Zoho ManageEngine OpManager - SQL Injection

Zoho ManageEngine OpManager before 12.3 Build 123196 does not require authentication for /oputilsServlet requests, as demonstrated by a /oputilsServlet?action=getAPIKey request that can be leveraged against Firewall Analyzer to add an admin user via /api/json/v2/admin/addUser or conduct a SQL...

CVE-2026-45684

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.7.0 to before version 0.9.0, OBI's log enricher mishandles writev buffers by reading only the first iovec entry but using the total ioviter.count as the copy length. When log...

ROOT-OS-DEBIAN-12-CVE-2025-39751 CVE-2025-39751 in rootio-linux - Patched by Root

Root has patched CVE-2025-39751 in the rootio-linux package for Root:Debian:12. Multiple fixed versions available...

CVE-2026-46826

...

podman security update

An update is available for podman. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The podman tool manages pods, container images, and containers. It is part of...

CLEANSTART-2026-AQ33378 Security fixes for ghsa-gxhx-2686-5h9g applied in versions: 2.12.0-r0

Security vulnerability affects the kubewatch package. This issue is resolved in later releases. See references for vulnerability details...

PT-2026-41418

wow CVE-2026-22931203921321321...

GHSA-X23J-RGR4-MP7M vulnerabilities

Vulnerabilities for packages: chromium...

CVE-2026-40129

creationtimestamp| type| source ---|---|--- 2026-05-12 05:02:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlmz4iwkgu2q 2026-05-12 14:20:28+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mlnybnopq22h 2026-05-12 14:25:06+00:00| seen|...

CVE-2024-30167

CVE-2024-30167 affects Atlona AT-OME-MS42 Matrix Switcher (version 1.1.2). The vulnerability arises in /cgi-bin/time.cgi where a POST containing a serverName parameter allows remote authenticated users to execute arbitrary commands as root. Documented impact: arbitrary code execution with root pr...

CLEANSTART-2026-SP87460 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0

Security vulnerability affects the apache-zookeeper package. This issue is resolved in later releases. See references for vulnerability details...

@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (>=0.8.3 <=0.9.5) +20 more potentially affected by CVE-2026-44114 via openclaw (>=0.0.1 <=2026.4.2)

openclaw NPM version =0.0.1, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =27.2.5, =1.1.0, =2.1.3, =2026.3.24-3, =0.14.39, =0.1.0, =0.1.1, =0.2.18 - @xmoxmo/bncr =0.0.8 - morpho-vault-manager =0.1.0 and more Source cves: CVE-2026-44114 Source advisory: OSV:GHSA-HXVM-XJVF-93F3...

CVE-2026-6175

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2026-41248

creationtimestamp| type| source ---|---|--- 2026-04-24 22:00:17+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mkbjlxyitp2w 2026-04-25 00:00:42+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mkbqdc3r752v 2026-04-25 00:00:46+00:00| seen|...

BELL-CVE-2026-22021

Bulletin has no description...

CVE-2026-41326

creationtimestamp| type| source ---|---|--- 2026-04-22 19:55:07+00:00| published-proof-of-concept| https://github.com/kata-containers/kata-containers/security/advisories/GHSA-q49m-57vm-c8cc 2026-05-04 20:10:29+00:00| seen| https://gist.github.com/alon710/e5f670283b66e1c583d8b3f3f9d1efba 2026-05-1...

CVE-2025-6016

creationtimestamp| type| source ---|---|--- 2026-04-22 12:50:07+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mk3jwdl7pl2u 2026-04-24 07:57:51+00:00| seen| https://ccb.belgium.be/advisories/warning-11-new-vulnerabilities-gitlab-ce-and-ee-editions-patch-immediately...

CVE-2026-34308

...

CVE-2026-34302

...

CVE-2026-34298

CVE-2026-34298 affects Oracle Applications Framework within Oracle E-Business Suite, Personalization component. Affected: E-Business Suite versions 12.2.9–12.2.15. The vulnerability arises in the Personalization feature, enabling a high-privilege attacker with network access via HTTP to perform u...