EulerOS Virtualization 2.12.1 : avahi (EulerOS-SA-2026-2070)

According to the versions of the avahi package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions 0.9rc2 and...

EulerOS Virtualization 2.12.0 : avahi (EulerOS-SA-2026-2095)

According to the versions of the avahi package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions 0.9rc2 and...

CVE-2026-50224

The web administration panel binds broadly to the public IPv6 address space on port :::8080 without default firewall limits, making internal API endpoints reachable over the WAN...

CVE-2026-50224 Unauthenticated IPv6 WAN Management Exposure

The web administration panel binds broadly to the public IPv6 address space on port :::8080 without default firewall limits, making internal API endpoints reachable over the WAN...

CVE-2026-36603

Mercusys AC12G (EU) V1 router (firmware AC12G(EU)_V1_200909) is affected by a UPnP IGD issue: 15 of 18 UPnP actions are exposed without authentication on port 1900, with UPnP enabled by default via the admin interface. This allows any unauthenticated LAN device to create arbitrary port forwarding...

gatekeeper_wan_poc_server

This is the...

CVE-2026-43495

In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: validate portcount against message length in t7xxportenummsghandler t7xxportenummsghandler uses the modem-supplied portcount field as a loop bound over portmsg-data without checking that the message buffer contai...

UBUNTU-CVE-2026-43495

In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: validate portcount against message length in t7xxportenummsghandler t7xxportenummsghandler uses the modem-supplied portcount field as a loop bound over portmsg-data without checking that the message buffer contai...

Cisco Catalyst SD-WAN Controller Authentication Bypass (cisco-sa-sdwan-rpa2-v69WY2SW)

According to its self-reported version, Cisco SD-WAN Viptela Software is affected by a vulnerability. - A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an...

Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability

Cisco Catalyst SD-WAN Controller & Manager contain an authentication bypass vulnerability that allows an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system...

CVE-2026-40408 Windows WAN ARP Driver Elevation of Privilege Vulnerability

...

EUVD-2026-29103

In Meari client applications embedding "com.meari.sdk" including CloudEdge 5.5.0 build 220, Arenti 1.8.1 build 220, and related white-label = 1.8.x, the integrated call path to openapi-euce.mearicloud.com can be abused to retrieve WAN IP data for arbitrary devices. The root cause is a server-side...

CVE-2026-33357 Meari OpenAPI device status IDOR

In Meari client applications embedding "com.meari.sdk" including CloudEdge 5.5.0 build 220, Arenti 1.8.1 build 220, and related white-label = 1.8.x, the integrated call path to openapi-euce.mearicloud.com can be abused to retrieve WAN IP data for arbitrary devices. The root cause is a server-side...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: A NULL pointer dereference occurs during the removal of a device. During the suspend and resume cycles, the removal and rescan of devices can lead to NULL pointer dereferences. During driver initialization, if th...

EUVD-2026-26101

OpenClaw before 2026.3.31 contains a wide-area discovery vulnerability allowing arbitrary tailnet peers to be accepted as DNS authorities. Attackers with same-tailnet position and CA-trusted endpoint access can exfiltrate operator credentials through DNS steering manipulation...

CVE-2026-41393 OpenClaw < 2026.3.31 - Arbitrary DNS Authority Acceptance and Credential Exfiltration via Wide-Area Discovery

OpenClaw before 2026.3.31 contains a wide-area discovery vulnerability allowing arbitrary tailnet peers to be accepted as DNS authorities. Attackers with same-tailnet position and CA-trusted endpoint access can exfiltrate operator credentials through DNS steering manipulation...

CVE-2026-41393

OpenClaw before 2026.3.31 contains a wide-area discovery vulnerability allowing arbitrary tailnet peers to be accepted as DNS authorities. Attackers with same-tailnet position and CA-trusted endpoint access can exfiltrate operator credentials through DNS steering manipulation...

CVE-2026-41393

CVE-2026-41393 affects OpenClaw prior to 2026.3.31, where a wide-area discovery flaw can cause arbitrary tailnet peers to be accepted as DNS authorities. Attackers with the same-tailnet position and CA-trusted endpoint access can exfiltrate operator credentials via DNS steering manipulation. Affe...

CVE-2026-41393 OpenClaw < 2026.3.31 - Arbitrary DNS Authority Acceptance and Credential Exfiltration via Wide-Area Discovery

OpenClaw before 2026.3.31 contains a wide-area discovery vulnerability allowing arbitrary tailnet peers to be accepted as DNS authorities. Attackers with same-tailnet position and CA-trusted endpoint access can exfiltrate operator credentials through DNS steering manipulation...

PT-2026-31401

Name of the Vulnerable Software and Affected Versions D-Link DI-8003 version 16.07.26A1 D-Link DI-8003G version 19.12.10A1 Description A buffer overflow exists due to improper handling of the wan ping parameter in the /wan ping.asp API endpoint. Recommendations Update D-Link DI-8003 to a version...