CVE-2026-24716

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

CVE-2026-24717

A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the...

CVE-2025-66280

An integer overflow or wraparound vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to compromise the security of the system. We have already fixed the vulnerability in the...

CVE-2025-66281

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following versions: QTS 5.2.9.3410 build...

CVE-2025-66279

A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS...

CVE-2026-24719

A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS...

CVE-2025-66273

A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS...

CVE-2025-62850

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

CVE-2026-44488 vulnerabilities

Vulnerabilities for packages: wazuh-dashboard, opensearch-dashboards, wazuh-dashboard-fips, opensearch-dashboards-fips...

Photon OS 4.0: Linux PHSA-2026-4.0-1030

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-4.0-1030. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

ROS-20260611-73-0039

The vulnerability of the Linux operating system’s network protocol implementation is related to the repeated release of memory. Exploiting this vulnerability can allow an attacker to increase their privileges and cause service interruptions...

CyberArk Idira Privileged Session Manager 操作系统命令注入漏洞

CyberArk Idira Privileged Session Manager is a privileged session management platform developed by the American company CyberArk. Versions of CyberArk Idira Privileged Session Manager for SSH prior to 15.0.2, 14.6.3, 14.2.5, and 14.0.6 contained an operating system command injection vulnerability...

PT-2026-48661

Name of the Vulnerable Software and Affected Versions Check Point Identity Agent Full for Windows OS affected versions not specified Description A local privilege escalation issue exists where an authenticated local user can execute arbitrary code with SYSTEM privileges. This occurs due to improp...

Apple macOS 安全漏洞

Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. There are security vulnerabilities in versions of Apple macOS such as Sequoia 15.4, Sonoma 14.7.5, and Ventura 13.7.5. These vulnerabilities stem from insufficient checks, which may allow...

Apple macOS 路径遍历漏洞

Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. Versions of Apple macOS Sequoia 15.4 and earlier contained a path traversal vulnerability. This vulnerability stemmed from parsing issues with directory path handling, which could allow...

Apple macOS 访问控制错误漏洞

Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. Versions of Apple macOS Tahoe 26.1 and earlier contained an access control error vulnerability. This vulnerability stemmed from an access issue that could allow malicious applications to acces...

Apple macOS 后置链接漏洞

Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. Versions of Apple macOS Sequoia 15.4 and earlier contained a backlink vulnerability, which was caused by improper handling of symbolic links. This vulnerability could allow applications to...

ClipBucket V5 操作系统命令注入漏洞

ClipBucket V5 is a video hosting platform developed by MacWarrior’s individual developers. Versions of ClipBucket V5 prior to 5.5.3 – including version 140 – contained an operating system command injection vulnerability. This vulnerability stemmed from the remote playback feature allowing direct...

Critical Photon OS Security Update - PHSA-2026-4.0-1031

Updates of 'openssl' packages of Photon OS have been released...

CVE-2026-0272

A privilege escalation vulnerability in Palo Alto Networks PAN-OS® software allows an authenticated administrator with access to the Command Line Interface CLI to perform actions on the device with root privileges. The security risk posed by this issue is significantly minimized when CLI access i...