CVE-2026-5201

A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper validation of color component counts when processing a specially crafted JPEG image. A remote attacker can exploit this flaw without user interaction, for...

5G Puppeteer: Chaining Hidden Command and Control Channels in 5G Core Networks

Mobile networks are essential for modern societies. The most recent generation of mobile networks will be even more ubiquitous than previous ones. Therefore, the security of these networks as part of the critical infrastructure with essential communication services is of the uttermost importance...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 146.0.7680.178 contained a security vulnerability. This vulnerability stemmed from the reuse of Dawn components after their release, which could allow remote attackers to execute arbitrary code through a...

EUVD-2026-17064

An unauthenticated remote attacker can exploit insufficient input validation to access backend components beyond their intended scope via path traversal, resulting in exposure of sensitive information...

CVE-2026-2328

An unauthenticated remote attacker can exploit insufficient input validation to access backend components beyond their intended scope via path traversal, resulting in exposure of sensitive information...

AlmaLinux 10 : firefox (ALSA-2026:5931)

The remote AlmaLinux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:5931 advisory. firefox: thunderbird: Use-after-free in the JavaScript Engine component CVE-2026-4701 firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.3...

CVE-2026-20993

Improper export of android application components in Samsung Assistant prior to version 9.3.10.7 allows local attacker to access saved information...

CVE-2026-20990

Improper export of android application components in Secure Folder prior to SMR Mar-2026 Release 1 allows local attackers to launch arbitrary activity with Secure Folder privilege...

Security Bulletin: IBM Operational Decision Manager for March 2026 - Multiple CVEs addressed

Summary IBM Operational Decision Manager is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-41254...

Malicious Package

Overview cr-static-shared-components is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

On the Vulnerability of Deep Automatic Modulation Classifiers to Explainable Backdoor Threats

Deep learning DL has been widely studied for assisting applications of modern wireless communications. One of the applications is automatic modulation classification AMC. However, DL models are found to be vulnerable to adversarial machine learning AML threats. One of the most persistent and...

PT-2026-28302

Name of the Vulnerable Software and Affected Versions HCL Aftermarket DPC affected versions not specified Description The application is susceptible to exploitation due to the use of vulnerable or outdated versions of software components. An attacker may leverage publicly available exploits to...

Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55182 RSC lab intentionally vulnerable Local Doc...

RHSA-2026:5578 Red Hat Security Advisory: virt:rhel and virt-devel:rhel security update

Bulletin has no description...

Maintenance update for Multi-Linux Manager 5.0: Server, Proxy and Retail Branch Server

Description: This update fixes the following issues: branch-network-formula: Update to version 1.1.0 Enable containers on SLE15SP7 Exclude podman interfaces from sysctl setting cobbler: Compatibility fixes for tftpboot directory setup inter-server-sync: Version 0.3.10-0 Write log to a rotated fil...

Security Bulletin: The Network Threat Analytics App for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. Network Threat Analytics App for IBM QRadar SIEM has addressed the applicable CVEs in an update. Vulnerability Details CVEID:CVE-2023-2454 DESCRIPTION:...

Malicious code in customerdigital-ui-components-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 70a8c957edf16da956a7859c7a0e1d8accbe84824b88f1f19f70a01acd07b729 The package customerdigital-ui-components-lib was found to contain malicious code. Source: ghsa-malware...

Malicious Package

Overview customerdigital-ui-components-lib is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and...

MAL-2026-2125 Malicious code in customerdigital-ui-components-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 70a8c957edf16da956a7859c7a0e1d8accbe84824b88f1f19f70a01acd07b729 The package customerdigital-ui-components-lib was found to contain malicious code. Source: ghsa-malware...

MAL-2026-2223 Malicious code in cr-static-shared-components (npm)

Malicious package due to code obfuscation, dynamic module loading, suspicious email, and arbitrary code execution during installation. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8fcc8531926534d3d87af7c173bfaba5f563bdbbc6ae8293de0150a0f00ba205 The package...