PT-2026-26453

Name of the Vulnerable Software and Affected Versions Spring Security versions 4.0.0 through 4.0.3 Spring Security versions 3.5.0 through 3.5.11 Spring Security versions 3.4.0 through 3.4.14 Spring Security versions 3.3.0 through 3.3.17 Spring Security versions 2.7.0 through 2.7.31 Description...

VMware Spring Boot 安全漏洞

VMware Spring Boot is an open-source framework developed by VMware, a US-based company. Versions of VMware Spring Boot prior to 4.0.3, 3.5.11, and 3.4.15 contained security vulnerabilities. These vulnerabilities stemmed from applications that required authentication when specific paths were...

ROS-20260319-73-0016

A vulnerability in the Grub2 operating system boot loader is related to the dereferencing of an expired pointer. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260319-73-0017

A vulnerability in the normalexit function of the Grub2 operating system boot loader is related to the dereferencing of an expired pointer. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260319-73-0018

A vulnerability in the Grub2 operating system boot loader is related to incorrect buffer size calculation when processing received packets. Exploitation of the vulnerability may allow an attacker to cause a denial of service...

ROS-20260319-73-0019

A vulnerability in the gettext module of the Grub2 operating systems boot loader is related to the ability to use memory after release. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260319-73-0015

A vulnerability in the Grub2 operating system boot loader is related to the dereferencing of an expired pointer. Exploitation of the vulnerability could allow an attacker to cause a denial of service and gain unauthorized access to the system...

com.github.wnameless.spring.boot.up:spring-boot-up-embedded-keycloak (=24.3.0.0), com.github.wnameless.spring.boot.up:spring-boot-up-keycloak-plugin (=24.3.0.0) +71 more potentially affected by CVE-2026-2575 via org.keycloak:keycloak-saml-core (>=1.2.0.CR1 <=26.5.3)

org.keycloak:keycloak-saml-core MAVEN version =1.2.0.CR1, =2.5.6-24.0, =1.0.0-25.0, =0.1.0, =2.1, =8.1, =2.1, =26.3.0, =26.1.0, =26.4.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.5.3 and more Source cves: CVE-2026-2575https://vulners.com/cve/CVE-20...

CVE-2026-32606

CVE-2026-32606 affects IncusOS (immutable OS image) where, prior to 202603142010, systemd-cryptenroll TPM-based LUKS key release can occur if PCR7/PCR11 conditions are met, allowing physical attackers to substitute the root partition, boot with a recovery key, and retrieve the LUKS master key via...

CVE-2026-32606 IncusOS has a LUKS encryption bypass due to insufficient TPM policy

IncusOS is an immutable OS image dedicated to running Incus. Prior to 202603142010, the default configuration of systemd-cryptenroll as used by IncusOS through mkosi allows for an attacker with physical access to the machine to access the encrypted data without requiring any interaction by the...

CVE-2026-32606 IncusOS has a LUKS encryption bypass due to insufficient TPM policy

IncusOS is an immutable OS image dedicated to running Incus. Prior to 202603142010, the default configuration of systemd-cryptenroll as used by IncusOS through mkosi allows for an attacker with physical access to the machine to access the encrypted data without requiring any interaction by the...

CVE-2026-32606

IncusOS is an immutable OS image dedicated to running Incus. Prior to 202603142010, the default configuration of systemd-cryptenroll as used by IncusOS through mkosi allows for an attacker with physical access to the machine to access the encrypted data without requiring any interaction by the...

CVE-2026-32606 IncusOS has a LUKS encryption bypass due to insufficient TPM policy

IncusOS is an immutable OS image dedicated to running Incus. Prior to 202603142010, the default configuration of systemd-cryptenroll as used by IncusOS through mkosi allows for an attacker with physical access to the machine to access the encrypted data without requiring any interaction by the...

ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.charlyghislain.keycloak:keycloak-importexport (>=21.0.0 <=23.0.1) +135 more potentially affected by CVE-2026-2092 via org.keycloak:keycloak-services (>=1.0-alpha-1 <=26.2.1)

org.keycloak:keycloak-services MAVEN version =1.0-alpha-1, =0.1.0, =21.0.0, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.0.1, =1.0.2 - com.kleegroup.accelerator:accelerator-security-keycloakmfa =1.0.1 and more Source cves: CVE-2026-2092 Source advisory:...

From Misconfigured Spring Boot Actuator to SharePoint Exfiltration: How Stolen Credentials Bypass MFA

Not every cloud breach starts with malware or a zero-day. In this incident, attackers discovered an exposed Spring Boot Actuator endpoint, harvested credentials from leaked configuration data, then used the OAuth2 Resource Owner Password Credentials ROPC flow to authenticate without MFA...

grub2 security update

2.06-114.0.1.el97.1 - Update grub2 dependencies to match new Secure Boot certificate chain of trust Orabug: 37766761 - Fix typo in SBAT metadata Orabug: 37693946 - Allow installation of grub2 only with shim-aa64 that allows booting it Orabug: 37693946 - net/dns: Fix removal of DNS server Orabug:...

RHEL 9 : grub2 (RHSA-2026:4823)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:4823 advisory. The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a highly configurable and customizable boot loader with modular...

EUVD-2026-12604

The GL-iNet Comet GL-RM1 KVM connects to a GL-iNet site during boot-up to provision client and CA certificates. The GL-RM1 does not verify certificates used for this connection, allowing an attacker-in-the-middle to serve invalid client and CA certificates. The GL-RM1 will attempt to use the...

grub2: Missing unregister call for gettext command may lead to use-after-free

A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command remains registered in memory after its module is unloaded. An attacker can exploit this condition by invoking the orphaned command, causing the applicati...

CVE-2026-32293

The GL-iNet Comet GL-RM1 KVM connects to a GL-iNet site during boot-up to provision client and CA certificates. The GL-RM1 does not verify certificates used for this connection, allowing an attacker-in-the-middle to serve invalid client and CA certificates. The GL-RM1 will attempt to use the...