CVE-2025-64736

An out-of-bounds read vulnerability exists in the ABF parsing functionality of The Biosig Project libbiosig 3.9.2 and Master Branch 5462afb0. A specially crafted .abf file can lead to an information leak. An attacker can provide a malicious file to trigger this vulnerability...

EUVD-2026-9292

A heap-based buffer overflow vulnerability exists in the Intan CLP parsing functionality of The Biosig Project libbiosig 3.9.2 and Master Branch db9a9a63. A specially crafted Intan CLP file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerabilit...

CVE-2026-22891

A heap-based buffer overflow vulnerability exists in the Intan CLP parsing functionality of The Biosig Project libbiosig 3.9.2 and Master Branch db9a9a63. A specially crafted Intan CLP file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerabilit...

CVE-2026-20777

CVE-2026-20777 affects The Biosig Project’s libbiosig 3.9.2 and Master Branch (db9a9a63). It is a heap-based buffer overflow in the Nicolet WFT parsing functionality , where a specially crafted .wft file can lead to arbitrary code execution . An attacker can supply a malicious file to trigger the...

Project Compass Targets 764 Network as 30 Arrested and Victims Rescued

Europol’s Project Compass targets The Com aka 764 network, an online group exploiting minors. After 30 arrests, officials say the hunt for those involved is far from over...

Exploit for Code Injection in Anthropic Claude_Code

CVE-PENDING: MCP Tool Confirmation Prompt Misrepresentation in...

SUSE CVE-2026-3389

A vulnerability was determined in Squirrel up to 3.2. This vulnerability affects the function sqstdrexnewnode in the library sqstdlib/sqstdrex.cpp. Executing a manipulation can lead to null pointer dereference. The attack can only be executed locally. The exploit has been publicly disclosed and m...

libbiosig 安全漏洞

Libbiosig is an open-source software library developed by the BioSig Project for biomedical signal processing. It includes functions for bio-signal analysis. Version 3.9.2 of Libbiosig contains a security vulnerability, which stems from a heap buffer overflow in the Nicolet WFT parsing function...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the PasswordHash API endpoint. An attacker can exhaust server memory and cause service disruption by sending multiple concurrent requests to trigger excessive memory allocation...

CVE-2026-3386

A flaw has been found in wren-lang wren up to 0.4.0. Affected by this vulnerability is the function emitOp of the file src/vm/wrencompiler.c. This manipulation causes out-of-bounds read. It is possible to launch the attack on the local host. The exploit has been published and may be used. The...

CVE-2026-3391

A security flaw has been discovered in FascinatedBox lily up to 2.3. Impacted is the function clearstorages of the file src/lilyemitter.c. The manipulation results in out-of-bounds read. The attack is only possible with local access. The exploit has been released to the public and may be used for...

📄 WordPress Project Notebooks 1.1.4 Remote Code Execution

Proof of concept exploit for the WordPress Project Notebooks plugin version 1.1.4 remote code execution vulnerability that allows for privilege escalation through improper validation of AJAX actions and nonce exposure...

Android Security Bulletin—March 2026Stay organized with collectionsSave and categorize content based on your preferences.

This Android Security Bulletin contains details of security vulnerabilities that affect Android devices. Security patch levels of 2026-03-05 or later address all of these issues. To learn how to check a device's security patch level, see Check and update your Android version. Source code patches...

CVE-2026-3388

A vulnerability was found in Squirrel up to 3.2. This affects the function SQCompiler::Factor/SQCompiler::UnaryOP of the file squirrel/sqcompiler.cpp. Performing a manipulation results in uncontrolled recursion. The attack needs to be approached locally. The exploit has been made public and could...

EUVD-2026-9117

A security flaw has been discovered in ChaiScript up to 6.1.0. The impacted element is the function chaiscript::BoxedNumber::getas of the file include/chaiscript/dispatchkit/boxednumber.hpp. Performing a manipulation results in memory corruption. The attack requires a local approach. The exploit...

PT-2026-22508

A flaw has been found in wren-lang wren up to 0.4.0. Affected by this vulnerability is the function emitOp of the file src/vm/wren compiler.c. This manipulation causes out-of-bounds read. It is possible to launch the attack on the local host. The exploit has been published and may be used. The...

PT-2026-22513

A security flaw has been discovered in FascinatedBox lily up to 2.3. Impacted is the function clear storages of the file src/lily emitter.c. The manipulation results in out-of-bounds read. The attack is only possible with local access. The exploit has been released to the public and may be used f...

5 IoT Vulnerabilities That Stop Projects and How to Avoid Them

Stop the 75% failure rate. Learn which device vulnerabilities stall deployments and the exact fixes that get IoT projects to production...

CVE-2026-27967

Zed, a code editor, has a symlink escape vulnerability in versions prior to 0.225.9 in Agent file tools readfile, editfile. It allows reading and writing files outside the project directory when a project contains symbolic links pointing to external paths. This bypasses the intended workspace...

CVE-2026-3286

The CVE-2026-3286 entry concerns itwanger paicoding 1.0.0/1.0.1/1.0.2/1.0.3. The vulnerable component is the Image Save Endpoint, specifically the Save function in paicoding-web/src/main/java/com/github/paicoding/forum/web/common/image/rest/ImageRestController.java. The issue arises from manipula...