EUVD-2026-11915

Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Subrata Mal TeraWallet – For WooCommerce woo-wallet allows Leveraging Race Conditions.This issue affects TeraWallet – For WooCommerce: from n/a through = 1.5.15...

EUVD-2026-12095

Yamux vulnerable to remote Panic via malformed Data frame with SYN set and len = 262145...

CVE-2026-32314 Yamux remote Panic via malformed Data frame with SYN set and len = 262145

Yamux is a stream multiplexer over reliable, ordered connections such as TCP/IP. Prior to 0.13.10, the Rust implementation of Yamux can panic when processing a crafted inbound Data frame that sets SYN and uses a body length greater than DEFAULTCREDIT e.g. 262145. On the first packet of a new...

CVE-2026-32398 WordPress TeraWallet – For WooCommerce plugin <= 1.5.15 - Race Condition vulnerability

Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Subrata Mal TeraWallet – For WooCommerce woo-wallet allows Leveraging Race Conditions.This issue affects TeraWallet – For WooCommerce: from n/a through = 1.5.15...

PT-2026-25244

Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Subrata Mal TeraWallet – For WooCommerce woo-wallet allows Leveraging Race Conditions.This issue affects TeraWallet – For WooCommerce: from n/a through = 1.5.15...

ROS-20260313-73-0005

A vulnerability in the pnfsupdatelayout function of the Linux operating system kernel is related to synchronization errors when using a shared resource. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

EUVD-2026-10627

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Kerberos allows an unauthorized attacker to bypass a security feature over a network...

CVE-2026-24297

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Kerberos allows an unauthorized attacker to bypass a security feature over a network...

CVE-2026-24296

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Device Association Service allows an authorized attacker to elevate privileges locally...

CVE-2026-24296

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Device Association Service allows an authorized attacker to elevate privileges locally...

Incorrect Authorization

Overview @powersync/service-sync-rules is an A library containing logic for PowerSync sync rules. Affected versions of this package are vulnerable to Incorrect Authorization in the stream synchronization with config.edition: 3 and subquery filters are used without partitioning the result set. An...

PowerSync Service 授权问题漏洞

PowerSync Service is a local-first synchronization engine developed by PowerSync as open source. Version 1.20.0 of PowerSync Service contains an authorization vulnerability. This vulnerability arises from ignoring certain subquery filters when using a new synchronization stream, which may allow...

PT-2026-24290

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Device Association Service allows an authorized attacker to elevate privileges locally...

ROS-20260310-73-0022

Vulnerability in python-filelock related to synchronization errors when using a shared resource. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

AgenticCyOps: Securing Multi-Agentic AI Integration in Enterprise Cyber Operations

Multi-agent systems MAS powered by LLMs promise adaptive, reasoning-driven enterprise workflows, yet granting agents autonomous control over tools, memory, and communication introduces attack surfaces absent from deterministic pipelines. While current research largely addresses prompt-level...

CVE-2026-0995

An issue has been identified in Arm C1-Pro before r1p2-50eac0, where, under certain conditions, a TLBI+DSB might fail to ensure the completion of memory accesses related to SME...

CVE-2026-20018

A vulnerability in the sftunnel functionality of Cisco Secure Firewall Management Center FMC Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, remote attacker with administrative privileges to write arbitrary files as root on the underlying operating...

CVE-2026-30795

Cleartext Transmission of Sensitive Information vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android Heartbeat sync loop modules allows Sniffing Attacks. This vulnerability is associated with program files src/hbbshttp/sync.Rs and program routine...

RustDesk 安全漏洞

RustDesk is a remote access and control software developed by RustDesk personal developers. It is primarily written in Rust and can be used to maintain computers and other devices remotely. Versions of RustDesk 1.4.5 and earlier contain security vulnerabilities. These vulnerabilities stem from...

RHEL 9 : kernel (RHSA-2026:3692)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:3692 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: scsi: mpi3mr: Synchronous access b/w...