Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Pretalx version 2026.1.0 security update for CVE-2026-41241

Security Patch Release
First reported
Last updated
Happening score
H score 34
1 unique sources, 1 articles

Summary

Hide ▲

Pretalx released version 2026.1.0 to patch CVE-2026-41241, a stored XSS flaw that could compromise organizer accounts in conference deployments. The update closes a path attackers could use through malicious submission content across Pretalx-powered events.

Related Happenings

TrendAI Trend Micro’s enterprise business security patch release for CVE-2026-34926

Security Patch Release
First: 22.05.2026 11:19 Last: 22.05.2026 11:19 Sources 1

About this happening: **TrendAI** released **Apex One** security updates after confirming a **zero-day** had been **exploited in the wild**, leaving **on-premises installations** at risk until patched....

Open Happening

Microsoft security patch release for CVE-2026-41091 and CVE-2026-45498

Security Patch Release
First: 21.05.2026 10:49 Last: 21.05.2026 10:49 Sources 1

About this happening: Microsoft rolled out security updates for Defender and related malware protection components to address two zero-days: CVE-2026-41091 and CVE-2026-45498. The fixes cover affected...

Latest development: 21.05.2026 12:52

Microsoft released patches for Microsoft Defender Antimalware Platform version 4.18.26040.7 to address CVE-2026-41091, a link-following privilege-escalation flaw that can let an authorized attacker elevate privileges locally to System, and CVE-2026-45498, a denial-of-service flaw. Microsoft said both vulnerabilities were publicly disclosed and exploited in the wild as zero-days. CISA added both flaws to its Known Exploited Vulnerabilities (KEV) list and urged federal agencies to patch them by June 3.

Open Happening

Ivanti security patch release for CVE-2026-8043

Security Patch Release
First: 18.05.2026 13:54 Last: 18.05.2026 13:54 Sources 1

About this happening: **Ivanti, Fortinet, SAP, Broadcom, and n8n** released **security fixes** on **2026-05-18** for flaws that could enable **authentication bypass**, **remote code execution**, **SQL...

Open Happening

Progress security patch release for CVE-2026-2699

Security Patch Release
First: 02.04.2026 16:33 Last: 02.04.2026 16:33 Sources 1

About this happening: **Progress** released **ShareFile 5.12.4** on **March 10** to fix **CVE-2026-2699** and **CVE-2026-2701** in the **Storage Zones Controller (SZC)** for **branch 5.x**. The update...

Open Happening

GIGABYTE security patch release for CVE-2026-4415

Security Patch Release
First: 01.04.2026 01:28 Last: 01.04.2026 01:28 Sources 1

About this happening: **GIGABYTE** is directing users of **Control Center** to upgrade to **25.12.10.01** to mitigate **CVE-2026-4415**, a flaw that exposed systems to remote file writes. The update ma...

Open Happening

Timeline

  1. 27.05.2026 17:30 2 articles · 8h ago

    Pretalx patches stored XSS flaw CVE-2026-41241 in version 2026.1.0

    Mitigation Patch Update

    Novee Security disclosed a high-severity stored XSS vulnerability in Pretalx, tracked as CVE-2026-41241, that let a registered conference speaker plant malicious code which would execute when an organizer searched for the submission. Pretalx version 2026.1.0 patched the flaw, which affected the conference call-for-papers and scheduling platform used by many technical events.

    Show sources
    Open in new tab