Tag
#High Severity
SQL Injection Vulnerability in mjperpinosa stumasy
A SQL injection vulnerability has been discovered in mjperpinosa stumasy up to version 327d1b0f2915ba79d7ef8ebb74553e987609d9be. The vulnerability is located in the Notes_controller::accessing_dictionary_authorization function and can be exploited remotely. The CVSS score for this vulnerability is 7.3, indicating a high severity level.
Authenticated Command Injection in Coolify: CVE-2026-27957
A critical vulnerability (CVE-2026-27957) with a CVSS score of 8.8 was discovered in Coolify, an open-source tool for managing servers, applications, and databases. This authenticated command injection vulnerability allows any authenticated user to execute arbitrary commands as the configured SSH user on the managed server host, potentially leading to complete compromise of the managed server and associated docker containers. The vulnerability is fixed in version 4.0.0-beta.464. Organizations using Coolify should immediately upgrade to the patched version.