CVE-2026-4988 Open5GS CCA Message smf_s6b denial of service

A security flaw has been discovered in Open5GS 2.7.6. This issue affects the function smfgxccacb/smfgyccacb/smfs6b of the component CCA Message Handler. The manipulation results in denial of service. The attack may be launched remotely. Attacks of this nature are highly complex. The exploitabilit...

CVE-2026-4988 Open5GS CCA Message smf_s6b denial of service

A security flaw has been discovered in Open5GS 2.7.6. This issue affects the function smfgxccacb/smfgyccacb/smfs6b of the component CCA Message Handler. The manipulation results in denial of service. The attack may be launched remotely. Attacks of this nature are highly complex. The exploitabilit...

CVE-2026-4988

Open5GS 2.7.6 contains a denial-of-service vulnerability in the CCA Message Handler, affecting the functions smf_gx_cca_cb, smf_gy_cca_cb, and smf_s6b. The issue can be triggered remotely and stems from the manipulation of the mentioned components. Exploitability is described as difficult, and ex...

PT-2026-28707

Name of the Vulnerable Software and Affected Versions Open5GS version 2.7.6 Description A security flaw exists in Open5GS 2.7.6, specifically within the CCA Message Handler component and the smf gx cca cb/smf gy cca cb/smf s6b function. This manipulation can lead to a denial of service. The attac...

CVE-2026-4175

A vulnerability was determined in Aureus ERP up to 1.3.0-BETA2. The affected element is an unknown function of the file plugins/webkul/chatter/resources/views/filament/infolists/components/messages/content-text-entry.blade.php of the component Chatter Message Handler. Executing a manipulation of...

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the ULNASTransport message handler when processing malformed messages that lack a Request Type. An attacker can cause the application to panic and potentially disrupt service by sending specially crafted...

Aureus ERP vulnerable to cross-site scripting in the Chatter Message Handler

A vulnerability was determined in Aureus ERP up to 1.3.0-BETA1. The affected element is an unknown function of the file plugins/webkul/chatter/resources/views/filament/infolists/components/messages/content-text-entry.blade.php of the component Chatter Message Handler. Executing a manipulation of...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS in the Chatter Message Handler process. An attacker can inject and execute arbitrary scripts by manipulating the subject or body arguments. Details Cross-site scripting or XSS is a code vulnerability that occurs...

EUVD-2026-12224

A vulnerability was determined in Aureus ERP up to 1.3.0-BETA2. The affected element is an unknown function of the file plugins/webkul/chatter/resources/views/filament/infolists/components/messages/content-text-entry.blade.php of the component Chatter Message Handler. Executing a manipulation of...

GHSA-76C2-3Q6G-XVPM Aureus ERP vulnerable to cross-site scripting in the Chatter Message Handler

A vulnerability was determined in Aureus ERP up to 1.3.0-BETA1. The affected element is an unknown function of the file plugins/webkul/chatter/resources/views/filament/infolists/components/messages/content-text-entry.blade.php of the component Chatter Message Handler. Executing a manipulation of...

CVE-2026-4175

A vulnerability was determined in Aureus ERP up to 1.3.0-BETA2. The affected element is an unknown function of the file plugins/webkul/chatter/resources/views/filament/infolists/components/messages/content-text-entry.blade.php of the component Chatter Message Handler. Executing a manipulation of...

CVE-2026-4175

A vulnerability was determined in Aureus ERP up to 1.3.0-BETA2. The affected element is an unknown function of the file plugins/webkul/chatter/resources/views/filament/infolists/components/messages/content-text-entry.blade.php of the component Chatter Message Handler. Executing a manipulation of...

PT-2026-25549

A vulnerability was determined in Aureus ERP up to 1.3.0-BETA2. The affected element is an unknown function of the file plugins/webkul/chatter/resources/views/filament/infolists/components/messages/content-text-entry.blade.php of the component Chatter Message Handler. Executing a manipulation of...

CVE-2026-0110

In MMDATAIND of cnNrSmMsgHdlrFromMM.cpp, there is a possible EoP due to memory corruption. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

Google Pixel 安全漏洞

The Google Pixel is a smartphone produced by Google Inc. The Google Pixel has a security vulnerability, which stems from memory corruption in the usimSendMCCMNCIndMsg function, leading to out-of-bounds writes and potentially allowing for elevation of physical permissions...

CVE-2026-2657

A vulnerability has been found in wren-lang wren up to 0.4.0. This impacts the function printError of the file src/vm/wrencompiler.c of the component Error Message Handler. Such manipulation leads to stack-based buffer overflow. An attack has to be approached locally. The exploit has been disclos...

CVE-2026-2657

CVE-2026-2657 affects the Wren language (wren) up to version 0.4.0. The vulnerability is in the function printError within src/vm/wren_compiler.c of the Error Message Handler, where manipulation can cause a stack-based buffer overflow. The advisory notes a local attack vector and that an exploit ...

CVE-2026-2345

Proctorio Chrome Extension is a browser extension used for online proctoring. The extension contains multiple window.addEventListener'message', ... handlers that do not properly validate the origin of incoming messages. Specifically, an internal messaging bridge processes messages based solely on...

CVE-2025-66902

CVE-2025-66902 affects Pithikos websocket-server v0.6.4. The vulnerability is an input validation issue in WebSocketServer._message_received (websocket_server/websocket_server.py) that could allow a remote attacker to obtain sensitive information or cause unexpected server behavior. Connected sou...

CVE-2025-48647

CVE-2025-48647 affects the Google CPM IPC path: cpm_fwtp_msg_handler in cpm/google/lib/tracepoint/cpm_fwtp_ipc.c. The issue is a memory overwrite caused by improper input validation, enabling local elevation of privilege with no additional privileges or user interaction required. Impact is descri...