KLA90897 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. Integer overflow vulnerability in V8 can be exploited to cause execute arbitrary code and...

MLflow 安全漏洞

MLflow is an open-source platform that simplifies machine learning development. It includes features like tracking experiments, packaging code for reproducible runs, and sharing and deploying models. There is a security vulnerability in MLflow, which stems from the use of hardcoded default...

PT-2026-21316

🚨 CVE-2019-25441 thesystem 1.0 contains a command injection vulnerability that allows unauthenticated attackers to execute arbitrary system commands by submitting malicious input to the run command endpoint. Attackers can send POST requests with shell commands in the command parameter to execute...

PJSIP 安全漏洞

PJSIP is an open-source, free and open-source multimedia communication library developed in C language. It implements standards-based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Versions of PJSIP 2.16 and earlier contained security vulnerabilities, which stemmed from a heap buffer...

NI FlexRIO < 2025 Q1 Arbitrary Code Execution (CVE-2024-12740)

The version of NI FlexRIO installed on the remote Windows host is prior to 2025 Q1. It is, therefore, affected by an arbitrary code execution vulnerability: - NI FlexRIO uses a third-party library for image processing that exposes several vulnerabilities. These vulnerabilities may result in...

Notepad++ < 8.9.2 Unsafe Search Path (GHSA-rjvm-fcxw-2jxq)

The version of Notepad++ installed on the remote host is prior to 8.9.2. It is, therefore, affected by a vulnerability: - An Unsafe Search Path vulnerability CWE-426 exists when launching Windows Explorer without an absolute executable path. This may allow execution of a malicious explorer.exe if...

PT-2026-21005

The installer for ジョブログ集計/分析ソフトウェア RICOHジョブログ集計ツール versions prior to Ver.1.3.7 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with administrative privileges...

ROS-20260220-73-0007

A vulnerability in the mlx5 driver of the RDMA subsystem of the Linux kernel is related to the ability to use memory after it has been freed. Exploitation of the vulnerability could allow an attacker to escalate privileges, execute arbitrary code, or cause a denial of service...

[SECURITY] [DSA 6143-1] libvpx security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6143-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 19, 2026 https://www.debian.org/security/faq -...

CVE-2025-61982

An arbitrary code execution vulnerability exists in the Code Stream directive functionality of OpenCFD OpenFOAM 2506. A specially crafted OpenFOAM simulation file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...

GO-2026-4394 OpenTelemetry Go SDK Vulnerable to Arbitrary Code Execution via PATH Hijacking in go.opentelemetry.io/otel/sdk

OpenTelemetry Go SDK Vulnerable to Arbitrary Code Execution via PATH Hijacking in go.opentelemetry.io/otel/sdk...

CVE-2026-24834

CVE-2026-24834 affects Kata Containers before 3.27.0. A flaw in the interaction with Cloud Hypervisor allows a container user to modify the Guest micro VM’s filesystem, potentially achieving arbitrary code execution as root inside the VM. The host and other containers/VMs on the same host are not...

CVE-2026-24834 Kata Container to Guest micro VM privilege escalation

Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In versions prior to 3.27.0, an issue in Kata with Cloud Hypervisor allows a user of the container to modify the file system used by the Guest micro VM...

GHSA-WWJ6-VGHV-5P64 Kata Container to Guest micro VM privilege escalation

Summary An issue in Kata with Cloud Hypervisor allows a user of the container to modify the file system used by the Guest micro VM ultimately achieving arbitrary code execution as root in said VM. The current understinding is this doesn’t impact the security of the Host or of other containers / V...

USN-8053-1: libvpx vulnerability

It was discovered that libvpx did not properly handle certain malformed media files. If an application using libvpx opened a specially crafted file, a remote attacker could cause a denial of service, or possibly execute arbitrary code...

CVE-2026-25926

Notepad++ is a free and open-source source code editor. An Unsafe Search Path vulnerability CWE-426 exists in versions prior to 8.9.2 when launching Windows Explorer without an absolute executable path. This may allow execution of a malicious explorer.exe if an attacker can control the process...

CDATA FD614GS3-R850 安全漏洞

CDATA FD614GS3-R850 is a fiber optic network unit terminal device from the American company CDATA. The version CDATA FD614GS3-R850 V3.2.7P161006 contains a security vulnerability. This vulnerability stems from buffer overflows in the meshnodeconfig and domiainblkconfig modules, which may allow fo...

PT-2026-20863

Name of the Vulnerable Software and Affected Versions CDATA FD614GS3-R850 version 3.2.7 P161006 Build.0333.250211 Description A buffer overflow issue exists in CDATA FD614GS3-R850 version 3.2.7 P161006 Build.0333.250211. This flaw allows an attacker to potentially execute arbitrary code by...

Notepad++ 代码问题漏洞

Notepad++ is an open-source plain-text editor developed by Don Ho of Taiwan, China. Versions of Notepad++ prior to 8.9.2 had a code vulnerability; this vulnerability stemmed from the use of an absolute executable path when launching the Windows Explorer, which could lead to arbitrary code executi...

CVE-2025-69674

Buffer Overflow vulnerability in CDATA FD614GS3-R850 V3.2.7P161006 Build.0333.250211 allows an attacker to execute arbitrary code via the nodemac, nodeopt, optparam, and domainblk parameters of the meshnodeconfig and domiainblkconfig modules...