CVE-2026-53196

A flaw was found in the Linux kernel's ioti USB serial driver. A malicious USB device, when plugged into a host running this driver, can exploit a heap overflow vulnerability in the getmanufinfo function. This occurs because the driver does not properly validate the size of data read from the...

CVE-2026-47208

A flaw was found in vm2, an open-source virtual machine VM sandbox for Node.js. This vulnerability allows an attacker to escape the sandbox environment by writing malicious code. Successful exploitation can lead to arbitrary code execution on the host system, compromising the integrity and...

CVE-2021-47987

Parse Server before 4.10.0 was affected by a supply chain incident in which incorrect version tags were pushed to the official repository, pointing to an unreviewed personal fork with write access. No releases were published with these tags; a project exposing a vulnerability would require a git-...

CVE-2026-55388

A flaw was found in piscina, a Node.js worker pool implementation. This vulnerability allows an attacker to achieve arbitrary code execution by exploiting a prototype pollution issue. By manipulating the filename option, an attacker can cause their malicious code to be executed within the worker,...

CVE-2026-46607

Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.5, glances/outdated.py uses pickle.load to read a version-check cache file stored at a predictable, world-accessible path /.cache/glances/glances-version.db or $XDGCACHEHOME/glances/glances-version.db. No integrity chec...

CVE-2026-44990

A flaw was found in the sanitize-html library. Under its default configuration, an attacker can embed malicious content within a disallowed xmp element. This vulnerability allows the attacker to bypass the HTML sanitization process, leading to stored Cross-Site Scripting XSS. Successful...

CVE-2026-53011

A flaw was found in the Linux kernel's networking scheduler, specifically within the taprio module. When the system attempts to switch schedules, a use-after-free vulnerability occurs in the advancesched function. This happens because a pointer to an old schedule entry is still used after the...

CVE-2026-53047

A flaw was found in the Linux kernel's EFI Extensible Firmware Interface capsule loader. An incorrect size calculation during memory reallocation for physical addresses can lead to an undersized buffer. This issue, specifically on 32-bit systems with Physical Address Extension PAE, may result in ...

CVE-2026-52989

A flaw was found in the nvmet-tcp component of the Linux kernel. The nvmettcpbuildpduiovec function fails to propagate errors when detecting out-of-bounds PDU lengths or offsets. This can lead to uninitialized memory being used by subsequent operations, such as reading incoming network data into ...

CVE-2026-56786

RTKLIB 2.4.3 contains an out-of-bounds write in decode_type1033 that fails to clamp length counters to the destination buffer. This allows up to a 191-byte overflow into fixed 64-byte descriptor fields when processing a crafted RTCM3 type-1033 message. An attacker controlling an NTRIP or serial R...

CVE-2026-56786 RTKLIB 2.4.3 - Out-of-bounds Write in decode_type1033 via Crafted RTCM3 Message

RTKLIB through 2.4.3 contains an out-of-bounds write vulnerability in decodetype1033 function that fails to clamp length counters to destination buffer size, allowing up to 191-byte overflow into fixed 64-byte descriptor fields. An attacker controlling an NTRIP or serial RTCM3 correction stream c...

CVE-2026-46607

CVE-2026-46607 describes an insecure deserialization vulnerability in Glances, where a version-check cache file (~/.cache/glances/glances-version.db) is loaded with pickle without validation. An attacker with write access to the cache path can introduce a malicious pickle and achieve arbitrary co...

CVE-2026-46607 Glances: Insecure Pickle Deserialization in Version Cache Leads to Arbitrary Code Execution

Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.5, glances/outdated.py uses pickle.load to read a version-check cache file stored at a predictable, world-accessible path /.cache/glances/glances-version.db or $XDGCACHEHOME/glances/glances-version.db. No integrity chec...

EUVD-2026-39509

Horner Automation Cscape versions prior to 10.2 SP3 are vulnerable to an Out-of-Bounds Read vulnerability through parsing CSP files. Successful exploitation of this vulnerability could allow an attacker to disclose information and execute arbitrary code...

CVE-2026-53275

A flaw was found in the Linux kernel's IPv6 multicast mcast component. When processing Multicast Listener Discovery MLD queries, a pointer to the multicast group address is not correctly reloaded after certain packet manipulations. This can lead to a use-after-free vulnerability, potentially...

EUVD-2026-39473

A flaw was found in Keycloak. A remote attacker with administrative privileges, specifically those with manage-client permission or access to client registration endpoints, could bypass client Uniform Resource Identifier URI validation. This is achieved by registering a malicious client with a...

CVE-2026-57453

Vim is an open source, command line text editor. From 9.1.1784 until 9.2.0678, when the bundled zip plugin autoload/zip.vim falls back to PowerShell to browse, read, extract, update or delete entries in a zip archive, it builds the PowerShell command by inserting archive entry names that are quot...

CVE-2026-57456

Vim (prior to 9.2.0699) is vulnerable in its Python omni-completion: during reconstruction of function/class definitions, docstrings are inlined between triple quotes without escaping, allowing a hostile buffer to break out of the literal and execute attacker-controlled Python during omni-complet...

postgresql: PostgreSQL libpq: Buffer overflow allows server superuser to overwrite client stack memory

A flaw was found in PostgreSQL libpq. A server superuser can exploit a buffer overflow vulnerability in the PQfn function, which is used by client functions such as loexport, loread, lolseek64, and lotell64. This allows the superuser to send an arbitrarily large response, overwriting the client's...

postgresql: integer overflow can cause an undersized allocation and an out-of-bounds write

A flaw was found in PostgreSQL. An integer overflow in multiple server features allows an unprivileged database user to cause an undersized memory allocation that leads to an out-of-bounds write. This issue allows an attacker to execute arbitrary code as the operating system user running the...