EUVD-2026-38721

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: serialize acceptq access btsockpoll walks the accept queue without synchronization, while child teardown can unlink the same socket and drop its last reference. The unsynchronized accept queue walk has existed since th...

c3p0: c3p0: Arbitrary Code Execution via deserialization of crafted objects

A flaw was found in c3p0, a Java Database Connectivity JDBC Connection pooling library. This vulnerability allows an attacker to achieve arbitrary code execution by providing maliciously crafted Java-serialized objects or javax.naming.Reference instances. By manipulating the userOverridesAsString...

kernel: Linux kernel: Use-After-Free in net/gro due to improper handling of zerocopy skbs

A flaw was found in the Linux kernel's Generic Receive Offload GRO networking subsystem. This vulnerability occurs when skbgroreceive attempts to merge zerocopy socket buffers skbs without properly managing page reference counts, specifically when the SKBFLMANAGEDFRAGREFS flag is set. An attacker...

kernel: Linux kernel: Use-After-Free in net/gro due to improper handling of zerocopy skbs

A flaw was found in the Linux kernel's Generic Receive Offload GRO networking subsystem. This vulnerability occurs when skbgroreceive attempts to merge zerocopy socket buffers skbs without properly managing page reference counts, specifically when the SKBFLMANAGEDFRAGREFS flag is set. An attacker...

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

GHSA-WFQX-GJRF-G28R Crossplane: Signature verification TOCTOU allows installing unverified package content via mutable tag

Summary Crossplane allows package signature verification to be configured via the ImageConfig mechanism. When enabled, the package manager uses cosign to verify that packages are correctly signed before pulling and installing them. When a package is installed using a tag reference e.g., a semanti...

CVE-2026-48089

DevGuard provides vulnerability management for the full software supply chain. Prior to 1.4.2, on a DevGuard API instance with one or more public assets, any authenticated user — including users from a different organization with no membership or role in the affected org/project — can create,...

PT-2026-50824

Name of the Vulnerable Software and Affected Versions Daytona versions prior to 0.186 Description A sandbox volume reference volumeId which may also be a volume name was forwarded to the runner and used to build the host bind-mount source path without confinement. A reference containing...

EUVD-2026-37604

Unauthenticated Insecure Direct Object References IDOR in Salon booking system = 10.30.24 versions...

CVE-2026-54184

Unauthenticated Insecure Direct Object References IDOR in Clean Login = 1.15 versions...

CVE-2026-40768

Unauthenticated Insecure Direct Object References IDOR in Salon booking system = 10.30.24 versions...

CVE-2025-15657 WordPress School Management plugin <= 93.1.0 - Insecure Direct Object References (IDOR) vulnerability

Unauthenticated Insecure Direct Object References IDOR in School Management = 93.1.0 versions...

CVE-2026-54184 WordPress Clean Login plugin <= 1.15 - Insecure Direct Object References (IDOR) vulnerability

Unauthenticated Insecure Direct Object References IDOR in Clean Login = 1.15 versions...

CVE-2026-54184

The CVE concerns WordPress plugin Clean Login prior to or up to version 1.15 with an Unauthenticated Insecure Direct Object References (IDOR) vulnerability. The root cause is an IDOR issue in the plugin, potentially exposing object identifiers to unauthenticated users. CVSS 3.1 metrics indicate h...

CVE-2026-40768 WordPress Salon booking system plugin <= 10.30.24 - Insecure Direct Object References (IDOR) vulnerability

Unauthenticated Insecure Direct Object References IDOR in Salon booking system = 10.30.24 versions...

CVE-2026-40768

The CVE covers WordPress Salon booking system plugin versions

pypdf: Possible large memory usage for form XObjects during text extraction

Impact An attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires extracting the text of a page which contains a form XObject with self-references. Patches This has been fixed in pypdf==6.12.2. Workarounds If you cannot upgrade yet, consider applying...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.22.1 bug fix and security update

Red Hat OpenShift Container Platform release 4.22.1 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.22. Red Hat Product Security has rated this update as having a...

EUVD-2026-36995

Subscriber Insecure Direct Object References IDOR in KiviCare = 4.2.1 versions...

EUVD-2026-36955

Subscriber Insecure Direct Object References IDOR in EventPrime = 4.3.0.0 versions...