CVE-2026-30457

An issue in the /parser/dwoo component of Daylight Studio FuelCMS v1.5.2 allows attackers to execute arbitrary code via crafted PHP code...

CVE-2026-30457

An issue in the /parser/dwoo component of Daylight Studio FuelCMS v1.5.2 allows attackers to execute arbitrary code via crafted PHP code...

Unspecified Vulnerability in Google Chrome (CNVD-2026-15407)

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a security vulnerability that is due to an object lifecycle issue in PowerVR. An attacker can exploit the vulnerability to execute arbitrary code on the system...

OpenClaw has an unspecified vulnerability (CNVD-2026-16049)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw has a security vulnerability that can be exploited by an attacker to execute arbitrary code without sandbox escape...

Google Chrome integer overflow vulnerability (CNVD-2026-15405)

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from an integer overflow vulnerability that can be exploited by an attacker to execute arbitrary code on the system...

Google Chrome memory misreference vulnerability (CNVD-2026-15404)

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a memory misreference vulnerability that can be exploited by an attacker to execute arbitrary code on the system...

Google Chrome heap buffer overflow vulnerability (CNVD-2026-15403)

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a heap buffer overflow vulnerability that is caused by incorrect boundary checking in WebGL. An attacker can exploit this vulnerability to execute arbitrary code on the system or cause an application to...

Google Chrome Resource Management Error Vulnerability (CNVD-2026-15395)

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a resource management error vulnerability that can be exploited by an attacker to cause arbitrary code to be executed in the sandbox via specially crafted HTML pages...

Canva Affinity Out-of-Bounds Write Vulnerability

Canva Affinity is a range of professional graphic design and image editing software from Canva Australia. Canva Affinity suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to execute arbitrary code using a specially crafted EMF file...

PT-2026-31961

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.22 Description OpenClaw contains a flaw in its handling of environment variable overrides. Inconsistent sanitization paths allow attackers to bypass shared host environment policies by supplying blocked or...

River Past CamDo 缓冲区错误漏洞

River Past CamDo is a screen recording and camera capture tool developed by River Past Corporation. Version 3.7.6 of River Past CamDo contains a buffer error vulnerability. This vulnerability stems from a buffer overflow in the structured exception handler, which may allow local attackers to...

Zen C 缓冲区错误漏洞

Zen C is a modern system programming language developed by z-libs. Versions of Zen C prior to 0.4.4 contained a buffer error vulnerability. This vulnerability stemmed from a stack-based buffer overflow in the compiler, which could lead to compiler crashes or the execution of arbitrary code...

PT-2026-28221

The installer of RATOC RAID Monitoring Manager for Windows searches the current directory to load certain DLLs. If a user is directed to place a crafted DLL with the installer, an arbitrary code may be executed with the administrator privilege...

CVE-2026-30457

An issue in the /parser/dwoo component of Daylight Studio FuelCMS v1.5.2 allows attackers to execute arbitrary code via crafted PHP code...

OpenClaw Arbitrary Code Execution Vulnerability (CNVD-2026-16394)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an arbitrary code execution vulnerability that can be exploited by an attacker to execute an attacker-controlled binary...

AlmaLinux 9 : vim (ALSA-2026:5602)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:5602 advisory. vim: Vim: Arbitrary code execution via 'helpfile' option processing CVE-2026-25749 Tenable has extracted the preceding description block directly from the AlmaLinu...

RHEL 10 : freerdp (RHSA-2026:5939)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5939 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to...

Canva Affinity Type Obfuscation Vulnerability

Canva Affinity is a range of professional graphic design and image editing software from Canva Australia. A type confusion vulnerability exists in Canva Affinity, which can be exploited by an attacker to cause a specially crafted EMF file to trigger memory corruption and execute arbitrary code...

PT-2026-28222

The installer of RATOC RAID Monitoring Manager for Windows allows to customize the installation folder. If the installation folder is customized to some non-default one, the folder may be left with un-secure ACLs and non-administrative users can alter contents of that folder. It may allow a...

FUEL CMS 安全漏洞

FUEL CMS is a content management system CMS developed by David McReynolds using the Codelgniter framework. Version 1.5.2 of FUEL CMS contains a security vulnerability, which stems from issues with the /parser/dwoo component. Attackers can execute arbitrary code through specially crafted PHP code...