Articles
Newsflash
7 Jul 2026 Business and Enterprise Solutions
Ghost CMS: Arbitrary File Upload and RCE (Disputed)

In Ghost CMS version 4.42.0 a high severity vulnerability CVE-2022-28397 was reported. This vulnerability reportedly allows an attacker to execute arbitrary code (RCE) via a maliciously crafted file uploaded through the file upload module. However, it should be noted that the vendor disputes this vulnerability, stating that according to Ghost’s security documentation, files can only be uploaded and published by strictly trusted users, and this functionality is intentional. There’s no fix available for this issue at the moment. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2022-28397.

Read more
CMS
7 Jul 2026 DevOps
Kestra: Weak Password Hashing Leading to Privilege Escalation

In Kestra versions prior to 1.3.24 a high severity vulnerability CVE-2026-55069 was detected. This vulnerability allows an attacker who has gained read access to the database to recover the administrator password offline, potentially leading to vertical privilege escalation. This occurs because the BasicAuth authentication component uses the SHA-512 hashing algorithm, which has a high computation speed and lacks the necessary work factors to deter rapid brute-force or dictionary attacks. If the password is successfully cracked in a Kubernetes deployment, the attacker can further compromise the system by reading the cluster ServiceAccount Token and all Kubernetes Secrets. To address this issue, users should upgrade Kestra to version 1.3.24 or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2026-55069.

Read more
Monitoring
7 Jul 2026 Data Management and Analytics
Elasticsearch: Denial of Service via Uncontrolled Resource Consumption in Bulk Requests

In Elasticsearch versions including 7.0.0 and before 7.17.24, including 8.0.0 and before 8.15.0 a medium severity vulnerability CVE-2026-49090 was detected. This vulnerability allows an authenticated user to cause a Denial of Service (DoS) by rendering the affected node unable to process requests. This occurs due to an Uncontrolled Resource Consumption (CWE-400) flaw when processing bulk requests. By submitting a specially crafted bulk request, an attacker can trigger sustained high CPU consumption via excessive resource allocation (CAPEC-130), effectively exhausting server resources. To address this issue, users should upgrade Elasticsearch to a patched version 7.17.24 or later, 8.15.0 or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2026-49090.

Read more
Data Analytics
7 Jul 2026 DevOps
Django: SQL Injection via QuerySet.order_by and FilteredRelation

In Django versions 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28 (with earlier unsupported versions potentially affected) a high severity vulnerability CVE-2026-1312 was detected. This vulnerability allows an attacker to execute unauthorized database queries, potentially leading to data exfiltration or modification via SQL Injection (SQLi). This occurs due to a flaw in how .QuerySet.order_by() handles column aliases containing periods when the exact same alias is utilized within FilteredRelation using dictionary expansion. By supplying a specially crafted dictionary, an attacker can manipulate the generated SQL query structure. To address this issue, users should upgrade Django to versions 6.0.2, 5.2.11, 4.2.28, or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2026-1312.

Read more
Application Development
7 Jul 2026 Business and Enterprise Solutions
Dolibarr: PHP Code Injection via Website Module Bypass

In Dolibarr ERP & CRM versions up to and including 22.0.4 a high severity vulnerability CVE-2026-31018 was detected. This vulnerability allows an authenticated user with restricted privileges (limited to HTML/JavaScript editing) to inject and execute arbitrary PHP code, potentially leading to Remote Code Execution (RCE) and privilege escalation. This occurs due to the inconsistent application of PHP code detection and permission enforcement within the Website module. During website page creation, certain input parameters remain unprotected, allowing an attacker to bypass intended restrictions and supply malicious PHP payloads. To address this issue, users should upgrade Dolibarr to a patched version 23.0.0 or higher. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2026-31018.

Read more
ERP
6 Jul 2026 Business and Enterprise Solutions
Joomla: Arbitrary File Upload in SP Page Builder Leading to PHP Code Execution

In Joomla versions before 6.6.2 a critical severity vulnerability CVE-2026-48908 was detected. This vulnerability allows unauthenticated users to upload arbitrary files, resulting in the upload and execution of PHP code. To address this issue, users should upgrade Joomla to version 6.6.2 or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2026-48908.

Read more
CMS
Case Studies