CVE-2026-22319 Stack-Based Buffer Overflow in File Install Parameter Handling

A stack-based buffer overflow in the device's file installation workflow allows a high-privileged attacker to send oversized POST parameters that overflow a fixed-size stack buffer within an internal process, resulting in a DoS attack...

UBUNTU-CVE-2026-32596

Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.2, Glances web server runs without authentication by default when started with glances -w, exposing REST API with sensitive system information including process command-lines containing credentials passwords, API keys,...

CVE-2026-32608 Glances has a Command Injection via Process Names in Action Command Templates

Glances is an open-source system cross-platform monitoring tool. The Glances action system allows administrators to configure shell commands that execute when monitoring thresholds are exceeded. These commands support Mustache template variables e.g., name, key that are populated with runtime...

CVE-2026-32608

Glances is an open-source system cross-platform monitoring tool. The Glances action system allows administrators to configure shell commands that execute when monitoring thresholds are exceeded. These commands support Mustache template variables e.g., name, key that are populated with runtime...

CVE-2026-32608 Glances has a Command Injection via Process Names in Action Command Templates

Glances is an open-source system cross-platform monitoring tool. The Glances action system allows administrators to configure shell commands that execute when monitoring thresholds are exceeded. These commands support Mustache template variables e.g., name, key that are populated with runtime...

CVE-2026-32608 Glances has a Command Injection via Process Names in Action Command Templates

Glances is an open-source system cross-platform monitoring tool. The Glances action system allows administrators to configure shell commands that execute when monitoring thresholds are exceeded. These commands support Mustache template variables e.g., name, key that are populated with runtime...

CVE-2026-32608

Glances CVE-2026-32608 describes a local command-injection in the action system. Before 4.5.2, Mustache-rendered values such as process names, mount points, or container names could contain shell metacharacters that are not safely handled by secure_popen(), causing unintended command splitting. A...

CVE-2026-32596

Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.2, Glances web server runs without authentication by default when started with glances -w, exposing REST API with sensitive system information including process command-lines containing credentials passwords, API keys,...

CVE-2026-32606 IncusOS has a LUKS encryption bypass due to insufficient TPM policy

IncusOS is an immutable OS image dedicated to running Incus. Prior to 202603142010, the default configuration of systemd-cryptenroll as used by IncusOS through mkosi allows for an attacker with physical access to the machine to access the encrypted data without requiring any interaction by the...

[SECURITY] Fedora 44 Update: systemd-259.5-1.fc44

systemd is a system and service manager that runs as PID 1 and starts the rest of the system. It provides aggressive parallelization capabilities, uses sock et and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups,...

OpenClaw 访问控制错误漏洞

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an Access Control Error vulnerability that can be exploited by an attacker to cause a local process to capture a gateway authentication token...

PT-2026-26132

Dell Integrated Dell Remote Access Controller 9, 14G versions prior to 7.00.00.181, 15G and 16G versions prior to 7.20.10.50 and Dell Integrated Dell Remote Access Controller 10, 17G versions prior to 1.20.25.00, contain a Process Control vulnerability. A high privileged attacker with adjacent...

Phoenix Contact多款产品 安全漏洞

PHOENIX CONTACT FL SWITCH and PHOENIX CONTACT FL NAT are products of the German company PHOENIX CONTACT. PHOENIX CONTACT FL SWITCH is an industrial-grade Ethernet switch. PHOENIX CONTACT FL NAT is a series of industrial security gateways. Several products from Phoenix Contact have security...

VulnCheck KEV: CVE-2025-43510

A memory corruption issue was addressed with improved lock state checking. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. A malicious application may cause unexpect...

EUVD-2026-12490

Improper S3 ownership verification in Bedrock AgentCore Starter Toolkit...

GHSA-XFHR-Q72Q-JCRJ Improper S3 ownership verification in Bedrock AgentCore Starter Toolkit

Summary An issue has been identified in the Bedrock AgentCore Starter Toolkit versions prior to v0.1.13 that may allow a remote actor to inject code during the build process, leading to code execution in the AgentCore Runtime. Impact A remote actor could inject code during the build process,...

CVE-2026-32296

Sipeed NanoKVM before 2.3.1 exposes a Wi-Fi configuration endpoint without proper security checks, allowing an unauthenticated attacker with network access to change the saved configured Wi-Fi network to one of the attacker's choosing, or craft a request to exhaust the system memory and terminate...

CVE-2026-32296

Sipeed NanoKVM (pre-2.3.1) exposes a Wi‑Fi configuration endpoint without proper access checks, allowing an unauthenticated attacker with network access to either change the saved Wi‑Fi network to a value of the attacker’s choosing or craft a request to exhaust memory and terminate the KVM proces...

CVE-2026-32296 Sipeed NanoKVM unauthenticated Wi-Fi configuration endpoint

Sipeed NanoKVM before 2.3.1 exposes a Wi-Fi configuration endpoint without proper security checks, allowing an unauthenticated attacker with network access to change the saved configured Wi-Fi network to one of the attacker's choosing, or craft a request to exhaust the system memory and terminate...

CVE-2026-32293

The affected device is the GL-iNet Comet (GL-RM1) KVM. During boot, it connects to a GL-iNet site to provision client and CA certificates, but it does not verify the certificates used for this connection. This enables a network attacker to perform a man-in-the-middle attack to serve invalid clien...