CVE-2026-0409 Netgear Orbi 370 Series Remote Code Execution vulnerability

A NETGEAR security issue that could allow an attacker with ability to intercept and tamper with traffic between the router and the Internet to run commands on your device when the device administrator performs certain specific management actions. This issue affects NETGEAR Orbi 370 series devices...

CVE-2026-0409 Netgear Orbi 370 Series Remote Code Execution vulnerability

A NETGEAR security issue that could allow an attacker with ability to intercept and tamper with traffic between the router and the Internet to run commands on your device when the device administrator performs certain specific management actions. This issue affects NETGEAR Orbi 370 series devices...

Exploit for Stack-based Buffer Overflow in Microsoft

CVE-2026-41089 !TIP If the setup does not start, add t...

USN-8411-1 node-lodash vulnerabilities

It was discovered that Lodash was vulnerable to a prototype pollution issue in the zipObjectDeep function. An attacker could possibly use this issue to modify application behavior. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. CVE-2020-8203 Liyuan Chen discovered that Lodash was...

USN-8411-1: Lodash vulnerabilities

It was discovered that Lodash was vulnerable to a prototype pollution issue in the zipObjectDeep function. An attacker could possibly use this issue to modify application behavior. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. CVE-2020-8203 Liyuan Chen discovered that Lodash was...

firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.10.1 and Firefox 150.0.1

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Thunderbird ESR 140.10.0 and Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort som...

firefox: thunderbird: Memory safety bugs fixed in Thunderbird ESR 140.10.1 and Thunderbird 150.0.1

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Thunderbird ESR 140.10.0 and Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort som...

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by a remote code execution vulnerability (CVE-2026-9311, CVE-2026-9330)

Summary IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by a remote code execution. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products and Versions|...

CVE-2026-9279

Logseq exposes an IPC handler that allows the renderer process to execute shell commands. While an allowlist restricts the command name e.g. git, pandoc, grep, the argument string is concatenated with the command and passed to childprocess.spawn with the shell: true option, allowing shell...

Exploit for Stack-based Buffer Overflow in Microsoft

CVE-2026-41089 !TIP If the setup does not start, add t...

CVE-2026-10520

An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated user to achieve root-level remote code execution...

CVE-2026-10520

Ivanti Sentry (formerly MobileIron Sentry) is affected by CVE-2026-10520, an OS Command Injection vulnerability that allows an unauthenticated remote attacker to execute arbitrary commands as root. The issue resides in the ConfigServiceController via the unauthenticated POST to /mics/api/v2/sentr...

Description of the security update for Office 2016: June 9, 2026 (KB5002852)

Description of the security update for Office 2016: June 9, 2026 KB5002852 Summary This security update resolves a Microsoft Office Remote Code Executionvulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2026-45645. Note: To apply this...

Description of the security update for SharePoint Server Subscription Edition: June 9, 2026 (KB5002873)

Description of the security update for SharePoint Server Subscription Edition: June 9, 2026 KB5002873 Summary Important: If you're currently running SharePoint Workflow Manager, you must install SharePoint Workflow Manager KB5002799 to your farm before you install this cumulative update. If you'r...

Description of the security update for Office Online Server: June 9, 2026 (KB5002875)

Description of the security update for Office Online Server: June 9, 2026 KB5002875 Summary This security update resolves Microsoft Excel remote code execution vulnerability and Microsoft Excel Information Disclosure vulnerability. To learn more about the vulnerabilities, see the following securi...

Description of the security update for Office 2016: June 9, 2026 (KB5002878)

Description of the security update for Office 2016: June 9, 2026 KB5002878 Summary This security update resolves a Microsoft Office remote code execution vulnerability, Microsoft Office Information Disclosure Vulnerability. To learn more about the vulnerability, see the following security...

Description of the security update for Excel 2016: June 9, 2026 (KB5002877)

Description of the security update for Excel 2016: June 9, 2026 KB5002877 Summary This security update resolves Microsoft Excel remote code execution vulnerability and Microsoft Excel Information Disclosure vulnerability. To learn more about the vulnerabilities, see the following security...

Description of the security update for Word 2016: June 9, 2026 (KB5002879)

Description of the security update for Word 2016: June 9, 2026 KB5002879 Summary This security update resolves a Microsoft Outlook and Word Remote Code Execution vulnerability and Microsoft Word Remote Code Execution vulnerability. To learn more about the vulnerabilities, see the following securi...

Remote Desktop Client Remote Code Execution Vulnerability

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network...

Windows Graphics Component Remote Code Execution Vulnerability

Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally...