Exposure of Sensitive System Information to an Unauthorized Control Sphere

Overview Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere via the debug functions, due to unprotected /config partition. An attacker can gain unauthorized access to debugging functions without triggering the measured bo...

GO-2026-4428 EVE's Debug Functions Unlockable Without Triggering Measured Boot in github.com/lf-edge/eve

EVE's Debug Functions Unlockable Without Triggering Measured Boot in github.com/lf-edge/eve...

SUSE CVE-2026-23043

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix NULL pointer dereference in doabortlogreplay Coverity reported a NULL pointer dereference issue CID 1666756 in doabortlogreplay. When btrfsallocpath fails in replayonebuffer, wc-subvolpath is NULL, but...

PT-2026-6530

EVE's Debug Functions Unlockable Without Triggering Measured Boot in github.com/lf-edge/eve...

openSUSE 16 : Recommended update for gimp (SUSE-SU-openSUSE-RU-2026:20168-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-openSUSE-RU-2026:20168-1 advisory. Changes in gimp: - Update to 3.0.8 - Font Loading Performance - Improvements in start-up time for users with a large number of fonts was...

GHSA-4C4V-42HC-72P6 EVE's Debug Functions Unlockable Without Triggering Measured Boot

Impact On boot, Pillar checks for /config/GlobalConfig/global.json and overrides system configuration if present. This allows enabling debug functions like SSH debug.enable.ssh, USB keyboard debug.enable.usb, and VNC access app.allow.vnc without triggering the measured boot. Thus, a user with...

EVE's Debug Functions Unlockable Without Triggering Measured Boot

Impact On boot, Pillar checks for /config/GlobalConfig/global.json and overrides system configuration if present. This allows enabling debug functions like SSH debug.enable.ssh, USB keyboard debug.enable.usb, and VNC access app.allow.vnc without triggering the measured boot. Thus, a user with...

EUVD-2023-48033

EVE's Debug Functions Unlockable Without Triggering Measured Boot...

CVE-2026-25511 Group-Office is vulnerable to SSRF and File Read in WOPI service discovery

Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.150, 25.0.82, and 26.0.5, an authenticated user within the System Administrator group can trigger a full SSRF via the WOPI service discovery URL, including access to internal hosts/ports. The...

VICIdial Sensitive Information Disclosure

VICIdial's Web Client is susceptible to information disclosure because it contains many sensitive files that can be accessed from the client side. These files contain mysqli logs, auth logs, debug information, successful and unsuccessful login attempts with their corresponding IP's, User-Agents,...

GO-2026-4334 Fleet has an Access Control vulnerability in debug/pprof endpoints in github.com/fleetdm/fleet

Fleet has an Access Control vulnerability in debug/pprof endpoints in github.com/fleetdm/fleet...

CVE-2026-1741

A vulnerability was determined in EFM ipTIME A8004T 14.18.2. Affected is the function httpconchecksessionurl of the file /sess-bin/d.cgi of the component Debug Interface. This manipulation of the argument cmd causes backdoor. It is possible to initiate the attack remotely. The complexity of an...

PT-2026-6509

Fleet has an Access Control vulnerability in debug/pprof endpoints in github.com/fleetdm/fleet...

CLSA-2026-1770040438 kernel: Fix of 14 CVEs

efivarfs: Fix slab-out-of-bounds in efivarfsdcompare CVE-2025-39817 - scsi: ses: Fix possible descptr out-of-bounds accesses CVE-2023-53675 - ipv6: Fix out-of-bounds access in ipv6findtlv CVE-2023-53705 - libceph: fix potential use-after-free in havemonandosdmap CVE-2025-68285 - scsi: lpfc: Fix...

CVE-2026-1741

A vulnerability was determined in EFM ipTIME A8004T 14.18.2. Affected is the function httpconchecksessionurl of the file /sess-bin/d.cgi of the component Debug Interface. This manipulation of the argument cmd causes backdoor. It is possible to initiate the attack remotely. The complexity of an...

CVE-2026-1741

A vulnerability was determined in EFM ipTIME A8004T 14.18.2. Affected is the function httpconchecksessionurl of the file /sess-bin/d.cgi of the component Debug Interface. This manipulation of the argument cmd causes backdoor. It is possible to initiate the attack remotely. The complexity of an...

CVE-2026-1741

A vulnerability was determined in EFM ipTIME A8004T 14.18.2. Affected is the function httpconchecksessionurl of the file /sess-bin/d.cgi of the component Debug Interface. This manipulation of the argument cmd causes backdoor. It is possible to initiate the attack remotely. The complexity of an...

CVE-2026-1741 EFM ipTIME A8004T Debug d.cgi httpcon_check_session_url backdoor

A vulnerability was determined in EFM ipTIME A8004T 14.18.2. Affected is the function httpconchecksessionurl of the file /sess-bin/d.cgi of the component Debug Interface. This manipulation of the argument cmd causes backdoor. It is possible to initiate the attack remotely. The complexity of an...

CVE-2026-1741 EFM ipTIME A8004T Debug d.cgi httpcon_check_session_url backdoor

A vulnerability was determined in EFM ipTIME A8004T 14.18.2. Affected is the function httpconchecksessionurl of the file /sess-bin/d.cgi of the component Debug Interface. This manipulation of the argument cmd causes backdoor. It is possible to initiate the attack remotely. The complexity of an...

CVE-2026-1741

The following sources document CVE-2026-1741 affecting EFM ipTIME A8004T 14.18.2. The vulnerability concerns the Debug Interface component, specifically the httpcon_check_session_url function in /sess-bin/d.cgi. The described flaw allows manipulation of the cmd argument to trigger a backdoor, wit...