PT-2026-46178

Fixed AES-128-CBC keys inside the AcerConnect OTA application let attackers forge authorization credentials for arbitrary IMEI numbers. This allows unauthorized actors to list catalog items and extract protected binaries from pre-signed cloud links...

Important: Red Hat Security Advisory: Insights proxy Container Image

Initial GA Release of Red Hat Insights proxy The Insights proxy Container is used by the Insights proxy product RPM and serves as an intermediary between cystomer systems in disconnected networks, air-gapped systems or systems with no outside connections and Insights. The Insights proxy routes al...

CVE-2026-49267 Apache Airflow: No certificate validation on SMTP STARTTLS connections

Apache Airflow's EmailOperator and the underlying airflow.utils.email helpers established SMTP STARTTLS connections without verifying the remote certificate when the deployment used email smtpstarttls=True without email smtpssl. An attacker positioned between the worker and the configured SMTP...

CVE-2026-37232

An issue was discovered in OpenAirInterface5G 2.4.0 nr-softmodem in the E2SM-KPM RAN Function's PRB utilization metric calculation. The functions fillRRUPrbTotDl and fillRRUPrbTotUl in openair2/E2AP/RANFUNCTION/O-RAN/ranfunckpmsubs.c lines 182 and 197 compute PRB usage percentages by dividing by...

PT-2026-45511

An issue was discovered in OpenAirInterface5G 2.4.0 nr-softmodem in the E2SM-KPM RAN Function's PRB utilization metric calculation. The functions fill RRU PrbTotDl and fill RRU PrbTotUl in openair2/E2AP/RAN FUNCTION/O-RAN/ran func kpm subs.c lines 182 and 197 compute PRB usage percentages by...

openairinterface5G security vulnerability

openairinterface5G is an open-source implementation of the OAI project, focusing on the research, development, and testing of 5G NR New Radio core networks and access networks. Version 2.4.0 of openairinterface5G contains a security vulnerability. This vulnerability stems from the E2SM-KPM RAN...

Apple Security Update: iOS 26.5.1

Apple recommends to install security update iOS 26.5.1 on devices iPhone 17 all models and iPhone Air...

CVE-2026-9397 Besen BS20 EV Charging Station OTA Update Installation improper authorization

A weakness has been identified in Besen BS20 EV Charging Station up to 20260426. Affected by this issue is some unknown functionality of the component OTA Update Installation Handler. This manipulation causes improper authorization. The attack is possible to be carried out remotely. A high degree...

CVE-2026-9397 Besen BS20 EV Charging Station OTA Update Installation improper authorization

A weakness has been identified in Besen BS20 EV Charging Station up to 20260426. Affected by this issue is some unknown functionality of the component OTA Update Installation Handler. This manipulation causes improper authorization. The attack is possible to be carried out remotely. A high degree...

CVE-2026-9397

Technical details are not publicly available in the provided documents. Monitor for updates.

Besen BS20 EV Charging Station 授权问题漏洞

The Besen BS20 EV Charging Station is an AC electric vehicle wall-mounted charging station developed by the Chinese company Besen. The version of the Besen BS20 EV Charging Station dated 20260426 and earlier contained an authorization issue vulnerability. This vulnerability stemmed from improper...

PT-2026-42967

A weakness has been identified in Besen BS20 EV Charging Station up to 20260426. Affected by this issue is some unknown functionality of the component OTA Update Installation Handler. This manipulation causes improper authorization. The attack is possible to be carried out remotely. A high degree...

a2 (>=0.1.0 <=0.3.17), abnativ (>=1.1.0 <=1.2.9) +344 more potentially affected by CVE-2026-2614 via mlflow (>=0.8.2 <=3.0.1)

mlflow PYPI version =0.8.2, =0.1.0, =1.1.0, =0.0.5, =0.1.0, =0.1.0, =1.7.0, =1.7.0, =1.8.0, =1.7.0, =1.7.0, =0.1.1, =0.1.5 - anovos =1.1.0 - apache-submarine =0.6.0 and more Source cves: CVE-2026-2614 Source advisory: OSV:GHSA-42H5-H8QH-VV9V...

Astra Linux - уязвимость в linux, linux-5.10

“Specifically timed and handcrafted traffic can cause internal errors in a WLAN device, leading to improper Layer 2 Wi-Fi encryption. This may result in information disclosure over the air for a specific set of traffic.” In Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon...

Exploit for CVE-2026-31431

SSIA - System Structural Integrity Audit A tool kit for disco...

SNF - Shadow Network Fingerprinting Engine

SNF Shadow Network Fingerprinting Engine is a 100% offline, air-gap-native passive network intelligence engine written entirely in Rust. It was designed from the ground up for environments where outbound connectivity is not just unavailable but prohibited: classified defense networks, nuclear...

Important: Red Hat Security Advisory: Insights proxy Container Image

Initial GA Release of Red Hat Insights proxy The Insights proxy Container is used by the Insights proxy product RPM and serves as an intermediary between cystomer systems in disconnected networks, air-gapped systems or systems with no outside connections and Insights. The Insights proxy routes al...

EUVD-2026-24507

Zero Motorcycles firmware versions 44 and prior enable an attacker to forcibly pair a device with the motorcycle via Bluetooth. Once paired, an attacker can utilize over-the-air firmware updating functionality to potentially upload malicious firmware to the motorcycle. The motorcycle must first b...

CVE-2026-1354

Zero Motorcycles firmware versions 44 and prior enable an attacker to forcibly pair a device with the motorcycle via Bluetooth. Once paired, an attacker can utilize over-the-air firmware updating functionality to potentially upload malicious firmware to the motorcycle. The motorcycle must first b...

CVE-2026-1354

Zero Motorcycles firmware versions 44 and prior enable an attacker to forcibly pair a device with the motorcycle via Bluetooth. Once paired, an attacker can utilize over-the-air firmware updating functionality to potentially upload malicious firmware to the motorcycle. The motorcycle must first b...