14405 matches found
a-mailx (=0.1.0), a2 (>=0.1.0 <=0.3.17) +362 more potentially affected by CVE-2026-35397 via jupyter-server (>=0.0.5 <=2.17.0)
jupyter-server PYPI version =0.0.5, =0.1.0, =0.14.0.3, =0.3.0, =0.1.0b0, =1.3.4, =0.18.3, =0.1.0, =1.0.1, =0.1.0, =0.14.0 and more Source cves: CVE-2026-35397 Source advisory: OSV:GHSA-5789-5FC7-67V3...
a-mailx (=0.1.0), a2 (>=0.1.0 <=0.3.17) +90 more potentially affected by CVE-2026-35397 via jupyter-server (>=2.0.0rc3 <=2.17.0)
jupyter-server PYPI version =2.0.0rc3, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.0.1, =3.0.0, =0.1.0, =0.0.1, =0.0.6 and more Source cves: CVE-2026-35397 Source advisory: SNYK:PYTHON-JUPYTERSERVER-16425698...
a-mailx (=0.1.0), a2 (>=0.1.0 <=0.3.17) +362 more potentially affected by CVE-2025-61669 via jupyter-server (>=0.0.5 <=2.17.0)
jupyter-server PYPI version =0.0.5, =0.1.0, =0.14.0.3, =0.3.0, =0.1.0b0, =1.3.4, =0.18.3, =0.1.0, =1.0.1, =0.1.0, =0.14.0 and more Source cves: CVE-2025-61669 Source advisory: OSV:PYSEC-2026-67...
OpenSSH: OpenSSH: Security bypass via mishandling of authorized_keys principals option
A flaw was found in OpenSSH. This vulnerability arises from the incorrect handling of the authorizedkeys principals option in uncommon scenarios. Specifically, when a principals list is used with a Certificate Authority that includes comma characters, OpenSSH may misinterpret the input. This coul...
RUSTSEC-2026-0117 Fragile bounds check when sampling from image
A bounds check was performed in floating points before a cast to the index passed to an unchecked access function. This checked considered NaN cases improperly, causing them to succeed the check instead of failing it. The floating point coordinate is under caller control by passing a selected...
Fragile bounds check when sampling from image
A bounds check was performed in floating points before a cast to the index passed to an unchecked access function. This checked considered NaN cases improperly, causing them to succeed the check instead of failing it. The floating point coordinate is under caller control by passing a selected...
Wireshark 2.2.x < 2.2.15 Multiple Vulnerabilities
The version of Wireshark installed on the remote Windows host is prior to 2.2.15. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.2.15 advisory. - In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was addressed in...
a-mailx (=0.1.0), a2 (>=0.1.0 <=0.3.17) +630 more potentially affected by CVE-2026-40171 via jupyterlab (>=0.31.1 <=4.5.6)
jupyterlab PYPI version =0.31.1, =0.1.0, =0.1.0b0, =0.1.0b0, =0.1.0b0, =0.1.0, =0.5.5, =2.0.0, =0.1.1, =0.1.0, =3.0.0, =4.33.0, =5.0.0 and more Source cves: CVE-2026-40171 Source advisory: OSV:GHSA-RCH3-82JR-F9W9...
CVE-2026-34996
DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...
CVE-2026-34994
DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...
cross-proxy Digest auth state leak
Successfully using libcurl to do a transfer over a specific HTTP proxy proxyA with Digest authentication and then changing the proxy host to a second one proxyB for a second transfer, reusing the same handle, makes libcurl wrongly pass on the Proxy-Authorization: header field meant for proxyA, to...
alfactf2026-writeups
🏆 Alfa CTF 2026 — Райтапы команды The A-Team !CTF Badgeh...
NFC: digital: Bounds check NFC-A cascade depth in SDD response handler
...
SUSE CVE-2026-31622
In the Linux kernel, the following vulnerability has been resolved: NFC: digital: Bounds check NFC-A cascade depth in SDD response handler The NFC-A anti-collision cascade in digitalinrecvsddres appends 3 or 4 bytes to target-nfcid1 on each round, but the number of cascade rounds is controlled...
0xpwn (=0.1.1), a2a-acl (>=0.0.14 <=0.0.15) +265 more potentially affected by CVE-2026-42208 via litellm (>=1.81.16 <=1.83.4)
litellm PYPI version =1.81.16, =0.0.14, =0.0.14, =0.0.1a0, =0.6.0, =0.7.3, =0.1.46, =0.25.4a2, =0.1.0, =0.1.0, =0.1.0, =0.1.14.13, =0.0.0.post0, =2.4.65 and more Source cves: CVE-2026-42208 Source advisory: SNYK:PYTHON-LITELLM-16300164...
PT-2026-35055
Name of the Vulnerable Software and Affected Versions OP-TEE versions 3.8.0 through 4.10 Description An integer underflow occurs in the emsa pkcs1 v1 5 encode function within the core/drivers/crypto/crypto api/acipher/rsassa.c file. The issue arises when calculating the padding size PS size by...
Apple Silicon Vulnerability Research — A18 Pro (MacBook Neo)
This is systematic security research targeting Apple's A18 Pro chip MacBook Neo / Mac17,5, the first A-series SoC shipped in a Mac laptop. The MacBook Neo is used as an authorized Apple Security Research Device SRD and doubles as a high-visibility proxy for iPhone 16 Pro research, since A18 Pro i...
EUVD-2026-24599
The a+HRD developed by aEnrich has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...
cc.chensoul.nacos:nacos-distribution (=2.5.2), cn.sparrowmini:sparrow-org-service (=0.0.1) +625 more potentially affected by CVE-2026-22746 via org.springframework.security:spring-security-core (>=5.8.0 <=5.8.2)
org.springframework.security:spring-security-core MAVEN version =5.8.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =5.12.0, =5.12.0, =1.48.0, =1.48.0, =1.48.0, =2.4.0, =2.4.0, =2.4.0, =2.6.0 and more Source cves: CVE-2026-22746 Source advisory: OSV:GHSA-VXF7-QJ7Q-83FH...
CVE-2026-6833
The a+HRD developed by aEnrich has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...