EUVD-2026-26767

A vulnerability was detected in TRENDnet TEW-821DAP up to 1.12B01. The affected element is the function toolsdiagnostic. The manipulation results in os command injection. The exploit is now public and may be used. The vendor explains: "That firmware version will only work on our hardware version...

CVE-2026-7608 TRENDnet TEW-821DAP tools_diagnostic os command injection

A vulnerability was detected in TRENDnet TEW-821DAP up to 1.12B01. The affected element is the function toolsdiagnostic. The manipulation results in os command injection. The exploit is now public and may be used. The vendor explains: "That firmware version will only work on our hardware version...

[SECURITY] Fedora 44 Update: xen-4.21.1-2.fc44

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

CLSA-2026-1777544697 squashfs-tools: Fix of CVE-2021-40153

CVE-2021-40153: fix write outside destination directory in unsquashfs...

TRENDnet TEW-821DAP 命令注入漏洞

TRENDnet TEW-821DAP is a wireless access point from the company TRENDnet. Versions of TRENDnet TEW-821DAP prior to 1.12B01 contained a command injection vulnerability. This vulnerability stemmed from improper operation of the toolsdiagnostic function, which could lead to OS command injections...

PT-2026-36595

A vulnerability was detected in TRENDnet TEW-821DAP up to 1.12B01. The affected element is the function tools diagnostic. The manipulation results in os command injection. The exploit is now public and may be used. The vendor explains: "That firmware version will only work on our hardware version...

CVE-2026-43024

A flaw was found in the Linux kernel's netfilter nftables component. This vulnerability arises from the system allowing immediate NFQUEUE verdicts, which are not intended for use by userspace nft tools. This could lead to unexpected behavior or a bypass of intended network filtering rules,...

CVE-2026-31782

In the Linux kernel, the following vulnerability has been resolved: perf/x86: Fix potential bad containerof in intelpmuhwconfig Auto counter reload may have a group of events with software events present within it. The software event PMU isn't the x86hybridpmu and a containerof operation in...

[SECURITY] Fedora 44 Update: vhs-0.11.0-2.fc44

Write terminal GIFs as code for integration testing and demoing your CLI tool s...

CVE-2026-7445

A security vulnerability has been detected in ZachHandley ZMCPTools up to 0.2.2. Affected by this issue is some unknown functionality of the file src/managers/ResourceManager.ts of the component MCP Log Resource Handler. The manipulation of the argument dirname leads to path traversal. Remote...

Oracle Linux 10 : libtiff (ELSA-2026-12265)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-12265 advisory. 4.6.0-6.3 - fix CVE-2026-4775: signed integer overflow in putcontig8bitYCbCr44tile RHEL-159309 Tenable has extracted the preceding description block directly...

EUVD-2026-26301

A security vulnerability has been detected in ZachHandley ZMCPTools up to 0.2.2. Affected by this issue is some unknown functionality of the file src/managers/ResourceManager.ts of the component MCP Log Resource Handler. The manipulation of the argument dirname leads to path traversal. Remote...

CVE-2026-7397

The CVE affects NousResearch hermes-agent v0.8.0, specifically the _check_sensitive_path logic in tools/file_tools.py, enabling symlink following when exploited locally. Details from connected records indicate the issue arises from path handling that can be manipulated by an attacker with local a...

Top AI-Powered Vendor Risk Management Platforms for SaaS Companies in 2026

Top AI-powered vendor risk platforms for SaaS companies in 2026, compare tools, features, and how to choose the…...

PT-2026-35969

A security flaw has been discovered in NousResearch hermes-agent 0.8.0. This affects the function check sensitive path of the file tools/file tools.py. The manipulation results in symlink following. Attacking locally is a requirement. The exploit has been released to the public and may be used fo...

Fedora 44 : vhs (2026-d6f01a944d)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-d6f01a944d advisory. Update to version 0.11.0 and adopt go-vendor-tools. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note th...

com.thecookiezen:archiledger-core (>=0.0.4 <=0.0.5), io.github.massimilianopili:mcp-vector-tools (=0.3.1) +1 more potentially affected by CVE-2026-40979 via org.springframework.ai:spring-ai-transformers (>=1.1.0 <=1.1.4)

org.springframework.ai:spring-ai-transformers MAVEN version =1.1.0, =0.0.4, =1.1.0, =1.1.4 Source cves: CVE-2026-40979 Source advisory: OSV:GHSA-R5HP-3CGJ-J6XV...

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.8 contained security vulnerabilities. These vulnerabilities stemmed from the absence of blacklist entries for environment variables such as HGRCPATH, CARGOBUILDRUSTCWRAPPER,...

Towards Agentic Investigation of Security Alerts

Security analysts are overwhelmed by the volume of alerts and the low context provided by many detection systems. Early-stage investigations typically require manual correlation across multiple log sources, a task that is usually time-consuming. In this paper, we present an experimental, agentic...

RHSA-2026:10703 Red Hat Security Advisory: container-tools:rhel8 security update

Bulletin has no description...