Exploit for Improper Handling of Length Parameter Inconsistency in Linux Linux_Kernel

CVE-2026-31635...

DirtyDecrypt PoC Released for Linux Kernel CVE-2026-31635 LPE Vulnerability

Proof-of-concept PoC exploit code has now been released for a recently patched security flaw in the Linux kernel that could allow for local privilege escalation LPE. Dubbed DirtyDecrypt aka DirtyCBC, the vulnerability was discovered and reported by the Zellic and V12 security team on May 9, 2026,...

CVE-2026-31635

creationtimestamp| type| source ---|---|--- 2026-04-28 07:00:07+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mkjz5zurue2n 2026-05-17 13:37:26+00:00| seen| https://bsky.app/profile/wdormann.infosec.exchange.ap.brid.gy/post/3mm2i7sitqdt2 2026-05-18 02:30:46+00:00| seen|...

UBUNTU-CVE-2026-31635

In the Linux kernel, the following vulnerability has been resolved: rxrpc: fix oversized RESPONSE authenticator length check rxgkverifyresponse decodes authlen from the packet and is supposed to verify that it fits in the remaining bytes. The existing check is inverted, so oversized RESPONSE...

CVE-2025-31635

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in LambertGroup CLEVER lbg-audio11-html5-shoutcasthistory allows Path Traversal.This issue affects CLEVER: from n/a through = 2.6.2...

CVE-2025-31635

creationtimestamp| type| source ---|---|--- 2025-06-09 18:11:18+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/17731...

CVE-2025-31635

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in LambertGroup CLEVER lbg-audio11-html5-shoutcasthistory allows Path Traversal.This issue affects CLEVER: from n/a through = 2.6...

CVE-2025-31635 WordPress CLEVER <= 2.6 - Arbitrary File Download Vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in LambertGroup CLEVER allows Path Traversal. This issue affects CLEVER: from n/a through 2.6...

CVE-2025-31635 WordPress CLEVER plugin <= 2.6 - Arbitrary File Download Vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in LambertGroup CLEVER lbg-audio11-html5-shoutcasthistory allows Path Traversal.This issue affects CLEVER: from n/a through = 2.6...

CVE-2025-31635

CVE-2025-31635: WordPress CLEVER plugin ≤ 2.6 contains an unauthenticated path traversal vulnerability enabling arbitrary file download. The issue stems from improper pathname handling in the CLEVER plugin, allowing access to restricted files. Public references corroborate affected versions as “n...

WordPress CLEVER plugin <= 2.6 - Arbitrary File Download Vulnerability

Arbitrary File Download Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Plugin CLEVER versions = 2.6...

CVE-2022-31635

Potential time-of-check to time-of-use TOCTOU vulnerabilities have been identified in the BIOS for certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure...

CVE-2021-31635

Server-Side Template Injection SSTI vulnerability in jFinal v.4.9.08 allows a remote attacker to execute arbitrary code via the template function...

cc.ecore:spring-jfinal (=0.0.1), cc.ecore:spring-jfinal-plugin (>=0.1.0 <=0.1.2) +162 more potentially affected by CVE-2021-31635 via com.jfinal:jfinal (>=1.4 <=4.9.08)

com.jfinal:jfinal MAVEN version =1.4, =0.1.0, =0.1.1, =1.0.0, =1.0, =3.30.7-RELEASE, =0.0.8, =0.0.8, =0.0.8, =1.29.1.trial, =1.29.1.trial, =1.45.0 - cn.dreampie:jfinal-akka =0.1 - cn.dreampie:jfinal-captcha =0.1 and more Source cves: CVE-2021-31635 Source advisory: OSV:GHSA-CGMM-C2M9-FF7R...

CVE-2021-31635

Server-Side Template Injection SSTI vulnerability in jFinal v.4.9.08 allows a remote attacker to execute arbitrary code via the template function...

CVE-2021-31635

CVE-2021-31635 : JFinal v4.9.08 contains a Server-Side Template Injection (SSTI) flaw in the template function that allows remote code execution. The NVD entry assigns a critical 9.8 base score (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). Public references and distributor entries (Red Hat, Veracode, GH...

CVE-2022-31635

creationtimestamp| type| source ---|---|--- 2023-06-13 20:20:07+00:00| seen| Telegram/KAvcN9yvmPYv7RNjIiqEwnIPiAvKONtWCRBsQaIBaQx1l6Y...

CVE-2022-31635

Potential time-of-check to time-of-use TOCTOU vulnerabilities have been identified in the BIOS for certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure...

CVE-2022-31635

Potential time-of-check to time-of-use TOCTOU vulnerabilities have been identified in the BIOS for certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure...

CVE-2022-31635

CVE-2022-31635 concerns TOCTOU vulnerabilities in the BIOS of certain HP PC products, potentially enabling arbitrary code execution, privilege escalation, denial of service, and information disclosure. The affected component is the HP PC BIOS, with impact described in public entries as high (loca...