Calgary, Alberta, Canada
sales@hackhalt.com
Free Download Free Download Free Download
Explore Pricing Explore Pricing Explore Pricing

Blog

"Prevention is cheaper than a breach"

Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total3
Critical0
High0
Medium3
Reset
Showing 1-3 of 3 records
Threat Entry Updated 2026-01-29

CVE-2026-22645 - Incoming Goods Suite Plugin

The application discloses all used components, versions and license information to unauthenticated actors, giving attackers the opportunity to target known security vulnerabilities of used components.

PLUGIN Incoming Goods Suite

CVE-2026-22645

MEDIUM CVSS 5.3 2026-01-15
Open Full Technical Breakdown
Threat Entry Updated 2026-01-29

CVE-2026-22644 - Incoming Goods Suite Plugin

Certain requests pass the authentication token in the URL as string query parameter, making it vulnerable to theft through server logs, proxy logs and Referer headers, which could allow an attacker to hijack the user's session and gain unauthorized access.

PLUGIN Incoming Goods Suite

CVE-2026-22644

MEDIUM CVSS 5.3 2026-01-15
Open Full Technical Breakdown
Threat Entry Updated 2026-01-29

CVE-2026-22646 - Incoming Goods Suite Plugin

Certain error messages returned by the application expose internal system details that should not be visible to end users, providing attackers with valuable reconnaissance information (like file paths, database errors, or software versions) that can be used to map the application's internal structure and discover other, more critical vulnerabilities.

PLUGIN Incoming Goods Suite

CVE-2026-22646

MEDIUM CVSS 4.3 2026-01-15
Open Full Technical Breakdown
Scroll to top