CVE-2026-49356

Babel is a compiler for writing next generation JavaScript. Prior to 8.0.0-rc.6 and 7.29.6, @babel/core affected by an arbitrary file read via a sourceMappingURL comment. Using @babel/core to compile maliciously crafted code can allow an attacker to read any source map from the system that is...

PT-2026-50691

Name of the Vulnerable Software and Affected Versions Eclipse Theia versions prior to 1.71.0 Description Files matching the pattern .prompts/.prompttemplate in a workspace are automatically loaded, allowing them to override or extend the AI agent's system prompts. This enables indirect prompt...

CVE-2026-12454

Race in Safe Browsing in Google Chrome on Mac prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

Limatek LimRAD NAC 代码问题漏洞

Limatek LimRAD NAC is a network access control system developed by the Turkish company Limatek. Versions of Limatek LimRAD NAC prior to 5.5.7.3.9 contained code vulnerabilities. These vulnerabilities stemmed from an unlimited upload of dangerous types of files, which could lead to remote code...

CVE-2026-42462

CVE-2026-42462 describes an LD-Signature bypass in Fedify caused by JSON-LD named-graph restructuring. The issue allows an attacker to reorganize a signed JSON-LD payload (via features like @graph, @reverse, @included) in a way that changes how the signed ActivityPub activity is interpreted witho...

CVE-2026-50570

Fission prior to v1.25.0 allowed tenant-created Function/Environment CRDs to request securityContext.capabilities.add: ["SYS_TIME"] despite a fixed denylist (SYS_ADMIN, NET_ADMIN, SYS_PTRACE, SYS_MODULE, DAC_READ_SEARCH, DAC_OVERRIDE). The validation/merge-layer sanitization did not block CAP_SYS...

CVE-2026-49959 Hermes WebUI < 0.51.311 RCE via Git Configuration Injection

Hermes WebUI before version 0.51.311 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands by placing malicious executable Git configuration in a workspace repository's .git/config file. Attackers can exploit Git subprocess invocations in...

Important: postgresql16

Issue Overview: Missing authorization in PostgreSQL CREATE TYPE allows an object creator to hijack other queries that use searchpath to find user-defined types, including extension-defined types. That is to say, the victim will execute arbitrary SQL functions of the attacker's choice. Versions...

SUSE CVE-2026-10949

Heap buffer overflow in Video in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

WordPress plugin RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

CVE-2026-42314

pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, package folder names are sanitized using insufficient string replacement. The pattern ....// becomes .. after replacement partial removal, leaving .. which can be exploited when the path is later resolve...

CVE-2026-11042

Use after free in Views in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-11126

Inappropriate implementation in DevTools in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. Chromium security severity: Medium...

CVE-2026-10900

Use after free in Passwords in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

PT-2026-46740

Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 149.0.7827.53 Description An inappropriate implementation allows a remote attacker to leak cross-origin data, which is information from a different domain than the one that served the original page, by...

CVE-2026-45289

CloudburstMC Protocol is a protocol library for Minecraft Bedrock Edition. Prior to version 3.0.0.Beta12-20260420.182526-15, CloudburstMC Protocol is partially missing validation for FULL type authentication tokens Cloudburst/Protocol. This vulnerability impacts publicly accessible software...

CVE-2026-8326 Remote Spark SparkView Path Traversal in RDP Drive Redirection leading to RCE

Path traversal vulnerability in Remote Spark https://www.Remotespark.Com/ SparkView allows reading and writing arbitrary files in all directories as root. This leads to RCE. The affected component is the RDP drive redirection. Depending on implementation, the vulnerability can be exploited by an...

CVE-2026-43898

SandboxJS is a JavaScript sandboxing library. Prior to 0.9.6, sandbox-defined functions expose Function.caller, allowing sandboxed code to recover the internal LispType.Call runtime callback. That callback can then be invoked with attacker-controlled fake context and obj values to extract blocked...

CVE-2026-35676

CVE-2026-35676 affects phpMyFAQ before 4.1.3. An unauthenticated password-reset flow allows changing a user’s password via the PUT /api/index.php/user/password/update endpoint without token validation. Attackers can enumerate valid username/email pairs and force immediate password changes, potent...

CVE-2026-44460

FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operations. Prior to 3.12.0, /api/totpsetup.php is callable from a session that has only passed the password check state pendingloginuser. When the target account already has TOTP configured, the endpoint...