CVE-2026-4390 TeamSpeak 3 Server Connection State Management process_resend_queue use after free

A weakness has been identified in TeamSpeak 3 Server up to 3.13.7. This affects the function processresendqueue of the component Connection State Management. This manipulation causes use after free. The attack may be initiated remotely. Upgrading to version 3.13.8 is able to mitigate this issue...

firefox: Information disclosure, sandbox escape in the Security: Process Sandboxing component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Information disclosure, sandbox escape in the Security: Process Sandboxing component...

firefox: Information disclosure, sandbox escape in the Security: Process Sandboxing component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Information disclosure, sandbox escape in the Security: Process Sandboxing component...

firefox: Information disclosure, sandbox escape in the Security: Process Sandboxing component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Information disclosure, sandbox escape in the Security: Process Sandboxing component...

CVE-2026-44319 free5GC: NEF crashes via logger.Fatal on PFD notification delivery failure (attacker-controlled notifyUri)

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF terminates the entire process when a stored PFD-subscription notifyUri cannot be reached. In PfdChangeNotifier.FlushNotifications, the notifier calls NnefPFDmanagementNotify... and on any delivery error...

CVE-2026-44319 free5GC: NEF crashes via logger.Fatal on PFD notification delivery failure (attacker-controlled notifyUri)

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF terminates the entire process when a stored PFD-subscription notifyUri cannot be reached. In PfdChangeNotifier.FlushNotifications, the notifier calls NnefPFDmanagementNotify... and on any delivery error...

CVE-2026-44321

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's SMF mounts the UPI management route group without inbound OAuth2 middleware. The POST /upi/v1/upNodesLinks create-or-update handler accepts attacker-controlled JSON and passes it directly into...

Exploit for CVE-2026-0828

CVE-2026-0828 — Safetica ProcessMonitorDriver.sys BYOVD PoC S...

CVE-2026-45027

WeGIA is a web manager for charitable institutions. In versions prior to 3.7.3, login.php hashes the submitted password with PHP hash(…, 'SHA-256') and no salt, and the password-change flow uses the same pattern. SHA-256 is a fast general-purpose hash, not ideal for password storage, so identical...

CVE-2026-44902

opentelemetry-js is the OpenTelemetry JavaScript Client. Prior to 0.217.0, a single malformed HTTP request crashes any Node.js process running the OpenTelemetry JS Prometheus exporter. The metrics endpoint default 0.0.0.0:9464 has no error handling around URL parsing, so a request with an invalid...

CVE-2026-44902

Summary: CVE-2026-44902 affects the OpenTelemetry JS client, specifically the Prometheus exporter in opentelemetry-js prior to 0.217.0. A single malformed HTTP request to the default metrics endpoint (0.0.0.0:9464) has no URL parsing error handling, causing an uncaught TypeError that crashes the ...

CVE-2026-7365

IBM Operations Analytics - Log Analysis and IBM SmartCloud Analytics - Log Analysis uses default passwords default passwords from the manufacturing process for use during the installation process, which could allow an attacker to bypass authentication...

EUVD-2026-32505

IBM Operations Analytics - Log Analysis and IBM SmartCloud Analytics - Log Analysis uses default passwords default passwords from the manufacturing process for use during the installation process, which could allow an attacker to bypass authentication...

SUSE CVE-2026-45840

In the Linux kernel, the following vulnerability has been resolved: openvswitch: cap upcall PID array size and pre-size vport replies The vport netlink reply helpers allocate a fixed-size skb with nlmsgnewNLMSGDEFAULTSIZE, ... but serialize the full upcall PID array via ovsvportgetupcallportids...

CVE-2026-46027 net/smc: avoid early lgr access in smc_clc_wait_msg

In the Linux kernel, the following vulnerability has been resolved: net/smc: avoid early lgr access in smcclcwaitmsg A CLC decline can be received while the handshake is still in an early stage, before the connection has been associated with a link group. The decline handling in smcclcwaitmsg...

CVE-2026-45945

The CVE-2026-45945 vulnerability affects the Linux kernel iommu/vt-d PASID entry handling. A race condition arises when replacing an active 512-bit PASID table entry; the existing approach writes a new entry in place, risking torn reads if the hardware fetches the entry in multiple 128-bit chunks...

CVE-2026-45862

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Flush cache for PASID table before using it When writing the address of a freshly allocated zero-initialized PASID table to a PASID directory entry, do that after the CPU cache flush for this PASID table, not before i...

kernel: proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al

In the Linux kernel, the following vulnerability has been resolved: proc: use the same treatment to check proclseek as ones for procreaditer et.al Check pde-procops-proclseek directly may cause UAF in rmmod scenario. It's a gap in procregopen after commit 654b33ada4ab"proc: fix UAF in...

SUSE CVE-2025-22240

Arbitrary directory creation or file deletion. In the findfile method of the GitFS class, a path is created using os.path.join using unvalidated input from the “tgtenv” variable. This can be exploited by an attacker to delete any file on the Master's process has permissions to...

PT-2026-44688

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.216 Description Insufficient validation of untrusted input in the Printing component allows a remote attacker who has compromised the renderer process to bypass site isolation using a crafted HTML pag...