CVE-2026-5398

creationtimestamp| type| source ---|---|--- 2026-04-22 04:26:44+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mk2nsadkcu2i 2026-04-22 17:24:29+00:00| seen| Telegram/GWv-rb7UfXBXuTinSPZbLsKECuSpybC90nlKZTm2UKU7Bs 2026-04-22 21:14:47+00:00| seen|...

CVE-2026-5398 Kernel use-after-free bug in the TIOCNOTTY handler

The implementation of TIOCNOTTY failed to clear a back-pointer from the structure representing the controlling terminal to the calling process' session. If the invoking process then exits, the terminal structure may end up containing a pointer to freed memory. A malicious process can abuse the...

MINI-5398-2VVF-8638

Bulletin has no description...

Mozilla Thunderbird < 45.8

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 45.8. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2017-07 advisory. - Mozilla developers and community members Boris Zbarsky, Christian Holler, Honza Bambas, Jon Coppeard,...

Mozilla Firefox ESR < 45.8

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 45.8. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2017-06 advisory. - Mozilla developers and community members Boris Zbarsky, Christian Holler, Honza Bambas, Jon Coppeard,...

Linux Distros Unpatched Vulnerability : CVE-2020-5398

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is vulnerable to a...

CVE-2025-5398

creationtimestamp| type| source ---|---|--- 2025-06-27 09:53:54+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/19683...

CVE-2025-5398

CVE-2025-5398 affects Ninja Forms – The Contact Form Builder That Grows With You (WordPress plugin). The CVE describes a Stored Cross-Site Scripting (CSTI) vulnerability due to insufficient output escaping in the templating engine, impacting all versions up to and including 3.10.2.1. Exploitation...

CVE-2025-5398 Ninja Forms <= 3.10.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via CSTI

The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the use of a templating engine in all versions up to, and including, 3.10.2.1 due to insufficient output escaping on user data passed through the template. This mak...

WordPress Ninja Forms plugin <= 3.10.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via CSTI vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via CSTI vulnerability discovered by Asaf Mozes in WordPress Plugin Ninja Forms versions = 3.10.2.1...

Oracle Siebel Server <= 21.1 (April 2021 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by a vulnerability as referenced in the April 2021 CPU advisory. - Vulnerability in the Siebel Engineering - Installer and Deployment product of Oracle Siebel CRM component: Siebel Approval Manager Spring Framework...

CVE-2024-5398

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

Honeywell Experion PKS, Experion LX, PlantCruise by Experion, Safety Manager, Safety Manager SC Binding to an Unrestricted IP Address (CVE-2023-5398)

Server receiving a malformed message based on a list of IPs resulting in heap corruption causing a denial of service. See Honeywell Security Notification for recommendations on upgrading and versioning. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-...

Debian DSA-5398-1 : chromium - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5398 advisory. - Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to bypass permission restrictions via a crafted HTML...

Vmware Spring Framework Remote Code Execution (CVE-2020-5398)

A remote code execution vulnerability exists in VMware Spring Framework. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Ubuntu 16.04 ESM / 18.04 LTS : Simple DirectMedia Layer vulnerability (USN-5398-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5398-1 advisory. It was discovered that SDL Simple DirectMedia Layer incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of...

Mageia: Security Advisory (MGASA-2017-0082)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2018-0018)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mozilla Firefox Security Advisory (MFSA2017-05) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

SUSE: Security Advisory (SUSE-SU-2017:0732-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...