EUVD-2026-23215

In rsync 3.0.1 through 3.4.1, receivexattr relies on an untrusted length value during a qsort call, leading to a receiver use-after-free. The victim must run rsync with -X aka --xattrs. On Linux, many but not all common configurations are vulnerable. Non-Linux platforms are more widely vulnerable...

CVE-2026-41035

In rsync 3.0.1 through 3.4.1, receivexattr relies on an untrusted length value during a qsort call, leading to a receiver use-after-free. The victim must run rsync with -X aka --xattrs. On Linux, many but not all common configurations are vulnerable. Non-Linux platforms are more widely vulnerable...

CVE-2026-33435

Weblate is a web based localization tool. In versions prior to 5.17, the project backup didn't filter Git and Mercurial configuration files which could lead to remote code execution under certain circumstances. This issue has been fixed in version 5.17. If developers are unable to update...

PT-2026-33019

The e-shot™ form builder plugin for WordPress is vulnerable to Missing Authorization in all versions up to and including 1.0.2. The eshot form builder update field data AJAX handler lacks any capability checks current user can or nonce verification check ajax referer/wp verify nonce. The function...

Weblate 安全漏洞

Weblate is an open-source, copyleft, web-based free software system for continuous localization. Versions of Weblate prior to 5.17 contained security vulnerabilities. These vulnerabilities stemmed from the project’s backup files containing unfiltered Git and Mercurial configuration files, which...

Evaluating Differential Privacy against Membership Inference in Federated Learning: Insights from the NIST Genomics Red Team Challenge

While Federated Learning FL mitigates direct data exposure, the resulting trained models remain susceptible to membership inference attacks MIAs. This paper presents an empirical evaluation of Differential Privacy DP as a defense mechanism against MIAs in FL, leveraging the environment of the 202...

DRC Central Data Recognition Central Office Services 安全漏洞

DRC Central Data Recognition Central Office Services is an educational assessment data management and processing service system provided by DRC Central in the United States. There is a security vulnerability in DRC Central Data Recognition Central Office Services, which stems from unauthorized...

ImageMagick 安全漏洞

ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It allows for reading, converting, and writing images in various formats. Versions of ImageMagick prior to 7.1.2-19 and 6.9.13-44 contained security vulnerabilities. These vulnerabilities stemmed...

PT-2026-32019

Name of the Vulnerable Software and Affected Versions Chamilo LMS versions prior to 1.11.38 Description Chamilo LMS is a learning management system. Authenticated users, including students, can write arbitrary content to files on the server through the BigUpload endpoint. The key parameter contro...

PraisonAI Vulnerable to OS Command Injection

The executecommand function and workflow shell execution are exposed to user-controlled input via agent workflows, YAML definitions, and LLM-generated tool calls, allowing attackers to inject arbitrary shell commands through shell metacharacters. --- Description PraisonAI's workflow system and...

NVIDIA Triton Inference Server 路径遍历漏洞

NVIDIA Triton Inference Server is an open-source software developed by NVIDIA Corporation. It helps standardize model deployment and provide fast, scalable AI capabilities in production environments. NVIDIA Triton Inference Server has a path traversal vulnerability. This vulnerability arises from...

Can Drift-Adaptive Malware Detectors Be Made Robust? Attacks and Defenses under White-Box and Black-Box Threats

Concept drift and adversarial evasion are two major challenges for deploying machine learning-based malware detectors. While both have been studied separately, their combination, the adversarial robustness of drift-adaptive detectors, remains unexplored. We address this problem with AdvDA, a rece...

SUSE CVE-2026-34386

Fleet is open source device management software. Prior to 4.81.0, a SQL injection vulnerability in Fleet's MDM bootstrap package configuration allows an authenticated user with Team Admin or Global Admin privileges to modify arbitrary team configurations, exfiltrate sensitive data from the Fleet...

LiteLLM 安全漏洞

LiteLLM is an open-source application developed by Berri AI. It allows for the invocation of all LLM APIs in the OpenAI format. Versions of LiteLLM prior to 1.83.0 contained a security vulnerability. This vulnerability stemmed from the lack of enforceable administrator role authorization for the...

Distribution 访问控制错误漏洞

Distribution is an open-source toolset developed by Distribution, used for packaging, transporting, storing, and delivering content. Versions of Distribution prior to 3.1.0 contained a access control vulnerability; this vulnerability stemmed from the possibility of restoring read access to the...

CVE-2017-20238

Hirschmann Industrial HiVision versions 06.0.00 and 07.0.00 prior to 06.0.06 and 07.0.01 contains an improper authorization vulnerability that allows read-only users to gain write access to managed devices by bypassing access control mechanisms. Attackers can exploit alternative interfaces such a...

CVE-2017-20238 Hirschmann Industrial HiVision Improper Authorization Privilege Escalation

Hirschmann Industrial HiVision versions 06.0.00 and 07.0.00 prior to 06.0.06 and 07.0.01 contains an improper authorization vulnerability that allows read-only users to gain write access to managed devices by bypassing access control mechanisms. Attackers can exploit alternative interfaces such a...

EUVD-2026-18792

Budibase: Server-Side Request Forgery via REST Connector with Empty Default Blacklist...

Exploit for Missing Authentication for Critical Function in Nginxui Nginx_Ui

CVE-2026-33032 Scanner Non-destructive vulnerability scanne...

CVE-2026-34382

Admidio is an open-source user management solution. From version 5.0.0 to before version 5.0.8, the delete mode handler in mylistfunction.php permanently deletes list configurations without validating a CSRF token. An attacker who can lure an authenticated user to a malicious page can silently...