CVE-2018-25353

Redaxo CMS Mediapool Addon 5.5.1 and older contains an arbitrary file upload vulnerability that allows authenticated users to bypass file extension blacklist restrictions. Attackers with editor accounts can upload executable files by using obfuscated extensions like php71 or php53 to evade the...

Audiograbber 安全漏洞

Audiograbber is a software tool developed by Audiograbber Inc. for capturing audio CDs and converting them into digital audio format. Version 1.83 of Audiograbber contained a security vulnerability. This vulnerability stemmed from a local buffer overflow, which could allow attackers to execute...

CVE-2026-5843

The MLX inference backend in Docker Model Runner on macOS uses the MLX-LM library, which unconditionally imports and executes arbitrary Python files from model directories via the modelfile configuration field in config.json. When a model's config.json specifies a modelfile pointing to a Python...

EUVD-2026-31493

The vllm-metal inference backend in Docker Model Runner on macOS unconditionally sets trustremotecode=True when loading model tokenizers, and runs without sandboxing. This causes transformers.AutoTokenizer.frompretrained to import and execute arbitrary Python files included in any model pulled fr...

CVE-2026-5817

CVE-2026-5817 affects the vllm-metal backend used by Docker Model Runner on macOS. The backend loads model tokenizers with trust_remote_code=True, causing transformers.AutoTokenizer.from_pretrained() to import and execute arbitrary Python files from models pulled from an OCI registry. This can en...

CVE-2026-9291 Insecure Deserialization in Amazon Braket SDK Job Results Processing

Insecure deserialization in the job results processing component in Amazon Braket SDK before 1.117.0 might allow a remote authenticated user with S3 write access to the job output bucket to achieve arbitrary code execution on any machine that processes job results. We recommend you upgrade to...

CVE-2026-37470

An issue in ClipBucket v5 v.5.5.2 allows an attacker to execute arbitrary code via the Authentication interface, login page endpoint and HTTP response security headers components...

CVE-2026-8992

An improper certificate validation vulnerability in Ivanti Secure Access Client before 22.8R6 allows a remote unauthenticated attacker to execute arbitrary code...

USN-8295-1 evince vulnerability

It was discovered that Evince did not properly sanitize command-line arguments in PDF /GoToR actions. If a user opened a specially crafted PDF file, an attacker could possibly use this issue to execute arbitrary code...

USN-8295-1: Evince vulnerability

It was discovered that Evince did not properly sanitize command-line arguments in PDF /GoToR actions. If a user opened a specially crafted PDF file, an attacker could possibly use this issue to execute arbitrary code...

CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday added two security flaws impacting Langflow and Trend Micro Apex One to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The vulnerabilities in question are listed below -...

CVE-2026-37470

An issue in ClipBucket v5 v.5.5.2 allows an attacker to execute arbitrary code via the Authentication interface, login page endpoint and HTTP response security headers components...

CVE-2026-37470

An issue in ClipBucket v5 v.5.5.2 allows an attacker to execute arbitrary code via the Authentication interface, login page endpoint and HTTP response security headers components...

Docker Model Runner 安全漏洞

Docker Model Runner is an open-source Docker model runner developed by Docker. Docker Model Runner vllm-metal contains a security vulnerability. This vulnerability arises from setting trustremotecode=True without any sandbox protection. It may allow arbitrary Python files to be executed during...

RockyLinux 9 : systemd (RLSA-2026:13677)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:13677 advisory. systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data CVE-2026-29111 Tenable has extracted the preceding description blo...

ClipBucket 安全漏洞

ClipBucket is an open-source PHP script developed by MacWarrior. It is available for free download and used to create video-sharing websites. Version 5.5.2 of ClipBucket contains a security vulnerability. This vulnerability stems from the authentication interface, the login page endpoint, and the...

Linux Distros Unpatched Vulnerability : CVE-2026-8973

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Memory safety bugs present in Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could ha...

RockyLinux 9 : nginx (RLSA-2026:18029)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:18029 advisory. nginx: NGINX: Arbitrary Code Execution Vulnerability CVE-2026-42945 Tenable has extracted the preceding description block directly from the RockyLinux security...

PT-2026-42800

An issue in ClipBucket v5 v.5.5.2 allows an attacker to execute arbitrary code via the Authentication interface, login page endpoint and HTTP response security headers components...

nginx -- heap buffer overflow in ngx_http_rewrite_module

The nginx developers report: A heap memory buffer overflow might occur in a worker process when using a configuration with overlapping captures in ngxhttprewritemodule, potentially resulting in arbitrary code execution CVE-2026-9256...