8279 matches found
CVE-2026-44279
A improper export of android application components vulnerability in Fortinet FortiTokenAndroid 6.2 all versions, FortiTokenAndroid 6.1 all versions, FortiTokenAndroid 5.2 all versions may allow attacker to improper access control via...
CVE-2026-33839 Win32k Elevation of Privilege Vulnerability
...
CVE-2026-44279
A improper export of android application components vulnerability in Fortinet FortiTokenAndroid 6.2 all versions, FortiTokenAndroid 6.1 all versions, FortiTokenAndroid 5.2 all versions may allow attacker to improper access control via...
CVE-2026-44279
CVE-2026-44279 concerns an improper export of Android app components in Fortinet FortiTokenAndroid across versions 6.2, 6.1, and 5.2. The issue enables improper access control via an unspecified attack vector, with a CVSS v3.1 base score of 5.5 (Medium) and a LOCAL attack vector requiring LOW pri...
CVE-2026-44279
A improper export of android application components vulnerability in Fortinet FortiTokenAndroid 6.2 all versions, FortiTokenAndroid 6.1 all versions, FortiTokenAndroid 5.2 all versions may allow attacker to improper access control via...
May 12, 2026—KB5089548 (OS Build 28000.2113)
May 12, 2026—KB5089548 OS Build 28000.2113 This cumulative update for Windows 11, version 26H1 KB5089548 includes the latest security fixes and improvements, along with non-security updates from last month's optional preview release. Visit the Windows release health dashboard for the latest...
Malicious code in mimecast-web-components (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 31248312aa36cca999d7f40ba478d484be495b350e0858850baf3a9a6bf15630 The OpenSSF Package Analysis project identified 'mimecast-web-components' @ 2.0.0 npm as malicious. It is considered malicious because: - The...
MAL-2026-3618 Malicious code in mimecast-web-components (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 31248312aa36cca999d7f40ba478d484be495b350e0858850baf3a9a6bf15630 The OpenSSF Package Analysis project identified 'mimecast-web-components' @ 2.0.0 npm as malicious. It is considered malicious because: - The...
Security Bulletin: Content Manager Enterprise Edition for June 2026 - Multiple CVEs
Summary Content Manager Enterprise Edition is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2026-342...
Malicious code in @tallyui/components (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4d8c00e97e1db6523971d72b66f9fd535aebe26956574db7d6a78797a37be9b9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-3514 Malicious code in @tallyui/components (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4d8c00e97e1db6523971d72b66f9fd535aebe26956574db7d6a78797a37be9b9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
@alivault/pico (>=0.1.0 <=0.1.2), @ardeora/start-devtools (>=1.0.0 <=1.0.1) +121 more potentially affected by unknown CVE via @tanstack/start-storage-context (>=1.121.0-alpha.28 <=1.166.4)
@tanstack/start-storage-context NPM version =1.121.0-alpha.28, =0.1.0, =1.0.0, =0.0.1, =0.5.2, =0.1.1, =0.0.4, =1.0.0, =0.2.0, =0.2.0, =0.1.1, =0.2.0, =0.2.0, =0.1.14, =0.1.0, =0.1.38 and more Source cves: unknown CVE Source advisory: OSV:MAL-2026-3492...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a resource management vulnerability. This vulnerability stemmed from the reuse of Core components after their release, which could allow remote attackers with access to the renderin...
PT-2026-40267
A improper export of android application components vulnerability in Fortinet FortiTokenAndroid 6.2 all versions, FortiTokenAndroid 6.1 all versions, FortiTokenAndroid 5.2 all versions may allow attacker to improper access control via...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a resource management vulnerability. This vulnerability stemmed from the issue of reusing Input components after they were released, which could allow remote attackers who have...
Adobe Commerce 安全漏洞
Adobe Commerce is a leading global digital business solution for businesses and brands offered by Adobe in the United States. There is a security vulnerability in Adobe Commerce, which stems from reliance on vulnerable third-party components. This vulnerability may cause the application to become...
PT-2026-40372
SQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with administrative privileges could exploit these vulnerabilities by injecting crafted input into...
Adobe Commerce 安全漏洞
Adobe Commerce is a leading global digital business solution for businesses and brands offered by Adobe in the United States. There is a security vulnerability in Adobe Commerce, which stems from reliance on vulnerable third-party components, potentially causing application denial-of-service...
Fortinet FortiTokenAndroid 安全漏洞
Fortinet FortiTokenAndroid is a mobile security authentication application developed by Fortinet, Inc. It provides two-factor authentication and dynamic password generation features. There are security vulnerabilities in all versions of Fortinet FortiTokenAndroid, including 6.2, 6.1, and 5.2. The...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a resource management vulnerability. This vulnerability stemmed from the reuse of Accessibility components after they were released, which could allow a remote attacker with access ...