CVE-2026-7526

creationtimestamp| type| source ---|---|--- 2026-05-28 11:48:09+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmvxaoy22o2i...

GHSA-7526-J432-6PPP

creationtimestamp| type| source ---|---|--- 2026-04-07 19:34:12+00:00| seen| Telegram/RceOsMbVCcV6wQMI9eJfY-7gRIWU138I3ZVebAFZlOd7ZE...

MiracleLinux 9 : sudo-1.9.5p2-10.el9_3 (AXSA:2024-7526:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7526:02 advisory. The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged...

MiracleLinux 8 : firefox-115.14.0-2.el8_10.ML.1 (AXSA:2024-8694:28)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-8694:28 advisory. Firefox: 115.14/128.1 ESR mozilla: Fullscreen notification dialog can be obscured by document content CVE-2024-7518 mozilla: Out of bounds memory...

CVE-2025-7526

creationtimestamp| type| source ---|---|--- 2025-10-09 06:42:51+00:00| seen| https://gist.github.com/Darkcrai86/e4de5b628a4ab7595f2047bd089bd24d...

CVE-2025-7526

The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is vulnerable to arbitrary file deletion via renaming due to insufficient file path validation in the setuserprofileimage function in all versions up to, and including, 6.6.7. This makes it possible for...

WordPress WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin <= 6.6.7 - Authenticated (Subscriber+) Arbitrary File Deletion via File Renaming vulnerability

Authenticated Subscriber+ Arbitrary File Deletion via File Renaming vulnerability discovered by wesley wcraft in WordPress Plugin WP Travel Engine versions = 6.6.7...

MAL-2025-7526 Malicious code in @crabas0npm/repellat-eligendi-ea-quisquam (npm)

The package @crabas0npm/repellat-eligendi-ea-quisquam was found to contain malicious code...

CVE-2020-7526

Improper Input Validation vulnerability exists in PowerChute Business Edition software V9.0.x and earlier which could cause remote code execution when a script is executed during a shutdown event...

Ubuntu 24.10 / 25.04 : Bind vulnerability (USN-7526-1)

The remote Ubuntu 24.10 / 25.04 host has packages installed that are affected by a vulnerability as referenced in the USN-7526-1 advisory. It was discovered that Bind incorrectly handled certain DNS messages with invalid TSIG. A remote attacker could possibly use this issue to cause Bind to crash...

RLSA-2024:5402 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: Thunderbird: 115.14/128.1 mozilla: Fullscreen notification dialog can be obscured by document content CVE-2024-7518 mozilla: Out of bounds memory access in graphics shared memory handling CVE-2024-7519 mozilla: Type...

Linux Distros Unpatched Vulnerability : CVE-2017-7526

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libgcrypt before version 1.7.8 is vulnerable to a cache side-channel attack resulting into a complete break of RSA-1024 while using the left-to-right method for...

Mageia: Security Advisory (MGASA-2024-0334)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2024:3507-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : MozillaThunderbird (SUSE-SU-2024:3507-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3507-1 advisory. - Mozilla Thunderbird 128.2.3 MFSA 2024-43 bsc1229821 CVE-2024-8394: Crash when aborting...

SUSE-SU-2024:3507-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: - Mozilla Thunderbird 128.2.3 MFSA 2024-43 bsc1229821 CVE-2024-8394: Crash when aborting verification of OTR chat. CVE-2024-8385: WASM type confusion involving ArrayTypes. CVE-2024-8381: Type confusion when looking up a property name ...

Oracle Linux 7 : firefox (ELSA-2024-5324)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-5324 advisory. 115.12.0-1.0.3 - Security fixes Orabug: 36904311Orabug: 36948200CVE-2024-6601 CVE-2024-6603CVE-2024-6604CVE-2024-7519CVE-2024-7520CVE-2024-7521...

Ubuntu: Security Advisory (USN-6995-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2024:3112-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2024:3112-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: - Mozilla Thunderbird 115.14 fixed: When using an external installation of GnuPG, Thunderbird occassionally sent/received corrupted messages fixed: Users of external GnuPG were unable to decrypt incorrectly encoded messages bmo1906903...