CVE-2026-6936 IBM i is Affected by a Denial of Service Vulnerability []

IBM i 7.6, 7.5, 7.4, and 7.3 s vulnerable to a denial-of-service attack due to uncontrolled recursion in the Integrated Language Environment ILE compiler. An authenticated attacker could exploit this vulnerability by compiling specially crafted source code containing a specific combination of...

Security Bulletin: IBM i is Affected by a Denial of Service Vulnerability [CVE-2026-6936]

Summary IBM i is vulnerable to denial of service due to uncontrolled recurision in the Integrated Language Environment ILE compiler as described in the vulnerability details section. Vulnerability Details CVEID:CVE-2026-6936 DESCRIPTION: IBM i is vulnerable to a denial-of-service attack due to...

CVE-2025-53844

CVE-2025-53844 is an out-of-bounds write vulnerability in Fortinet FortiOS versions: 7.6.0–7.6.3, 7.4.0–7.4.8, and 7.2.0–7.2.11. The issue allows an attacker to execute unauthorized code or commands via specially crafted network packets, indicating a network-exposed attack surface with high impac...

Fortinet FortiMail SQL注入漏洞

Fortinet FortiMail is a suite of email security gateway products developed by the American company Fortinet. This product provides features such as email security protection and data protection. Versions 7.6.0 to 7.6.3, 7.4.0 to 7.4.5, and 7.2.0 to 7.2.8 of Fortinet FortiMail contain SQL injectio...

CVE-2026-2311 IBM i is affected by a privilege escalation vulnerability in Web Administration GUI []

IBM i 7.6, 7.5, 7.4, 7.3, and 7.2 s vulnerable to privilege escalation caused by an invalid IBM i Web Administration GUI authorization check. A malicious actor could cause user-controlled code to run with administrator privilege...

EUVD-2025-209450

A missing authentication for critical function vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiOS 6.4 all versions, FortiOS 6.2.9 through 6.2.17 allows attacker to execute unauthorized code or...

CVE-2026-21741

An URL Redirection to Untrusted Site 'Open Redirect' vulnerability CWE-601 vulnerability in Fortinet FortiNAC-F 7.6.0 through 7.6.5, FortiNAC-F 7.4 all versions, FortiNAC-F 7.2 all versions may allow a remote privileged attacker with system administrator role to redirect users to an arbitrary...

CVE-2026-22573

An improper limitation of a pathname to a restricted directory 'path traversal' vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5 all versions, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.3, FortiSOAR...

CVE-2026-22154

An improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.3,...

CVE-2026-1376

IBM i 7.6 could allow a remote attacker to cause a denial of service using failed authentication connections due to improper allocation of resources...

CVE-2026-24641

Fortinet FortiWeb contains a NULL pointer dereference (CWE-476) that can crash the HTTP daemon. Affected products/versions: FortiWeb 8.0.0–8.0.2; 7.6.0–7.6.6; 7.4 All; 7.2 All; 7.0 All. An authenticated attacker can trigger via crafted HTTP requests. Impact: Availability loss (LOW per CVSS 3.1), ...

CVE-2026-30897

A stack-based buffer overflow vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4.0 through 7.4.11, FortiWeb 7.2 all versions, FortiWeb 7.0 all versions may allow a remote authenticated attacker who can bypass stack protection and ASLR to execute...

CVE-2025-62439

An Improper Verification of Source of a Communication Channel vulnerability CWE-940 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.4, FortiOS 7.4.0 through 7.4.9, FortiOS 7.2 all versions, FortiOS 7.0 all versions may allow an authenticated user with knowledge of FSSO policy configurations t...

PT-2026-5865

Name of the Vulnerable Software and Affected Versions IBM Db2 Big SQL on Cloud Pak for Data versions 7.6 on CP4D 4.8 through 7.8 on CP4D 5.1 Description IBM Db2 Big SQL on Cloud Pak for Data does not properly limit the allocation of system resources. An authenticated user with internal knowledge ...

Oracle MySQL Cluster 8.0.x < 8.0.45 (January 2026 CPU)

The versions of MySQL Cluster installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2026 and April 2026 CPU advisories. - Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: General. Supported versions that are affected are...

EUVD-2026-3536

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics component: Oracle Analytics Cloud. Supported versions that are affected are 7.6.0.0.0 and 8.2.0.0.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure...

CVE-2025-25249

A heap-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiOS 6.4 all versions, FortiSwitchManager 7.2.0 through 7.2.6, FortiSwitchManager 7.0.0 through 7.0.5 allows attacker to...

CVE-2019-2601

Vulnerability in the BI Publisher formerly XML Publisher component of Oracle Fusion Middleware subcomponent: BI Publisher Security. Supported versions that are affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access v...

CVE-2025-36371 IBM i Information Disclosure

IBM i 7.2, 7.3, 7.4, 7.5, and 7.6 are impacted by obtaining an information vulnerability in the database plan cache implementation. A user with access to the database plan cache could see information they do not have authority to view...

CVE-2025-54972

An improper neutralization of crlf sequences 'crlf injection' vulnerability in Fortinet FortiMail 7.6.0 through 7.6.3, FortiMail 7.4.0 through 7.4.5, FortiMail 7.2 all versions, FortiMail 7.0 all versions may allow an attacker to inject headers in the response via convincing a user to click on a...