CVE-2026-2587

A critical Remote Code Execution RCE vulnerability was identified in the server-side template rendering mechanism used by the Glassfish gadget handler. The application processes .xml files and evaluates user-supplied values within a context where Expression Language EL “expressions” are processed...

Algernon: handler.lua discovery walks parent directories above the server root

Summary When Algernon is asked for any URL path that resolves to a directory without an index file, DirPage walks upward through parent directories — past the configured server root — looking for a file named handler.lua to execute as the request handler. The loop terminates only after 100 ancest...

CVE-2026-2587

A critical Remote Code Execution RCE vulnerability was identified in the server-side template rendering mechanism used by the Glassfish gadget handler. The application processes .xml files and evaluates user-supplied values within a context where Expression Language EL “expressions” are processed...

CVE-2026-2587

A critical Remote Code Execution RCE vulnerability was identified in the server-side template rendering mechanism used by the Glassfish gadget handler. The application processes .xml files and evaluates user-supplied values within a context where Expression Language EL “expressions” are processed...

CVE-2026-2587

CVE-2026-2587 describes a critical RCE in the server-side template rendering used by the Glassfish gadget handler. The flaw arises when processing .xml files, evaluating user-supplied values as Expression Language (EL) expressions without proper sanitization, e.g., #{7*7}, enabling server-side EL...

Advisory ROSA-SA-2026-3275

software: libssh 0.9.8 OS: ROSA-CHROME unaffected versions = libssh-0.9.8-4 affected versions libssh-0.9.8-4 CVE-ID: CVE-2026-3731 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A read outside allocated buffer vulnerability in the SFTP Extension Name Handler component of the libssh library allows a...

cpython: Header injection via newlines in data URL mediatype in Python

Missing newline filtering has been discovered in Python. User-controlled data URLs parsed by urllib.request.DataHandler allow injecting headers through newlines in the data URL mediatype...

CLSA-2026-1779179106 php: Fix of 2 CVEs

CVE-2026-7261: SOAP UAF on SoapServer::handle header-handler failure - CVE-2026-7262: SOAP tozvalmap NULL pointer dereference...

CLSA-2026-1779178796 php: Fix of 2 CVEs

CVE-2026-7261: SOAP UAF on SoapServer::handle header-handler failure - CVE-2026-7262: SOAP tozvalmap NULL pointer dereference...

CVE-2026-8776

A vulnerability has been found in Edimax BR-6428NS 1.10. This vulnerability affects the function formPPTPSetup of the file /goform/formPPTPSetup of the component POST Request Handler. Such manipulation of the argument pptpUserName leads to buffer overflow. It is possible to launch the attack...

CVE-2026-8745

A vulnerability was identified in Open5GS up to 2.7.7. Affected by this vulnerability is the function ogstimeradd in the library /src/ausf/nausf-handler.c of the component AUSF. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit is publicly available an...

CVE-2026-8769

A vulnerability was determined in vercel ai up to 3.0.97. The impacted element is the function createJsonResponseHandler/createJsonErrorResponseHandler of the file packages/provider-utils/src/response-handler.ts of the component provider-utils. This manipulation causes resource consumption. The...

PT-2026-41933

Name of the Vulnerable Software and Affected Versions Eclipse GlassFish version 8.0.0 Eclipse GlassFish versions prior to 7.1.0 Description A critical Expression Language EL injection issue exists in the server-side template rendering mechanism used by the GlassFish gadget handler. The applicatio...

PT-2026-42020

Name of the Vulnerable Software and Affected Versions Ledger Nano X affected versions not specified Ledger Flex affected versions not specified Ledger Stax affected versions not specified Description A denial of service issue exists in the MCU firmware update process. The flaw is caused by missin...

Ledger多款产品 安全漏洞

The Ledger Nano X, among others, are products of the French company Ledger. The Ledger Nano X is a hardware wallet for cryptocurrency assets. The Ledger Flex is a touch-screen hardware wallet for cryptocurrency assets. The Ledger Stax is a curved electronic ink-screen hardware wallet for...

PT-2026-42016

Name of the Vulnerable Software and Affected Versions CtrlPanel versions prior to 1.2.0 Description The web-based installer at the endpoint "public/installer/index.php" allows unauthenticated Remote Code Execution RCE, which is the ability to execute arbitrary commands on a remote machine. The...

CVE-2026-8741

A vulnerability has been found in EMQX up to 6.2.0. This affects an unknown function of the file apps/emqx/src/emqxpersistentsessionds.erl of the component QoS 2 PUBLISH Packet Handler. Such manipulation leads to race condition. The attack may be performed from remote. A high complexity level is...

CVE-2026-8757

A vulnerability was found in adenhq hive up to 0.11.0. This affects the function readeventstail of the file core/framework/server/routessessions.py of the component Delete Request Handler. Performing a manipulation results in path traversal. The attack may be initiated remotely. The exploit has...

CVE-2018-25323

Allok AVI DivX MPEG to DVD Converter 2.6.1217 contains a structured exception handler buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload. Attackers can craft a text file with a specially crafted buffer containing shellcode and SEH...

CVE-2026-8836

A vulnerability was found in lwIP up to 2.2.1. Affected is the function snmpparseinboundframe of the file src/apps/snmp/snmpmsg.c of the component snmpv3 USM Handler. Performing a manipulation of the argument msgAuthenticationParameters results in stack-based buffer overflow. The attack may be...