CVE-2026-7601 Open5GS AMF gmm-handler.c denial of service

A vulnerability has been found in Open5GS up to 2.7.6. Affected is an unknown function of the file src/amf/gmm-handler.c of the component AMF. The manipulation of the argument regtype leads to denial of service. The attack is possible to be carried out remotely. Upgrading to version 2.7.7 is able...

PT-2026-36639

Name of the Vulnerable Software and Affected Versions sgl-project SGLang versions prior to 0.6.0 Description A code injection issue exists in the HuggingFace Transformer Handler within the get tokenizer function of the python/sglang/srt/utils/hf transformers utils.py file. When a caller sets the...

WordPress plugin FundPress 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

TRENDnet TEW-821DAP 数据伪造问题漏洞

TRENDnet TEW-821DAP is a wireless access point from the company TRENDnet. The version TRENDnet TEW-821DAP 1.12B01 has a vulnerability related to data falsification. This vulnerability stems from improper handling of the parameter dest in the findHWid/newGuiUpdateFirmware function within the...

PT-2026-36585

A weakness has been identified in TRENDnet TEW-821DAP 1.12B01. This issue affects the function find hwid/new gui update firmware of the component Firmware Update Handler. Executing a manipulation of the argument dest can lead to insufficient verification of data authenticity. The attack can be...

PT-2026-36559

Name of the Vulnerable Software and Affected Versions Open5GS versions prior to 2.7.7 Description A remote denial of service issue exists in the AMF component within the src/amf/gmm-handler.c file. The flaw is triggered by the manipulation of the reg type argument. Recommendations Upgrade to...

Open5GS 安全漏洞

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for LTE/NR networks. Versions of Open5GS 2.7.6 and earlier contain security vulnerabilities. These vulnerabilities stem from improper handling of parameters regtype by unknown functions in...

PT-2026-36621

A vulnerability was found in code-projects Online Hospital Management System 1.0. The impacted element is an unknown function of the component Registration Handler. The manipulation of the argument Username results in improper authorization. The attack can be executed remotely. The exploit has be...

PT-2026-36603

Name of the Vulnerable Software and Affected Versions TRENDnet TEW-821DAP versions prior to 1.12B01 Description An issue exists in the Firmware Update Handler component within the cameo dev.sh file. Specifically, the platform do upgrade cameo dev function fails to sufficiently verify data...

Linux Distros Unpatched Vulnerability : CVE-2026-7582

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was detected in AcademySoftwareFoundation OpenImageIO up to 3.2.0.1-dev. This vulnerability affects unknown code of the file...

CVE-2026-31762

A flaw was found in the Linux kernel's mpu3050 gyro driver. This vulnerability, a resource leak, occurs when the interrupt handler is configured but not correctly released if the iiotriggerregister function fails. This could allow a local user to cause system instability or a denial of service Do...

CVE-2026-31763

A flaw was found in the Linux kernel, specifically within the driver for the mpu3050 gyroscope. This vulnerability occurs because the system attempts to release an interrupt request IRQ using an incorrect handler. This improper resource management could lead to system instability or a denial of...

JLSEC-2026-379

In libexpat before 2.7.4, XMLExternalEntityParserCreate does not copy unknown encoding handler user data...

Deserialization of Untrusted Data

Overview Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the RedisHandler process. An attacker can execute arbitrary code by supplying crafted serialized data to the session or cache handlers, which is then processed using unserialize. Details Serializatio...

CVE-2026-7587 Open5GS AMF nsmf-handler.c amf_nsmf_pdusession_handle_update_sm_context denial of service

A vulnerability has been found in Open5GS up to 2.7.7. This vulnerability affects the function amfnsmfpdusessionhandleupdatesmcontext of the file /src/amf/nsmf-handler.c of the component AMF. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit...

CVE-2026-7587

Open5GS AMF vulnerable in function amf_nsmf_pdusession_handle_update_sm_context (in /src/amf/nsmf-handler.c) up to version 2.7.7. The manipulation can cause a denial of service and is remotely initiable. The exploit has been disclosed publicly. No remediation or patch details are provided in the ...

CVE-2026-7586

A weakness has been identified in Open5GS up to 2.7.7. Affected is the function ogsidgetvalue of the file /src/amf/nudm-handler.c of the component AMF. This manipulation causes denial of service. Remote exploitation of the attack is possible. The exploit has been made available to the public and...

DEBIAN-CVE-2026-42480

A stack-based out-of-bounds read vulnerability in VrmlDataScene::ReadLine in the VRML parser in Open CASCADE Technology OCCT V800rc5 allows attackers to cause a denial of service via a crafted VRML file. The issue occurs because the quoted-string escape handler uses ptr++anOffset without proper...

CVE-2026-42473

Unsafe deserialization vulnerability in MixPHP Framework 2.x thru 2.2.17. The session and cache handlers use unserialize on data from the filesystem in the FileHandler object...

CVE-2026-7586

Open5GS up to version 2.7.7 is affected in the AMF component, specifically the ogs_id_get_value function in src/amf/nudm-handler.c. The issue allows remote denial of service and has a publicly available exploit; the project was notified via an issue but has not responded. This CVE is substantiate...