Full Disclosure
SEC Consult SA-20260202-0 :: Multiple vulnerabilities in Native Instruments Native Access (MacOS) 5 February 2026 at 05:51

SEC Consult SA-20260202-0 :: Multiple vulnerabilities in Native Instruments Native Access (MacOS)

5 February 2026 at 05:51

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Feb 04

SEC Consult Vulnerability Lab Security Advisory < 20260202-0 >
=======================================================================
title: Multiple vulnerabilities
product: Native Instruments - Native Access (MacOS)
vulnerable version: verified up to 3.22.0
fixed version: n/a
CVE number: CVE-2026-24070, CVE-2026-24071
impact: high
homepage:...

Full Disclosure
CyberDanube Security Research 20260119-0 | Authenticated Command Injection in Phoenix Contact TC Router Series 5 February 2026 at 05:51

CyberDanube Security Research 20260119-0 | Authenticated Command Injection in Phoenix Contact TC Router Series

Full Disclosure

5 February 2026 at 05:51

Posted by Thomas Weber | CyberDanube via Fulldisclosure on Feb 04

Full Disclosure
[KIS-2026-03] Blesta <= 5.13.1 (2Checkout) Multiple PHP Object Injection Vulnerabilities 5 February 2026 at 05:50

[KIS-2026-03] Blesta <= 5.13.1 (2Checkout) Multiple PHP Object Injection Vulnerabilities

Full Disclosure

5 February 2026 at 05:50

Posted by Egidio Romano on Feb 04

--------------------------------------------------------------------------
Blesta <= 5.13.1 (2Checkout) Multiple PHP Object Injection Vulnerabilities
--------------------------------------------------------------------------

[-] Software Link:

https://www.blesta.com

[-] Affected Versions:

All versions from 3.0.0 to 5.13.1.

[-] Vulnerabilities Description:

The vulnerabilities exist because user input passed through the...

Full Disclosure
[KIS-2026-02] Blesta <= 5.13.1 (Admin Interface) Multiple PHP Object Injection Vulnerabilities 5 February 2026 at 05:50

[KIS-2026-02] Blesta <= 5.13.1 (Admin Interface) Multiple PHP Object Injection Vulnerabilities

Full Disclosure

5 February 2026 at 05:50

Posted by Egidio Romano on Feb 04

--------------------------------------------------------------------------------
Blesta <= 5.13.1 (Admin Interface) Multiple PHP Object Injection Vulnerabilities
--------------------------------------------------------------------------------

[-] Software Link:

https://www.blesta.com

[-] Affected Versions:

All versions from 3.0.0 to 5.13.1.

[-] Vulnerabilities Description:

The vulnerabilities exist because user input passed through the...

Full Disclosure
[KIS-2026-01] Blesta <= 5.13.1 (confirm_url) Reflected Cross-Site Scripting Vulnerability 5 February 2026 at 05:50

[KIS-2026-01] Blesta <= 5.13.1 (confirm_url) Reflected Cross-Site Scripting Vulnerability

Full Disclosure

5 February 2026 at 05:50

Posted by Egidio Romano on Feb 04

---------------------------------------------------------------------------
Blesta <= 5.13.1 (confirm_url) Reflected Cross-Site Scripting Vulnerability
---------------------------------------------------------------------------

[-] Software Link:

https://www.blesta.com

[-] Affected Versions:

All versions from 3.2.0 to 5.13.1.

[-] Vulnerability Description:

User input passed through the "confirm_url" GET parameter to the...

Normal view