CVE-2026-44579

Next.js vulnerability CVE-2026-44579 affects Next.js releases prior to 15.5.16 and 16.2.5 where Partial Prerendering via Cache Components can cause a connection-exhaustion DoS through crafted POST requests to a server action. A malicious request may trigger a request-body handling deadlock, leavi...

CVE-2026-44576

CVE-2026-44576 affects Next.js (React Server Components). In affected versions 14.2.0 to before 15.5.16 and 16.2.5, shared caches that do not properly partition response variants can poison the cache by serving an RSC response from the original URL, causing subsequent visitors to receive componen...

CVE-2026-44576 Next.js: Cache poisoning in React Server Component responses

Next.js is a React framework for building full-stack web applications. From 14.2.0 to before 15.5.16 and 16.2.5, applications using React Server Components can be vulnerable to cache poisoning when shared caches do not correctly partition response variants. Under affected conditions, an attacker...

CVE-2026-44576 Next.js: Cache poisoning in React Server Component responses

Next.js is a React framework for building full-stack web applications. From 14.2.0 to before 15.5.16 and 16.2.5, applications using React Server Components can be vulnerable to cache poisoning when shared caches do not correctly partition response variants. Under affected conditions, an attacker...

CVE-2026-44576

Next.js is a React framework for building full-stack web applications. From 14.2.0 to before 15.5.16 and 16.2.5, applications using React Server Components can be vulnerable to cache poisoning when shared caches do not correctly partition response variants. Under affected conditions, an attacker...

CVE-2026-21020

Improper export of android application components in OmaCP prior to SMR May-2026 Release 1 allows local attackers to trigger privileged functions...

CVE-2026-21020

Improper export of android application components in OmaCP prior to SMR May-2026 Release 1 allows local attackers to trigger privileged functions...

CVE-2026-21020

The CVE-2026-21020 issue relates to OmaCP (Android) where improper export of Android application components allows local attackers to trigger privileged functions. Affected component: OmaCP prior to SMR May-2026 Release 1. Root cause is improper export of components that exposes privileged functi...

CVE-2026-21020

Improper export of android application components in OmaCP prior to SMR May-2026 Release 1 allows local attackers to trigger privileged functions...

CVE-2026-21020

Improper export of android application components in OmaCP prior to SMR May-2026 Release 1 allows local attackers to trigger privileged functions...

Next.js 安全漏洞

Next.js is a React framework open source by Vercel. Versions of Next.js prior to 15.5.16 and 16.2.5 have a security vulnerability. This vulnerability arises from using the Partial Prerendering feature of Cache Components. A specially crafted POST request to the server can lead to connection...

Next.js 安全漏洞

Next.js is a React framework open source by Vercel. Versions of Next.js from 14.2.0 to 15.5.16, as well as versions before 16.2.5, have security vulnerabilities. These vulnerabilities stem from improperly partitioning response variants when using React Server Components, which can lead to cache...

PT-2026-40799

The HCL BigFix SCM Reporting site contains an outdated and unsupported version of the jQuery 1.x library. Since jQuery 1.x has reached end-of-life and no longer receives security updates, it may expose the application to publicly known security weaknesses and increase the risk of client-side...

PT-2026-40572

Improper export of android application components in OmaCP prior to SMR May-2026 Release 1 allows local attackers to trigger privileged functions...

HCL BigFix SCM Reporting 安全漏洞

HCL BigFix SCM Reporting is a security configuration management reporting component developed by the Indian company HCL. HCL BigFix SCM Reporting has a security vulnerability that stems from the use of outdated and unsupported jQuery 1.x libraries. This vulnerability may increase the risk of...

EUVD-2026-29805

Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these vulnerabilities by sending...

EUVD-2026-29810

SQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with administrative privileges could exploit these vulnerabilities by injecting crafted input into...

Microsoft and Adobe Patch Tuesday, May 2026 Security Update Review

May 2026's Patch Tuesday arrives with Microsoft addressing a fresh set of vulnerabilities across its ecosystem, reinforcing the ongoing need for timely patching in an increasingly threat-heavy landscape. Here's a quick breakdown of what you need to know. Microsoft Patch Tuesday for May 2026 This...

CVE-2026-44855

Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these vulnerabilities by sending...

EUVD-2026-29731

A improper export of android application components vulnerability in Fortinet FortiTokenAndroid 6.2 all versions, FortiTokenAndroid 6.1 all versions, FortiTokenAndroid 5.2 all versions may allow attacker to improper access control via...