Known Vulnerabilities for Portfolio by Bestweblayout
Listed below are 10 of the newest known vulnerabilities associated with "Portfolio" by "Bestweblayout".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-59709 json | Ghostfolio's PUT /api/v1/portfolio/holding/:dataSource/:symbol/tags endpoint fails to verify Access.permissions field when pr... | Not Provided | 2026-07-07 | 2026-07-09 |
| CVE-2026-59708 json | The GET /api/v1/public/:accessId/portfolio endpoint in ghostfolio accepts private access IDs without validating granteeUserId... | Not Provided | 2026-07-07 | 2026-07-09 |
| CVE-2026-57712 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPZOOM WPZOOM Portfolio... | Not Provided | 2026-07-13 | 2026-07-13 |
| CVE-2026-49069 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPZOOM Portfolio allows... | Not Provided | 2026-06-10 | 2026-06-10 |
| CVE-2026-46962 json | Vulnerability in the Oracle Project Portfolio Analysis product of Oracle E-Business Suite (component: Internal Operations). ... | Not Provided | 2026-06-17 | 2026-06-17 |
| CVE-2026-46961 json | Vulnerability in the Oracle Project Portfolio Analysis product of Oracle E-Business Suite (component: Internal Operations). ... | Not Provided | 2026-06-17 | 2026-06-17 |
| CVE-2026-46960 json | Vulnerability in the Oracle Project Portfolio Analysis product of Oracle E-Business Suite (component: Internal Operations). ... | Not Provided | 2026-06-17 | 2026-06-17 |
| CVE-2026-32437 json | Missing Authorization vulnerability in vowelweb VW Portfolio vw-portfolio allows Exploiting Incorrectly Configured Access Con... | Not Provided | 2026-03-13 | 2026-04-29 |
| CVE-2026-32345 json | Missing Authorization vulnerability in raratheme Perfect Portfolio perfect-portfolio allows Exploiting Incorrectly Configured... | Not Provided | 2026-03-13 | 2026-04-29 |
| CVE-2026-7144 json | A security flaw has been discovered in 1000 Projects Portfolio Management System MCA 1.0. This impacts an unknown function of... | Not Provided | 2026-04-27 | 2026-04-27 |