CVE-2025-71256

In nr modem, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges needed...

BoxLite has a Timeout Bypass Vulnerability

Summary BoxLite is a sandbox service that allows users to create lightweight virtual machines Boxes and run OCI containers within them. BoxLite allows users to configure a timeout for services running inside the virtual machine. When the timeout is triggered, BoxLite sends a signal to kill the...

CVE-2026-42241

ParquetSharp is a .NET library for reading and writing Apache Parquet files. From version 18.1.0 to before version 23.0.0.1, DecimalConverter.ReadDecimal makes a stackalloc using what might be an attacker-supplied value. If an attacker declares a decimal column with some unreasonable width, this...

PT-2026-38740

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated attacker...

CVE-2026-42241

ParquetSharp is a .NET library for reading and writing Apache Parquet files. From version 18.1.0 to before version 23.0.0.1, DecimalConverter.ReadDecimal makes a stackalloc using what might be an attacker-supplied value. If an attacker declares a decimal column with some unreasonable width, this...

PT-2026-37926

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated attacker...

EUVD-2026-24352

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Fluid Core. Supported versions that are affected are 8.61-8.62. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise...

CVE-2026-31369

PcManager is affected by type privilege bypass, successful exploitation of this vulnerability may affect service availability...

CVE-2026-31368

AiAssistant is affected by type privilege bypass, successful exploitation of this vulnerability may affect service availability...

CVE-2026-23835

LobeHub is an open source human-and-AI-agent network. Prior to version 1.143.3, the file upload feature in Knowledge Base File Upload does not validate the integrity of the upload request, allowing users to intercept and modify the request parameters. As a result, it is possible to create arbitra...

CVE-2026-23835

LobeHub is an open source human-and-AI-agent network. Prior to version 1.143.3, the file upload feature in Knowledge Base File Upload does not validate the integrity of the upload request, allowing users to intercept and modify the request parameters. As a result, it is possible to create arbitra...

CVE-2026-23835

CVE-2026-23835 affects Lobehub/LobeHub prior to 1.143.3, where the file upload endpoint (file.createFile) does not validate request integrity, enabling an attacker to intercept and modify upload parameters, create arbitrary files in unintended paths, and misreport file sizes to bypass storage quo...

CVE-2026-1684

A vulnerability was found in Free5GC SMF up to 4.1.0. Affected by this issue is the function HandleReports of the file /internal/context/pfcpreports.go of the component PFCP UDP Endpoint. The manipulation results in denial of service. The attack can be executed remotely. It is advisable to...

PT-2026-5439

Name of the Vulnerable Software and Affected Versions LobeHub versions prior to 1.143.3 Description LobeHub is an open source human-and-AI-agent network. The file upload feature in Knowledge Base File Upload does not validate the integrity of the upload request, allowing users to intercept and...

CVE-2026-21965

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Pluggable Auth. Supported versions that are affected are 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000938)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000938 advisory. Race condition in the netlinkdump function in net/netlink/afnetlink.c in the Linux kernel before 4.6.3 allows local users to cause a denial of service double free or...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000543)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000543 advisory. The apicgettmcct function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service...

CVE-2021-2218

Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft component: Health Center. Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterpris...

EUVD-2025-199965

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed...

CVE-2025-61762

Vulnerability in the PeopleSoft Enterprise FIN Payables product of Oracle PeopleSoft component: Payables. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise FIN Payables...