Known Vulnerabilities for Vendor PAM by CyberArk Software A Palo Alto Networks Company
Listed below are 10 of the newest known vulnerabilities associated with "Vendor PAM" by "CyberArk Software A Palo Alto Networks Company".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-59948 json | Composer is a dependency Manager for the PHP language. Prior to 2.2.29 and 2.10.2, a maliciously crafted package from an untr... | Not Provided | 2026-07-08 | 2026-07-09 |
| CVE-2026-54224 json | UBB.threads is vulnerable to Denial of Service (DoS). By sending multiple concurrent requests to view any user profile on ins... | Not Provided | 2026-06-18 | 2026-06-18 |
| CVE-2026-54223 json | UBB.threads is vulnerable to Path traversal, allowing attackers with privilege to edit templates to read and write any file o... | Not Provided | 2026-06-18 | 2026-06-18 |
| CVE-2026-54222 json | UBB.threads is vulnerable to Blind SQL Injection, allowing attackers with access to the Members in Control Panel to intera... | Not Provided | 2026-06-18 | 2026-06-18 |
| CVE-2026-54221 json | UBB.threads is vulnerable to Reflected XSS. The application improperly handles user input in certain requests, enabling atta... | Not Provided | 2026-06-18 | 2026-06-18 |
| CVE-2026-54220 json | uBB.threads is vulnerable to a Cross-Site Request Forgery (CSRF) due to a lack of protective mechanisms. This allows an atta... | Not Provided | 2026-06-18 | 2026-06-18 |
| CVE-2026-54219 json | UBB.threads is vulnerable to Stored XSS via user posts and user profile fields. The application fails to properly sanitize us... | Not Provided | 2026-06-18 | 2026-06-18 |
| CVE-2026-53909 json | MCO does not correctly validate types of uploaded files. File upload validation functionality relies only on client-side chec... | Not Provided | 2026-07-01 | 2026-07-01 |
| CVE-2026-53908 json | MCO is vulnerable to User Enumeration through authentication-related functionalities. The application returns distinguishable... | Not Provided | 2026-07-01 | 2026-07-01 |
| CVE-2026-53907 json | MCO is vulnerable to Stored Cross‑Site Scripting (XSS) via the application logo upload functionality. An attacker with the ... | Not Provided | 2026-07-01 | 2026-07-01 |