Impact of 5G SA Logical Vulnerabilities on UAV Communications: Threat Models and Testbed Evaluation

This paper examines how logical vulnerabilities in 5G Standalone networks affect UAV command and control communication. The study looks at three attacker positions in the architecture: a malicious user equipment UE connected to the same logical network as the UAV, an attacker with access to the 5...

PT-2026-23075

Name of the Vulnerable Software and Affected Versions Hono versions prior to 4.12.4 Description Hono is a Web application framework supporting various JavaScript runtimes. An inconsistency in URL decoding between the router decodeURI and serveStatic decodeURIComponent allowed protected static...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005761)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005761 advisory. In the Linux kernel, the following vulnerability has been resolved: ubi: ubiwlputpeb: Fix infinite loop when wear-leveling work failed Following process will trigger...

Missing Encryption of Sensitive Data

Overview github.com/rancher/rancher/pkg/controllers/management/node is a complete container management platform Affected versions of this package are vulnerable to Missing Encryption of Sensitive Data in the cluster creation using RKE templates with Weave CNI, where the WEAVEPASSWORD is not set,...

CVE-2026-20445

In MDDP, there is a possible system crash due to a race condition. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10289875; Issue ID: MSV-5184...

Portwell Engineering Toolkits

RISK EVALUATION Successful exploitation of this vulnerability could allow a local attacker to escalate privileges or cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as:...

GHSA-5847-RM3G-23MW OpenClaw has hook auth rate limiter bypass via IPv4-mapped IPv6 client key variants

Vulnerability The hook authentication throttle keyed failed attempts by raw socket remoteAddress text. IPv4 and IPv4-mapped IPv6 forms of the same client for example 1.2.3.4 and ::ffff:1.2.3.4 were treated as different clients, allowing separate rate-limit buckets. Impact An attacker could split...

SUSE CVE-2026-27824

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, the calibre Content Server's brute-force protection mechanism uses a ban key derived from both remoteaddr and the X-Forwarded-For header. Since the X-Forwarded-For header i...

PT-2026-22808

Name of the Vulnerable Software and Affected Versions Avira Internet Security affected versions not specified Description A time-of-check time-of-use TOCTOU issue exists in the Optimizer component. A privileged service running as SYSTEM identifies directories for cleanup during a scan phase and...

Protection Mechanism Failure

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Protection Mechanism Failure through improper validation of the docker.network configuration parameter. An attacker can gain unauthorized access to internal network resources by specifyin...

GHSA-GV46-4XFQ-JV58 OpenClaw Vulnerable to Remote Code Execution via Node Invoke Approval Bypass in Gateway

Summary A remote code execution RCE vulnerability in the gateway-to-node invocation path allowed an authenticated gateway client to bypass node-host exec approvals by injecting internal control fields into node.invoke parameters. Affected Component - Gateway method: node.invoke for node command...

AZL-79353 CVE-2026-0032 affecting package hyperv-daemons 5.15.200.1-1

In multiple functions of memprotect.c, there is a possible out-of-bounds write due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0032

In multiple functions of memprotect.c, there is a possible out-of-bounds write due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0038

In multiple functions of memprotect.c, there is a possible way to execute arbitrary code due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0038

In multiple functions of memprotect.c, there is a possible way to execute arbitrary code due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0038

In multiple functions of memprotect.c, there is a possible way to execute arbitrary code due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0032

CVE-2026-0032 describes a possible out-of-bounds write in multiple functions of the mem_protect.c file, caused by a logic error, enabling local escalation of privilege with no additional execution privileges and without user interaction. The affected component appears to be kernel/media-related c...

CVE-2026-0032

In multiple functions of memprotect.c, there is a possible out-of-bounds write due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0031

In multiple functions of memprotect.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0031

In multiple functions of memprotect.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...