PT-2026-49792

In smmu attach dev of arm-smmu-v3.c, there is a possible way to sign malicious Android Runtime bootclass artifacts due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2026-49796

In edgetpu sync fence group shutdown of edgetpu-dmabuf.c, there is a possible elevation of privilege due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

PT-2026-49726

Name of the Vulnerable Software and Affected Versions NVIDIA NeMo Framework for Linux affected versions not specified Description An issue exists where an attacker may cause deserialization of untrusted data. Deserialization is the process of converting a data stream back into an object. A...

PT-2026-49725

Name of the Vulnerable Software and Affected Versions NVIDIA NeMo Framework affected versions not specified Description NVIDIA NeMo Framework contains a code injection flaw. A successful exploit could lead to arbitrary code execution, escalation of privileges, information disclosure, and data...

PT-2026-50036

Vulnerability in the Oracle Enterprise Asset Management product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

PT-2026-49811

In Write of msg to host buffer.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2026-49957

Name of the Vulnerable Software and Affected Versions PeopleSoft Enterprise CS Student Financials version 9.2.38 Description An issue in the PeopleSoft Enterprise CS Student Financials product allows a low privileged attacker with network access via HTTP to compromise the system. Successful...

PT-2026-49874

Name of the Vulnerable Software and Affected Versions Oracle Fusion Middleware WebLogic Server versions 12.2.1.4.0 Oracle Fusion Middleware WebLogic Server versions 14.1.1.0.0 Description An issue exists in the Console component of the WebLogic Server. A low privileged attacker with network acces...

PT-2026-49797

In lwis io buffer write of lwis io buffer.c, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

Pi-Hole Web 6.x < 6.4.2 (Core) Local Privilege Escalation (CVE-2026-41489)

According to its self-reported Core version, the Pi-Hole instance on the remote host is running a Core version between 6.0 and prior to 6.4.2. It is, therefore, affected by a local privilege escalation vulnerability: - Two shell scripts executed as root by systemd pihole-FTL-prestart.sh and...

RHEL 10 : rsync (RHSA-2026:26332)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:26332 advisory. The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because...

ALSA-2026:26332 Important: rsync security, bug fix, and enhancement update

The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool. Security Fixes:...

PT-2026-50062

Name of the Vulnerable Software and Affected Versions Oracle E-Business Suite Oracle Universal Work Queue versions 12.2.3 through 12.2.15 Description An issue exists in the Work Provider Site Level Administration component of the Oracle Universal Work Queue. A low privileged attacker with network...

PT-2026-49808

In ExecuteGraph command handler of EdgeTPU firmware, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with root privileges needed. User interaction is not needed for exploitation...

PT-2026-49818

Name of the Vulnerable Software and Affected Versions Google Android affected versions not specified Description An integer overflow in the numberOfReportBlocks of RtpSession.cpp can lead to an out-of-bounds write. This issue allows for remote escalation of privilege without requiring user...

PT-2026-49913

Name of the Vulnerable Software and Affected Versions Oracle Fusion Middleware WebCenter Content: Imaging version 12.2.1.4.0 Oracle Fusion Middleware WebCenter Content: Imaging version 14.1.2.0.0 Description An issue in the Core component of WebCenter Content: Imaging allows a low privileged...

PT-2026-49764

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.5.6 Description Insufficient scope validation in the Active Memory write scope allows Gateway operators with operator.write access to modify global configuration. This privilege escalation enables users to apply...

PT-2026-49973

Name of the Vulnerable Software and Affected Versions Oracle Enterprise Manager Base Platform version 13.5 Oracle Enterprise Manager Base Platform version 24.1 Description An issue exists in the Extensibility Framework component of the Oracle Enterprise Manager Base Platform. A high privileged...

PT-2026-50048

Vulnerability in the Oracle Advanced Outbound Telephony product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

PT-2026-49950

Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Discovery Framework. Supported versions that are affected are 13.5 and 24.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise...