CVE-2019-25727

creationtimestamp| type| source ---|---|--- 2026-06-04 23:27:58+00:00| seen| https://bsky.app/profile/pulse-wp.com/post/3mnirmjtf7n25 2026-06-04 23:30:28+00:00| seen| https://bsky.app/profile/pulse-wp.com/post/3mnirqyr22a26...

CVE-2026-26555

creationtimestamp| type| source ---|---|--- 2026-06-04 23:00:15+00:00| seen| Telegram/ZO8GXKofeRUVwVPphXUXme80ypLutlvGOITV9wiiQ1h3jLc 2026-06-05 03:00:06+00:00| seen| Telegram/w0GkJHs0a-iOGxRnRQVAJ6txbFx-4W5StLXj-Qhn1zDpC10...

matrix-sdk-ui: Incomplete edit validation

Impact The message edit validation logic in the matrix-sdk-ui crate before 0.16.1 is missing a check: when replacing an encrypted event, the replacement event itself is not required to be encrypted. This enables a malicious homeserver administrator or an actor with equivalent power to impersonate...

GHSA-H97M-27FX-42RX matrix-sdk-ui: Incomplete edit validation

Impact The message edit validation logic in the matrix-sdk-ui crate before 0.16.1 is missing a check: when replacing an encrypted event, the replacement event itself is not required to be encrypted. This enables a malicious homeserver administrator or an actor with equivalent power to impersonate...

kernel: wifi: brcmfmac: validate bsscfg indices in IF events

A flaw was found in the Linux kernel's brcmfmac Wi-Fi driver. This vulnerability occurs because the driver fails to properly validate bsscfg indices in interface IF events. An attacker could exploit this by sending a specially crafted IF event with an invalid bsscfg index, which could lead to an...

CVE-2026-50209

Broadcast events allow malicious software to rewrite the device's default Mobile Device Management MDM endpoint address, shifting administrative ownership to an external attacker...

CVE-2026-50209 MDM Server Registration Overriding

Broadcast events allow malicious software to rewrite the device's default Mobile Device Management MDM endpoint address, shifting administrative ownership to an external attacker...

CVE-2026-50209

Broadcast events allow malicious software to rewrite the device's default Mobile Device Management MDM endpoint address, shifting administrative ownership to an external attacker...

EUVD-2026-34221

Broadcast events allow malicious software to rewrite the device's default Mobile Device Management MDM endpoint address, shifting administrative ownership to an external attacker...

CVE-2026-50209 MDM Server Registration Overriding

Broadcast events allow malicious software to rewrite the device's default Mobile Device Management MDM endpoint address, shifting administrative ownership to an external attacker...

CVE-2026-50209

CVE-2026-50209 describes a vulnerability where broadcast events allow malicious software to rewrite the device’s default Mobile Device Management (MDM) endpoint address, shifting administrative ownership to an external attacker. The issue is tied to the MDM registration/endpoint resolution flow a...

PT-2026-46161

Broadcast events allow malicious software to rewrite the device's default Mobile Device Management MDM endpoint address, shifting administrative ownership to an external attacker...

GHSA-C27G-Q93R-2CWF

creationtimestamp| type| source ---|---|--- 2026-06-03 18:51:02+00:00| seen| https://gist.github.com/alon710/8b99e8a330b30729487263e5e6c526a7 2026-06-03 19:00:57+00:00| seen| https://gist.github.com/alon710/af9fd1f0bf5e15b0603c7992be5645c7...

CVE-2026-46257

In the Linux kernel, the following vulnerability has been resolved: clocksource/drivers/timer-sp804: Fix an Oops when readcurrenttimer is called on ARM32 platforms where the SP804 is not registered as the schedclock. On SP804, the delay timer shares the same clkevt instance with schedclock. On so...

Incomplete message edit validation in matrix-sdk-ui

The message edit validation logic in the matrix-sdk-ui crate before 0.16.1 is missing a check: when replacing an encrypted event, the replacement event itself is not required to be encrypted. This enables a malicious homeserver administrator or an actor with equivalent power to impersonate or spo...

RUSTSEC-2026-0158 Incomplete message edit validation in matrix-sdk-ui

The message edit validation logic in the matrix-sdk-ui crate before 0.16.1 is missing a check: when replacing an encrypted event, the replacement event itself is not required to be encrypted. This enables a malicious homeserver administrator or an actor with equivalent power to impersonate or spo...

CVE-2026-10629

creationtimestamp| type| source ---|---|--- 2026-06-02 21:23:34+00:00| seen| https://infosec.exchange/users/cR0w/statuses/116682615290341234 2026-06-02 21:23:59+00:00| seen| https://infosec.exchange/users/cR0w/statuses/116682616422398554 2026-06-03 00:02:33+00:00| seen|...

CVE-2026-9311

creationtimestamp| type| source ---|---|--- 2026-06-01 16:50:04+00:00| seen| https://bsky.app/profile/knaepp.bsky.social/post/3mnajyao5gy26 2026-06-01 19:38:09+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnatesuvou2c 2026-06-04 18:37:07+00:00| seen|...

CVE-2026-9330

creationtimestamp| type| source ---|---|--- 2026-06-01 16:50:04+00:00| seen| https://bsky.app/profile/knaepp.bsky.social/post/3mnajyao5gy26 2026-06-01 19:44:30+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnatq63y672c 2026-06-04 20:35:04+00:00| seen|...

CVE-2026-24087

creationtimestamp| type| source ---|---|--- 2026-06-01 16:14:39+00:00| seen| https://notnow.dev/objects/d63fe6f8-2c0f-4347-86b6-4c1e3e5b986e 2026-06-01 16:14:46+00:00| seen| https://bsky.app/profile/zhuowei.notnow.dev/post/3mnahz4yxic2k...