CVE-2026-26111 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

...

CVE-2026-3811

A vulnerability was found in Tenda FH1202 1.2.0.14408. This impacts the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument page results in stack-based buffer overflow. The attack can be executed remotely. The exploit has been made public and could be us...

Exploit for CVE-2026-0709

Hikvision Wireless AP – CVE-2026-0709 Authenticated RCE Tool...

SUSE CVE-2026-3084

GStreamer H.266 Codec Parser Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...

Microsoft Windows GDI 代码问题漏洞

Microsoft Windows GDI is a core underlying standard interface within the Windows operating system developed by Microsoft, responsible for drawing graphical objects on the screen or printer, managing fonts, and processing images. There are code vulnerabilities in Microsoft Windows GDI. Attackers c...

Google Pixel 安全漏洞

The Google Pixel is a smartphone produced by Google Inc. The Google Pixel has a security vulnerability, which stems from incorrect bounds checking, leading to out-of-bounds write-ups and potentially allowing for remote code execution...

PT-2026-24234

Name of the Vulnerable Software and Affected Versions Fortinet FortiManager versions 7.2.0 through 7.2.10 Fortinet FortiManager versions 7.4.0 through 7.4.2 Fortinet FortiManager 6.4 all versions Description A stack-based buffer overflow flaw exists in Fortinet FortiManager. A remote,...

Hitachi Vantara Pentaho Data Integration & Analytics 安全漏洞

Hitachi Vantara Pentaho Data Integration & Analytics is a data integration and analysis system developed by Hitachi, Ltd. Versions of Hitachi Vantara Pentaho Data Integration & Analytics prior to 10.2.0.6, including 9.3.x and 8.3.x versions, have security vulnerabilities. These vulnerabilities st...

OneUptime 安全漏洞

OneUptime is a comprehensive open-source solution developed by OneUptime. It is used to monitor and manage your online services. Versions of OneUptime prior to 10.0.20 contained security vulnerabilities. These vulnerabilities stemmed from the ability for low-privilege users to submit custom...

RHEL 9 : gimp (RHSA-2026:4173)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:4173 advisory. The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox,...

SUSE CVE-2026-2921

GStreamer RIFF Palette Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending o...

CVE-2026-30861

WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. From version 0.2.5 to before version 0.2.10, an unauthenticated remote code execution RCE vulnerability exists in the MCP stdio configuration validation. The application allows unrestricted user...

Exploit for Deserialization of Untrusted Data in Microsoft

CVE-2025-59287 — WSUS Unauthenticated RCE Purple team exercis...

Microsoft Devices Pricing Program Code Issue Vulnerability

The Microsoft Devices Pricing Program is Microsoft's exclusive device purchasing and pricing mechanism for enterprise customers, partners, or select channels to enjoy customized pricing, terms of business, and support for volume purchases of Surface Series devices such as Surface Laptop, Surface...

PT-2026-24017

Name of the Vulnerable Software and Affected Versions Atop Technologies EHG2408 series switch Atop Technologies EHG2408-2SFP Description The EHG2408 series switch developed by Atop Technologies contains a Stack-based Buffer Overflow issue. This allows unauthenticated remote attackers to control t...

CVE-2026-3749

A weakness has been identified in Bytedesk up to 1.3.9. This vulnerability affects the function handleFileUpload of the file source-code/src/main/java/com/bytedesk/core/upload/UploadRestService.java of the component SVG File Handler. Executing a manipulation can lead to unrestricted upload. The...

BIT-GHOST-2026-29053 Ghost Vulnerable to Remote Code Execution via Malicious Themes

Ghost is a Node.js content management system. From version 0.7.2 to 6.19.0, specifically crafted malicious themes can execute arbitrary code on the server running Ghost. This issue has been patched in version 6.19.1...

CVE-2026-25070

XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain an OS command injection vulnerability in the /goform/PingTestSet endpoint that allows unauthenticated remote attackers to execute arbitrary operating system commands. Attackers can inject malicious commands through th...

Exploit for Argument Injection in Gnu Inetutils

CVE-2026-24061: GNU Telnetd Authentication Bypass overview...

OESA-2026-1492 libssh security update

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...