CVE-2026-40586

CVE-2026-40586 affects blueprintUE: prior to version 4.2.0, the login form handler does not throttle or rate-limit failed authentication attempts (no IP-based limits, no per-account counters, no temporary lockout, no tarpit, no CAPTCHA). This enables unlimited credential guessing attempts against...

CLSA-2026-1776440644 expat: Fix of 4 CVEs

CVE-2017-9233: fix external entity infinite loop in entityValueInitProcessor and entityValueProcessor - CVE-2023-52425: add reparse deferral heuristic to prevent On^2 parsing of large tokens in small buffer refills; fix buffer growth calculation - CVE-2013-0340: add billion laughs entity...

EUVD-2026-24123

Information disclosure in the IP Protection component. This vulnerability was fixed in Firefox 150...

CVE-2026-6782

Information disclosure in the IP Protection component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

CVE-2026-6782

Information disclosure in the IP Protection component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

UBUNTU-CVE-2026-6782

Information disclosure in the IP Protection component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

CVE-2026-6782 Information disclosure in the IP Protection component

Information disclosure in the IP Protection component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

CVE-2026-6782

Information disclosure in the IP Protection component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

CVE-2026-6782

Information disclosure in the IP Protection component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

CVE-2026-6782

Information disclosure in the IP Protection component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

CVE-2026-6782

CVE-2026-6782 involves information disclosure in the Mozilla Firefox IP Protection component. The available documents identify the affected product as Firefox and note the vulnerability was fixed in Firefox 150. No additional exploit details or root-cause specifics are provided beyond this. Remed...

CVE-2026-6782 Information disclosure in the IP Protection component

Information disclosure in the IP Protection component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

CVE-2026-41037 Missing Rate Limiting Vulnerability in Quantum Networks Router QN-I-470

This vulnerability exists in Quantum Networks router due to missing rate limiting and CAPTCHA protection for failed login attempts in the web-based management interface. An attacker on the same network could exploit this vulnerability by performing brute force attacks against administrative...

CVE-2026-41037

The CVE-2026-41037 affects a Quantum Networks router, where inadequate sanitization of user input in the management CLI interface permits an authenticated remote attacker to inject arbitrary OS commands, enabling remote code execution with root privileges. The CVSSv4 base score is 8.7 (HIGH), wit...

CVE-2026-41037 Missing Rate Limiting Vulnerability in Quantum Networks Router QN-I-470

This vulnerability exists in Quantum Networks router due to missing rate limiting and CAPTCHA protection for failed login attempts in the web-based management interface. An attacker on the same network could exploit this vulnerability by performing brute force attacks against administrative...

CVE-2026-41037

This vulnerability exists in Quantum Networks router due to missing rate limiting and CAPTCHA protection for failed login attempts in the web-based management interface. An attacker on the same network could exploit this vulnerability by performing brute force attacks against administrative...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011051)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011051 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: gadget: userial: Add null pointer check in gserialresume Consider a case where...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010948)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010948 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv6: ensure sane device mtu in tunnels Another syzbot report 1 with no reproducer hints at a bug...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-012988)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-012988 advisory. In the Linux kernel, the following vulnerability has been resolved: fs: sysfs: Fix reference leak in sysfsbreakactiveprotection The sysfsbreakactiveprotection routin...

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-006977)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006977 advisory. In the Linux kernel, the following vulnerability has been resolved: VMCI: check context-notifypage after call to getuserpagesfast to avoid GPF The call to...