CVE-2026-20656

A logic issue was addressed with improved validation. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, macOS Tahoe 26.3. An app may be able to access a user's Safari history...

UBUNTU-CVE-2026-20635

The issue was addressed with improved memory handling. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3, Safari 26.3. Processing maliciously crafted web content may lead to an unexpected process crash...

[SECURITY] Fedora 42 Update: rust-rbspy-0.34.1-4.fc42

Sampling CPU profiler for Ruby...

PT-2026-7751

Name of the Vulnerable Software and Affected Versions macOS Sequoia versions 15.7.4 macOS Tahoe version 26.3 macOS Sonoma versions 14.8.4 Description A privacy issue existed where an application could potentially access sensitive user data. The issue was resolved with improved checks...

keylime-config-7.14.0+0-1.1 on GA media (moderate)

keylime-config-7.14.0+0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10165-1 Rating: moderate Cross-References: CVE-2026-1709 CVSS scores: CVE-2026-1709 SUSE : 9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H CVE-2026-1709 SUSE : 8.8...

PT-2026-7282

Name of the Vulnerable Software and Affected Versions IntelR OptaneTM PMem management software versions prior to CR MGMT 02.00.00.4052 IntelR OptaneTM PMem management software versions prior to CR MGMT 03.00.00.0538 Description A condition check issue exists in the IntelR OptaneTM PMem management...

APSB26-14 : Security update available for Adobe Audition

Adobe has released an update for Adobe Audition for Windows and macOS. This update resolves critical and important vulnerabilities that could lead to arbitrary code execution, memory exposure, and application denial-of-service...

Siemens NX

SUMMARY Siemens NX is affected by multiple file parsing vulnerabilities that could be triggered when the application reads files in CGM format. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to crash or potentially lead to...

CVE-2026-25889

File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Prior to 2.57.1, a case-sensitivity flaw in the password validation logic allows any authenticated user to change their password or an admin to change...

PT-2026-7014

Name of the Vulnerable Software and Affected Versions UTT 进取 521G version 3.1.1-190816 Description A flaw exists in the doSystem function within the /goform/setSysAdm file. Manipulation of the passwd1 argument can result in command injection. This issue may be exploited remotely. The exploit is...

PT-2026-6903

Name of the Vulnerable Software and Affected Versions D-Link DWR-M921 version 1.1.50 Description A security issue exists in D-Link DWR-M921 version 1.1.50 related to command injection. The issue is located in the USSD Configuration component, specifically within the sub 419F20 function of the...

PT-2026-6907

Name of the Vulnerable Software and Affected Versions SourceCodester Online Class Record System version 1.0 Description A flaw exists in SourceCodester Online Class Record System 1.0. The issue is related to the manipulation of the user email argument within the file '/admin/login.php', leading t...

Exploit for CVE-2025-2304

CVE-2025-2304 - Camaleon CMS 2.9.0 - Privilege Escalation Expl...

PT-2026-6829

Name of the Vulnerable Software and Affected Versions QuickDate version 1.3.2 Description The software contains a SQL injection issue that allows remote attackers to manipulate database queries. This is achieved through the located parameter in the /find matches API endpoint. Attackers can inject...

Oracle Linux 7 : python (ELSA-2026-1537)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-1537 advisory. 2.7.5-94.0.3 - Fix for CVE-2025-12084 Orabug: 38902314 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...

web2py vulnerable to open redirect

Overview web2py contains the following vulnerability. Open redirect CWE-601 - CVE-2026-25198 Shiga Takuma of BroadBand Security, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact When accessing a speciall...

Oracle Linux 9 : python3.12-wheel (ELSA-2026-1939)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-1939 advisory. 0.41.2-3.1 - Security fix for CVE-2026-24049 Resolves: RHEL-143652 Tenable has extracted the preceding description block directly from the Oracle Linux security...

PT-2026-6872

Name of the Vulnerable Software and Affected Versions tracker-extract version 3.7.1-1ubuntu0.1 tracker-miner-fs version 3.7.1-1ubuntu0.1 Description The software can crash when processing specific malformed MP3 files. This could lead to a denial of service or potentially allow for arbitrary code...

Important: python-pip

Issue Overview: urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression...

Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Open Redirect Vulnerability

A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the...