184 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-14757
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was determined in radareorg radare2 up to 6.1.6. This affects the function coreanalbytes of the file libr/core/cmdanal.inc. This manipulation...
Linux Distros Unpatched Vulnerability : CVE-2026-14760
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A weakness has been identified in radareorg radare2 up to 6.1.6. Impacted is the function rcoreseekarchbits of the file libr/core/disasm.c of the component...
CVE-2026-14789
A vulnerability was detected in radareorg radare2 up to 6.1.6. Affected by this issue is some unknown functionality of the file libr/bin/format/mdmp/mdmp.c of the component Memory64ListStream Parser. Performing a manipulation results in stack-based buffer overflow. The attack requires a local...
EUVD-2026-41799
A security vulnerability has been detected in radareorg radare2 up to 6.1.6. Affected by this vulnerability is the function rcorebinload of the file libr/core/cfile.c. Such manipulation leads to use after free. The attack needs to be performed locally. The exploit has been disclosed publicly and...
EUVD-2026-41766
A vulnerability was determined in radareorg radare2 up to 6.1.6. This affects the function coreanalbytes of the file libr/core/cmdanal.inc. This manipulation causes integer overflow. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. It is...
CVE-2026-13590
A security flaw has been discovered in seladb PcapPlusPlus 25.05. This impacts the function pcpp::ModbusLayer::getLength in the library Packet++/header/ModbusLayer.h of the component Modbus Protocol Handler. The manipulation of the argument length results in heap-based buffer overflow. The attack...
Linux Distros Unpatched Vulnerability : CVE-2026-11329
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability has been found in onnx onnx-mlir up to 0.5.0.0. Affected by this issue is the function generatehashkey of the file...
EUVD-2026-35008
A vulnerability was detected in hs-web hsweb-framework up to 5.0.1. This affects the function OAuth2Client of the file hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/OAuth2Client.java of the component OAuth2 Client. The manipulation results in op...
CVE-2026-11470 hs-web hsweb-framework File Upload FileUploadProperties.java denied path traversal
A vulnerability has been found in hs-web hsweb-framework up to 5.0.1. The affected element is the function denied of the file hsweb-system/hsweb-system-file/src/main/java/org/hswebframework/web/file/FileUploadProperties.java of the component File Upload. The manipulation of the argument filename...
PT-2026-47242
A vulnerability was found in Chengdu Everbrite Network Technology BeikeShop up to 1.6.0.22. Impacted is an unknown function of the file beike/Admin/Routes/admin.php of the component Admin Design Builder Endpoint. Performing a manipulation of the argument settings.value results in sql injection. I...
PT-2026-47202
A vulnerability has been found in hs-web hsweb-framework up to 5.0.1. The affected element is the function denied of the file hsweb-system/hsweb-system-file/src/main/java/org/hswebframework/web/file/FileUploadProperties.java of the component File Upload. The manipulation of the argument filename...
CVE-2026-8275
A vulnerability was detected in bettercap up to 2.41.5. Affected by this vulnerability is the function ippReadChunkedBody of the file modules/zerogod/zerogodippprimitives.go of the component zerogod IPP Service. Performing a manipulation results in integer coercion error. The attack can be...
CVE-2026-7060
A vulnerability was determined in liyupi yu-picture up to a053632c41340152bf75b66b3c543d129123d8ec. This impacts the function PageRequest of the file yu-picture-backend/src/main/java/com/yupi/yupicturebackend/service/impl/PictureServiceImpl.java of the component MyBatis-Plus. Executing a...
CVE-2026-10283
A vulnerability was detected in Bottelet DaybydayCRM up to 2.2.1. Affected is an unknown function of the component Setting Handler. Performing a manipulation results in missing authentication. Remote exploitation of the attack is possible. It is recommended to apply a patch to fix this issue...
CVE-2026-11329
A vulnerability has been found in onnx onnx-mlir up to 0.5.0.0. Affected by this issue is the function generatehashkey of the file src/Runtime/python/torchonnxmlir/src/torchonnxmlir/backend.py of the component Placeholder Node Cache Handler. Such manipulation leads to use of weak hash. An attack...
PT-2026-49250
A vulnerability classified as problematic was found in OpenCV wechat qrcode Module up to 4.7.0. Affected by this vulnerability is the function DecodedBitStreamParser::decodeByteSegment of the file qrcode/decoder/decoded bit stream parser.cpp. The manipulation leads to null pointer dereference. Th...
CVE-2026-10800 PaddlePaddle FastDeploy MultimodalHasher hasher.py hash_features weak hash
A weakness has been identified in PaddlePaddle FastDeploy up to 2.4.1. Affected by this issue is the function hashfeatures of the file fastdeploy/multimodal/hasher.py of the component MultimodalHasher. Executing a manipulation can lead to use of weak hash. The attack requires local access. A high...
CVE-2026-10115
A vulnerability was identified in Open5GS up to 2.7.7. This affects an unknown part in the library lib/sbi/nnrf-handler.c of the component Shared NF-profile Parser. Such manipulation leads to denial of service. The attack can be launched remotely. The exploit is publicly available and might be...
SUSE CVE-2026-10201
A vulnerability was determined in Assimp up to 6.0.4. This vulnerability affects the function FBXExporter::WriteObjects of the file FBXExporter.cpp of the component UV Channel Handler. Executing a manipulation can lead to divide by zero. The attack needs to be launched locally. The exploit has be...
PT-2026-45869
Name of the Vulnerable Software and Affected Versions ahujasid blender-mcp versions prior to 5b37be25242e73dc4cf1328974d30458b9e5d67e Description Server-side request forgery can be executed remotely via the ZIP File Handler component. The issue exists in the requests.get function within the...