CVE-2026-42591

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, the LibreOffice conversion endpoint /forms/libreoffice/convert passes uploaded documents directly to LibreOffice without inspecting their content. LibreOffice then fetches any embedded external URLs on its own, completely...

Linux Distros Unpatched Vulnerability : CVE-2026-43826

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The OpenSearch logging provider, when configured with a host URL that embeds credentials for example https://user:[email protected]:9200, wrote the fu...

EUVD-2026-30002

When embedded Packet Velocity Acceleration ePVA acceleration is configured, undisclosed local ethernet traffic can cause an increase in ePVA and Traffic Management Microkernel TMM resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2026-42781

When embedded Packet Velocity Acceleration ePVA acceleration is configured, undisclosed local ethernet traffic can cause an increase in ePVA and Traffic Management Microkernel TMM resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2022-4988

Alien::FreeImage versions through 1.001 for Perl contains several vulnerable libraries. Alien::FreeImage contains version 3.17.0 of the FreeImage library from 2017, which has known vulnerabilities such as CVE-2015-0852 and CVE-2025-65803. The library embeds other images libraries that also have...

CVE-2026-42781 BIG-IP FastL4 virtual server vulnerability

When embedded Packet Velocity Acceleration ePVA acceleration is configured, undisclosed local ethernet traffic can cause an increase in ePVA and Traffic Management Microkernel TMM resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

jq: Embedded NUL truncates top-level jq programs loaded with -f

...

jq: Embedded NUL in jq import paths causes local redaction-policy bypass and preserves sensitive fields in published artifacts

...

AMD多款产品 安全漏洞

AMD EPYC is a high-performance server processor developed by American semiconductor company AMD. Several AMD products have security vulnerabilities. These vulnerabilities could allow local administrator attackers to modify MMIO routing configurations, potentially leading to loss of SEV-SNP client...

PT-2026-40673

Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions prior to 17.1.3.1 F5 BIG-IP versions prior to 17.5.1.4 F5 BIG-IP versions prior to 21.0.0.1 Description When embedded Packet Velocity Acceleration ePVA is configured, undisclosed local ethernet traffic can trigger an infinit...

AMD多款产品 安全漏洞

AMD EPYC is a high-performance server processor developed by American semiconductor company AMD. Several AMD products have security vulnerabilities. These vulnerabilities could allow local administrator attackers to gain arbitrary system management network access, potentially enabling them to...

AMD Server Software and Embedded Chipset Driver Vulnerabilities - Lenovo Support US

No description provided...

CVE-2026-44259

efw4.X is an Enterprise Framework for Web. Prior to 4.08.010, the previewServlet serves files with their detected MIME type based on file extension, without any content sanitization or security headers. Files with .html, .htm, or .svg extensions are served as text/html or image/svg+xml...

Embedded Malicious Code

@tanstack/ packages are vulnerable to Embedded Malicious Code. The vulnerability is due to misconfigured GitHub Actions workflows and cache poisoning weaknesses that allowed attackers to extract OIDC tokens and publish malicious package versions under a trusted identity...

EUVD-2026-29457

Insertion of Sensitive Information Into Sent Data vulnerability in Saad Iqbal WP EasyPay wp-easy-pay allows Retrieve Embedded Sensitive Data.This issue affects WP EasyPay: from n/a through = 4.3.0...

CVE-2026-45215 WordPress WP EasyPay plugin <= 4.3.0 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Saad Iqbal WP EasyPay wp-easy-pay allows Retrieve Embedded Sensitive Data.This issue affects WP EasyPay: from n/a through = 4.3.0...

CVE-2026-45215

CVE-2026-45215 affects the WordPress WP EasyPay plugin (wp-easy-pay)

CVE-2026-45215

Insertion of Sensitive Information Into Sent Data vulnerability in Saad Iqbal WP EasyPay wp-easy-pay allows Retrieve Embedded Sensitive Data.This issue affects WP EasyPay: from n/a through = 4.3.0...

PT-2026-40278

In PHP versions 8.4. before 8.4.21 and 8.5. before 8.5.6, when an encoding name containing an embedded NUL byte is passed to mb convert encoding or related mbstring functions, the code incorrectly assumes that when strncasecmp returns 0 it means the strings have the same length. This can lead to...

AMD Athlon™, AMD Ryzen™, and AMD Ryzen™ Embedded Series Processor Vulnerabilities – May 2026

CVE Details Refer to Glossary for explanation of terms CVE ID| CVE Description| CVSS ---|---|--- CVE-2021-46747| Insufficient granularity of access control in AMD Secure Processor ASP may allow an attacker with an untrusted user space application to map sensitive System Management Network SMN...