Apache Tomcat Tribes EncryptInterceptor Bypass - Remote Code Execution

Missing Encryption of Sensitive Data vulnerability in Apache Tomcat due to the fix for CVE-2026-29146 allowing the bypass of the EncryptInterceptor. This issue affects Apache Tomcat: 11.0.20, 10.1.53, 9.0.116. id: CVE-2026-34486 info: name: Apache Tomcat Tribes EncryptInterceptor Bypass - Remote...

CVE-2019-25719

Dräger Infinity Acute Care System and Standalone Infinity M540 patient monitors running software versions VG4.1.1, VG4.0.3, and lower contain network message handling vulnerabilities that allow network-adjacent attackers to spoof or tamper with data and cause denial-of-service conditions. Attacke...

EyesOfNetwork - Hardcoded API Key

An issue was discovered in EyesOfNetwork 5.3. The installation uses the same API key hardcoded as EONAPIKEY in include/apifunctions.php for API version 2.4.2 by default for all installations, hence allowing an attacker to calculate/guess the admin access token. id: CVE-2020-8657 info: name:...

PT-2026-45862

Name of the Vulnerable Software and Affected Versions Dräger Infinity Acute Care System and Standalone Infinity M540 patient monitors versions prior to VG4.2 Description A network message handling issue allows remote attackers to inject spoofed or tampered data. This can lead to denial-of-service...

Chromium: CVE-2026-9873 Use after free in Network

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

DEBIAN-CVE-2026-9873

Use after free in Network in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-9992

Use after free in Network in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-9992

Use after free in Network in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-46153

A flaw was found in the Linux kernel's 8021q VLAN module. This vulnerability occurs because cleared egress Quality of Service QoS mappings are not properly deleted, leading to an accumulation of mapping nodes. An attacker could repeatedly set and clear egress priority mappings, causing a memory...

CVE-2026-45923

net: usb: catc: enable basic endpoint checking...

CVE-2026-46038

net: qrtr: ns: Free the node during ctrlcmdbye...

Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50286)

The remote Oracle Linux 10 / 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-50286 advisory. - net: skbuff: propagate shared-frag marker through frag-transfer helpers Hyunwoo Kim Orabug: 39420559 CVE-2026-46300 Tenable has extracted the preceding...

CVE-2026-42626

HP ENVY 5000 series printers VERBASPP1N003.2237A.00 do not properly manage concurrent TCP connections to port 9100 JetDirect/RAW printing. An unauthenticated remote attacker on the same network can establish a persistent connection to port 9100 and send keep-alive packets, causing the printer's...

Astra Linux - уязвимость в python2.7, pypy

In Python 3.x versions prior to 3.5.10, 3.6.x versions prior to 3.6.12, 3.7.x versions prior to 3.7.9, and 3.8.x versions prior to 3.8.5, CRLF injection is allowed if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of...

ROS-20260520-73-0021

A Network service vulnerability in Google Chrome and Microsoft Edge browsers is related to the ability to use memory after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...

TP-Link, Photoshop, OpenVPN, Norton VPN vulnerabilities

Cisco Talos' Vulnerability Discovery & Research team recently disclosed eight vulnerabilities in TP-Link, and one each in Adobe Photoshop, OpenVPN, and Gen Digital's Norton VPN. The vulnerabilities mentioned in this blog post have been patched by their respective vendors, in adherence to Cisco 's...

CVE-2026-8530

Use after free in Network in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-40401 Windows TCP/IP Denial of Service Vulnerability

...

CVE-2026-40415 Windows TCP/IP Remote Code Execution Vulnerability

...

CVE-2026-40399

Technical details about CVE-2026-40399 are not publicly available in the provided documents. Monitor for updates from the original sources; current descriptions only state a stack-based buffer overflow in Windows TCP/IP enabling local privilege elevation.