synapse 输入验证错误漏洞

Synapse is an open-source matrix main server developed by Element. Versions prior to 1.152.1 of Synapse contained a vulnerability related to input validation errors. This vulnerability allowed malicious servers to manipulate room events, thereby preventing the complete history from being provided...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of restrictions on IPMI events and the reception of message requests. This vulnerability could...

CVE-2026-9739

Vulnerable to DNS rebinding attacks when using SSE http://b/499408790. During the beta phase, we implemented allowed-origins and allowed-hosts flags to align with MCP security guidelines. However, the hardcoded Access-Control-Allow-Origin: header in the SSE initialization handler was inadvertentl...

CVE-2026-9739

Vulnerable to DNS rebinding attacks when using SSE http://b/499408790. During the beta phase, we implemented allowed-origins and allowed-hosts flags to align with MCP security guidelines. However, the hardcoded Access-Control-Allow-Origin: header in the SSE initialization handler was inadvertentl...

CVE-2026-9739

Vulnerable to DNS rebinding attacks when using SSE http://b/499408790. During the beta phase, we implemented allowed-origins and allowed-hosts flags to align with MCP security guidelines. However, the hardcoded Access-Control-Allow-Origin: header in the SSE initialization handler was inadvertentl...

CVE-2026-9739

Vulnerable to DNS rebinding attacks when using SSE http://b/499408790. During the beta phase, we implemented allowed-origins and allowed-hosts flags to align with MCP security guidelines. However, the hardcoded Access-Control-Allow-Origin: header in the SSE initialization handler was inadvertentl...

CVE-2026-48792

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, src/evdev.c silently ignores EACCES errors when opening /dev/input/event nodes, causing pusbhasvirtualinputdevice to return 0 no virtual devices found even when every open call failed due to...

CVE-2026-46103

A flaw was found in the Linux kernel's can: ucan USB driver. This vulnerability arises from incorrect management of device resource lifetimes, where resources are tied to the parent USB device instead of the USB interface. This can lead to memory leaks when drivers are unbound without the...

EUVD-2026-32257

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix UMR hang in LAG error state unload During firmware reset in LAG mode, a race condition causes the driver to hang indefinitely while waiting for UMR completion during device unload. See 1. In LAG mode the bond devic...

CVE-2026-44830 Empty API_TOKEN disables authentication on network-reachable HTTP/SSE transport

Nocturne Memory is a lightweight, rollbackable, and visual Long-Term Memory Server for MCP Agents. Prior to 2.4.1, when APITOKEN is unset or empty, the BearerTokenAuthMiddleware bypasses authentication for all HTTP requests. Combined with the default 0.0.0.0 host binding and CORS alloworigins="",...

UBUNTU-CVE-2026-45987

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Sync interrupt shadow to cached vmcb12 after VMRUN of L2 After VMRUN in guest mode, nestedsynccontrolfromvmcb02 syncs fields written by the CPU from vmcb02 to the cached vmcb12. This is because the cached vmcb12 is use...

CVE-2026-45904

CVE-2026-45904 – powerpc/eeh locking fix in Linux kernel : The vulnerability was resolved by a patchset that corrects recursive locking between EEH (Enhanced Error Handling) and PCI hotplug logic. The root cause was that eeh_handle_normal_event() acquired pci_lock_rescan_remove() before calling e...

CVE-2026-40827

creationtimestamp| type| source ---|---|--- 2026-05-27 08:11:19+00:00| seen| https://infosec.exchange/users/certvde/statuses/116645525736344350 2026-05-27 08:12:09+00:00| seen| https://infosec.exchange/users/certvde/statuses/116645529147227087...

CVE-2026-40826

creationtimestamp| type| source ---|---|--- 2026-05-27 08:11:19+00:00| seen| https://infosec.exchange/users/certvde/statuses/116645525736344350 2026-05-27 08:12:10+00:00| seen| https://infosec.exchange/users/certvde/statuses/116645529147227087 2026-05-27 09:02:17+00:00| seen|...

CVE-2026-40838

creationtimestamp| type| source ---|---|--- 2026-05-27 08:11:18+00:00| seen| https://infosec.exchange/users/certvde/statuses/116645525736344350 2026-05-27 08:12:08+00:00| seen| https://infosec.exchange/users/certvde/statuses/116645529147227087...

CVE-2026-40846

creationtimestamp| type| source ---|---|--- 2026-05-27 08:11:16+00:00| seen| https://infosec.exchange/users/certvde/statuses/116645525736344350 2026-05-27 08:12:07+00:00| seen| https://infosec.exchange/users/certvde/statuses/116645529147227087...

CVE-2026-40815

creationtimestamp| type| source ---|---|--- 2026-05-27 08:11:14+00:00| seen| https://infosec.exchange/users/certvde/statuses/116645525736344350 2026-05-27 08:12:05+00:00| seen| https://infosec.exchange/users/certvde/statuses/116645529147227087 2026-05-27 08:12:10+00:00| seen|...

CVE-2026-8898

The Events In City plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'org-events' shortcode in versions up to, and including, 3.0. This is due to insufficient input sanitization and output escaping on user supplied attributes such as 'organizerid', 'width', 'height',...

CVE-2026-8898 Events In City <= 3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes

The Events In City plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'org-events' shortcode in versions up to, and including, 3.0. This is due to insufficient input sanitization and output escaping on user supplied attributes such as 'organizerid', 'width', 'height',...

EUVD-2026-32070

The Events In City plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'org-events' shortcode in versions up to, and including, 3.0. This is due to insufficient input sanitization and output escaping on user supplied attributes such as 'organizerid', 'width', 'height',...