CVE-2026-53723 guzzlehttp/guzzle-services' XML Request Serialization Vulnerable to XML Injection via CDATA Terminator

Guzzle Services provides an implementation of the Guzzle Command library that uses Guzzle service descriptions to describe web services, serialize requests, and parse responses into easy to use model structures. Versions prior ro 1.5.4 do not safely serialize scalar XML element values containing...

Liferay Portal - Open Redirect

HtmlUtil.escapeRedirect in Liferay Portal 7.2.0 through 7.4.3.18, and older unsupported versions, and Liferay DXP 7.4 before update 19, 7.3 before update 4, 7.2 before fix pack 19, and older unsupported versions can be circumvented by using the 'REPLACEMENT CHARACTER' U+FFFD, which allows remote...

CVE-2026-50637

Metrics::Any::Adapter::Statsd versions before 0.04 for Perl does not protect against metric injections. The statsd protocol and extensions allow mutiple metrics,separated by newlines, to be sent per packet. The send method does not validate the contents of the metric names or values. If the names...

CVE-2026-53437

Jenkins 2.567 and earlier, LTS 2.555.2 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins when it contains tab or newline characters between //, allowing attackers to perform phishing attacks...

CVE-2026-46739

A flaw was found in perl-Net-Statsd. This vulnerability allows an attacker to inject additional statsd metrics due to insufficient validation of metric names and values. Specifically, the software does not properly check for newlines, colons, or pipes in metric names, nor does it ensure that valu...

MemVenom: Triggered Poisoning of Multimodal Memories in Web Agents

External memory has become a core component of modern web agents, enabling long-horizon reasoning through the retrieval of past experiences. However, this paradigm introduces a critical vulnerability: malicious content injected into memory can be persistently recalled and repeatedly influence age...

EulerOS 2.0 SP11 : glibc (EulerOS-SA-2026-2205)

According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The iconv function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or...

CVE-2026-32870

Kirby is an open-source content management system. Kirby's Xml::value method has special handling for blocks. If the input value is already valid CDATA, it is not escaped a second time but allowed to pass through. However, prior to versions 4.9.0 and 5.4.0, it was possible to trick this check int...

CVE-2026-8202

Using a densely populated chars mask and a large input string in the MongoDB aggregation operators $trim, $ltrim, and $rtrim, an authenticated user with aggregation permissions can pin CPU utilization at 100% for an extended period of time. This issue impacts MongoDB Server v7.0 versions prior to...

CVE-2026-10879 DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders

DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders. The preparse method expands SQL placeholder characters to numbered binders of the form :pN, but only allocates three characters per binder in the buffer. Placeholders 10-99 require fou...

RLSA-2026:20594 Moderate: glibc security update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...

SUSE CVE-2026-46258

In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: Avoid NULL dereference in linehandlecreate In linehandlecreate, there is a statement like this: retainandnullptrlh; Soon after, there is a debug printout that dereferences "lh", which will crash things. Avoid the cras...

GHSA-37M5-M4Q3-FC6X Froxlor: BIND Zone File Injection via TXT Record Content

Summary The DomainZones.add API endpoint does not sanitize newline characters in TXT record content. An authenticated customer with DNS editing enabled can inject newlines into TXT record values, which break out of the record line in the generated BIND zone file. This enables injection of arbitra...

CVE-2026-46258

A flaw was found in the Linux kernel's gpio: cdev module. A NULL pointer dereference in the linehandlecreate function can occur, leading to a system crash. This vulnerability could allow a local attacker to cause a Denial of Service DoS...

CVE-2026-46258

In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: Avoid NULL dereference in linehandlecreate In linehandlecreate, there is a statement like this: retainandnullptrlh; Soon after, there is a debug printout that dereferences "lh", which will crash things. Avoid the cras...

OpenSSH: OpenSSH: Arbitrary command execution via shell metacharacters in username

A flaw was found in OpenSSH. This vulnerability allows a remote attacker to achieve arbitrary command execution by injecting shell metacharacters into a username provided on the command line. Exploitation requires an untrusted username and a non-default configuration of the '%' character in...

CVE-2026-25861

CVE-2026-25861 affects QloApps 1.7.0. The vulnerability is in the password hashing path: Tools::encrypt() in classes/Tools.php uses MD5 with a static cookie key, allowing offline brute-forcing of credentials. The risk is heightened by auto-generated 8-character guest-to-customer passwords in clas...

CVE-2026-25861 QloApps 1.7.0 Weak Password Hashing via MD5 in Tools.php

QloApps through 1.7.0, fixed in commit 64e9722, contains a weak cryptographic algorithm vulnerability that allows attackers to compromise user credentials by exploiting the use of MD5 for password hashing in the Tools::encrypt function within classes/Tools.php, which concatenates a static cookie...

PHP: PHP: Denial of Service via improper handling of signed characters in ctype functions

A flaw was found in PHP. Some functions, including urldecode, incorrectly pass signed characters to character type ctype functions. On certain systems, this can lead to accessing memory with a negative offset. This vulnerability can be exploited by an attacker to trigger a denial of service DoS,...

SUSE CVE-2026-49130

Music Player Daemon MPD before version 0.24.11 contains a CRLF injection vulnerability in the xspfchardata function within the XSPF playlist plugin that allows attackers to embed literal CR/LF bytes in URI fields by supplying a malicious XSPF playlist with XML numeric character references...