Critical Photon OS Security Update - PHSA-2026-5.0-0837

Updates of 'cups', 'linux-esx' packages of Photon OS have been released...

CVE-2026-7443

CVE-2026-7443 affects BurtTheCoder mcp-dnstwist ≤ 1.0.4, specifically the fuzz_domain function in src/index.ts of the MCP Interface. The weakness permits remote execution of OS commands via manipulation of the Request argument. Exploitation is possible remotely and public exploits exist. The vuln...

EUVD-2026-26293

A vulnerability was found in PolarVista xcode-mcp-server 1.0.0. This issue affects the function buildproject/runtests of the file src/index.ts of the component MCP Interface. The manipulation of the argument Request results in os command injection. The attack may be launched remotely. The exploit...

GHSA-QHMP-Q7XH-99RH vulnerabilities

Vulnerabilities for packages: kubernetes-dns-node-cache-fips, juicefs, k8sgateway, k8sgateway-fips, kubernetes-dns-node-cache, eks-distro-fips, eks-distro...

CVE-2026-6849

CVE-2026-6849 describes an OS command injection in Pardus OS My Computer. Affected: Pardus OS My Computer versions

EUVD-2026-26249

Improper neutralization of special elements used in an OS command 'OS command injection' vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus OS My Computer allows OS Command Injection. This issue affects Pardus OS My Computer: from =0.7.5 before 0.8.0...

EUVD-2026-26228

Improper neutralization of CRLF sequences 'CRLF injection' vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus allows Authentication Bypass. This issue affects Pardus: from =0.6.4 before 0.8.0...

ROOT-OS-DEBIAN-12-CVE-2026-28493 CVE-2026-28493 in rootio-imagemagick - Patched by Root

Root has patched CVE-2026-28493 in the rootio-imagemagick package for Root:Debian:12. Multiple fixed versions available...

Photon OS 4.0: Imagemagick PHSA-2026-4.0-1002

An update of the ImageMagick package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-4.0-1002. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

PT-2026-35968

Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.0.0 to before version 4.14.4, multiple heap-based out-of-bounds WRITE vulnerabilities exist in parse uname string remoted op.c. This function processes OS identification data from agents a...

TÜBİTAK BİLGEM Pardus OS My Computer 操作系统命令注入漏洞

TÜBİTAK BİLGEM Pardus OS My Computer is a desktop component provided by the Turkish company TÜBİTAK BİLGEM, which offers functions for viewing system hardware and resource information. Versions of TÜBİTAK BİLGEM Pardus OS My Computer prior to version 0.8.0, as well as versions 0.7.5 and earlier,...

Mozilla Firefox ESR < 115.35.1

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 115.35.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-37 advisory. - Information disclosure due to incorrect boundary conditions in the Audio/Video component. This...

Juniper Junos OS Vulnerability (JSA79179)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA79179 advisory. - An Improper Check for Unusual or Exceptional Conditions vulnerability in the the Public Key Infrastructure daemon pkid of Juniper Networks Junos OS allows an unauthenticat...

Juniper Junos OS Vulnerability (JSA79188)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA79188 advisory. - A Missing Authentication for Critical Function vulnerability in the Packet Forwarding Engine pfe of Juniper Networks Junos OS on MX Series with SPC3, and SRX Series allows...

Juniper Junos OS Vulnerability (JSA92860)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA92860 advisory. - An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in the command-line interface CLI of Juniper Networks Junos OS on SRX Series devices allows a...

Juniper Junos OS Vulnerability (JSA96464)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA96464 advisory. - An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in the User Interface UI of Juniper Networks Junos OS and Junos OS Evolved allows a local,...

Google Chrome < 147.0.7727.137 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 147.0.7727.137. It is, therefore, affected by multiple vulnerabilities as referenced in the 202604stable-channel-update-for-desktop28 advisory. - Use after free in Canvas in Google Chrome on Linux, ChromeOS prior to...

Important Photon OS Security Update - PHSA-2026-5.0-0836

Updates of 'ncurses' packages of Photon OS have been released...

CVE-2026-7361

Use after free in iOS in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-7363

CVE-2026-7363 describes a use-after-free in Canvas in Google Chrome on Linux and ChromeOS prior to 147.0.7727.138, allowing a remote attacker to execute arbitrary code inside the sandbox. The issue affects Google Chrome: Linux/ChromeOS prior to the fixed build, with a high-severity (Critical) imp...