and family editor state/country. This is primarily an admin-to-admin stored XSS path when writable entity fields are abused. This vulnerability is fixed in 7.1.1. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2026-39317 Published : April 7, 2026, 5:20 p.m. | 36 minutes ago Description :ChurchCRM is an open-source church management system. Prior to 7.1.0, a SQL injection vulnerability exists in ChurchCRM's SettingsIndividual.php where user-controlled array keys from the type POST parameter are used directly in SQL queries without sanitization. This allows any authenticated user to extract sensitive data from the database. This vulnerability is fixed in 7.1.0. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Cockpit's remote login feature passes user-supplied hostnames and usernames from the web interface to the SSH client without validation or sanitization. An attacker with network access to the Cockpit web service can craft a single HTTP request to the login endpoint that injects malicious SSH options or shell commands, achieving code execution on the Cockpit host without valid credentials. The injection occurs during the authentication flow before any credential verification takes place, meaning no login is required to exploit the vulnerability.

CVE ID :CVE-2026-39316 Published : April 7, 2026, 5:16 p.m. | 39 minutes ago Description :OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, a use-after-free vulnerability exists in the CUPS scheduler (cupsd) when temporary printers are automatically deleted. cupsdDeleteTemporaryPrinters() in scheduler/printers.c calls cupsdDeletePrinter() without first expiring subscriptions that reference the printer, leaving cupsd_subscription_t.dest as a dangling pointer to freed heap memory. The dangling pointer is subsequently dereferenced at multiple code sites, causing a crash (denial of service) of the cupsd daemon. With heap grooming, this can be leveraged for code execution. Severity: 4.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2026-39384 Published : April 7, 2026, 5:16 p.m. | 39 minutes ago Description :FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.212, FreeScout does not take the limit_user_customer_visibility parameter into account when merging customers. This vulnerability is fixed in 1.8.212. Severity: 7.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2026-39314 Published : April 7, 2026, 5:16 p.m. | 39 minutes ago Description :OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, an integer underflow vulnerability in _ppdCreateFromIPP() (cups/ppd-cache.c) allows any unprivileged local user to crash the cupsd root process by supplying a negative job-password-supported IPP attribute. The bounds check only caps the upper bound, so a negative value passes validation, is cast to size_t (wrapping to ~2^64), and is used as the length argument to memset() on a 33-byte stack buffer. This causes an immediate SIGSEGV in the cupsd root process. Combined with systemd's Restart=on-failure, an attacker can repeat the crash for sustained denial of service. Severity: 4.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2026-39308 Published : April 7, 2026, 5:16 p.m. | 39 minutes ago Description :PraisonAI is a multi-agent teams system. Prior to 1.5.113, PraisonAI's recipe registry publish endpoint writes uploaded recipe bundles to a filesystem path derived from the bundle's internal manifest.json before it verifies that the manifest name and version match the HTTP route. A malicious publisher can place ../ traversal sequences in the bundle manifest and cause the registry server to create files outside the configured registry root even though the request is ultimately rejected with HTTP 400. This is an arbitrary file write / path traversal issue on the registry host. It affects deployments that expose the recipe registry publish flow. If the registry is intentionally run without a token, any network client that can reach the service can trigger it. If a token is configured, any user with publish access can still exploit it. This vulnerability is fixed in 1.5.113. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2026-39312 Published : April 7, 2026, 5:16 p.m. | 39 minutes ago Description :SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. In 5.2.5188 and earlier, a pre-authentication denial-of-service vulnerability exists in SoftEther VPN Developer Edition 5.2.5188 (and likely earlier versions of Developer Edition). An unauthenticated remote attacker can crash the vpnserver process by sending a single malformed EAP-TLS packet over raw L2TP (UDP/1701), terminating all active VPN sessions. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...