CVE-2026-23870

A flaw was found in the React Server DOM components, including react-server-dom-webpack, react-server-dom-parcel, and react-server-dom-turbopack. A remote attacker could exploit this denial of service DoS vulnerability by sending specially crafted HTTP requests to server function endpoints. This...

Linux Distros Unpatched Vulnerability : CVE-2026-41470

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LIVE555 before 2026.04.22 contains an authorization bypass vulnerability in RTSP session command handling that allows attackers to replay valid Session tokens...

SUSE CVE-2026-41470

LIVE555 before 2026.04.22 contains an authorization bypass vulnerability in RTSP session command handling that allows attackers to replay valid Session tokens from unauthenticated connections. Attackers who obtain a valid Session token can issue PLAY and TEARDOWN commands from a second TCP...

CVE-2026-41470 LIVE555 < 2026.04.22 RTSP Server Authorization Bypass via Session Token

LIVE555 before 2026.04.22 contains an authorization bypass vulnerability in RTSP session command handling that allows attackers to replay valid Session tokens from unauthenticated connections. Attackers who obtain a valid Session token can issue PLAY and TEARDOWN commands from a second TCP...

CVE-2026-41470

LIVE555 before 2026.04.22 contains an authorization bypass vulnerability in RTSP session command handling that allows attackers to replay valid Session tokens from unauthenticated connections. Attackers who obtain a valid Session token can issue PLAY and TEARDOWN commands from a second TCP...

Live555 安全漏洞

LIVE555 is a cross-platform C++ open-source project that provides solutions for streaming media. It supports standard streaming media transmission protocols such as RTP/RTCP, RTSP, and SIP. Versions of LIVE555 before 2026.04.22 had security vulnerabilities. These vulnerabilities stemmed from...

MongoDB Server 安全漏洞

MongoDB Server is an open-source NoSQL database developed by MongoDB, a US-based company. This database offers features such as collection-oriented storage, dynamic querying, data replication, and automatic failover. There were security vulnerabilities in MongoDB Server versions prior to 7.0...

Grafana OSS 安全漏洞

Grafana OSS is an open-source visualization dashboard developed by Grafana. There is a security vulnerability in Grafana OSS, which stems from a race condition in Live. This condition may allow authenticated users with the Viewer role to trigger a fatal mapping access error by sending concurrent...

MongoDB Server 代码问题漏洞

MongoDB Server is an open-source NoSQL database developed by MongoDB, a US-based company. This database offers features such as collection-oriented storage, dynamic querying, data replication, and automatic failover. Versions of MongoDB Server prior to 8.2 and 8.2.7 contained code vulnerabilities...

OESA-2026-2016 firebird security update

Firebird is a relational database offering many ANSI SQL standard features that runs on Linux, Windows, MacOS and a variety of Unix platforms. Firebird offers excellent concurrency, high performance, and powerful language support for stored procedures and triggers. It has been used in production...

PowerDNS Recursor（pdns_recursor） 资源管理错误漏洞

PowerDNS Recursor pdnsrecursor is a domain name resolution server developed by the Dutch company PowerDNS. PowerDNS Recursor has a resource management vulnerability; this vulnerability arises from multiple concurrent transmissions within the same RPZ, which can lead to inconsistent RPZ data, reus...

Oracle MySQL Server 安全漏洞

Oracle MySQL Server is a relational database management system developed by Oracle Corporation. Vulnerabilities exist in versions 8.0.0 to 8.0.45, 8.4.0 to 8.4.8, and 9.0.0 to 9.6.0 of Oracle MySQL Server. These vulnerabilities stem from issues with the Server: Optimizer component, which may allo...

oxia 竞争条件问题漏洞

Oxia is a distributed metadata storage and coordination system developed by Oxia. Versions of Oxia prior to 0.16.2 had a race condition vulnerability. This vulnerability stemmed from a race between session heartbeat processing and session termination, which could lead to server crashes due to...

Oracle MySQL Server 安全漏洞

Oracle MySQL Server is a relational database management system developed by Oracle Corporation. Vulnerabilities exist in versions 8.0.0 to 8.0.45, 8.4.0 to 8.4.8, and 9.0.0 to 9.6.0 of Oracle MySQL Server. These vulnerabilities stem from issues with the Server: Optimizer component, allowing...

Oracle MySQL Server 安全漏洞

Oracle MySQL Server is a relational database management system developed by Oracle Corporation. Vulnerabilities exist in versions 8.0.0 to 8.0.45, 8.4.0 to 8.4.8, and 9.0.0 to 9.6.0 of Oracle MySQL Server. These vulnerabilities stem from issues with the Server: Optimizer component, allowing...

Firebird 安全漏洞

Firebird is a set of open-source, cross-platform relational database management systems provided by the Firebird Foundation, which include multiple ANSI SQL-92 functions. Vulnerabilities exist in versions prior to Firebird 6.0.0, 5.0.4, 4.0.7, and 3.0.14. These vulnerabilities stem from the...

AlmaLinux 8 : mariadb:10.11 (ALSA-2026:6435)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:6435 advisory. mysql: High Privilege Denial of Service Vulnerability in MySQL Server CVE-2025-21490 mariadb: MariaDB Server Crash Due to Empty Backtrace Log CVE-2023-529...

NVIDIA Triton Inference Server 安全漏洞

NVIDIA Triton Inference Server is an open-source software developed by NVIDIA Corporation. It helps standardize model deployment and provide fast, scalable AI in production environments. NVIDIA Triton Inference Server has a security vulnerability. This vulnerability arises from sending malformed...

vLLM 安全漏洞

vLLM is an open-source solution designed for LLM-based models, featuring high throughput and memory-efficient reasoning and service engines. Versions of vLLM prior to 0.7.0 to 0.19.0 contained security vulnerabilities. These vulnerabilities stemmed from the VideoMediaIO.loadbase64 method not...

mariadb:10.11 security update

An update is available for mariadb, galera, module.galera, module.mariadb, module.Judy, Judy. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list MariaDB is a...