CVE-2026-33866

CVE-2026-33866 affects MLflow up to version 3.10.1 and describes an authorization bypass in the AJAX endpoint for downloading saved model artifacts. Due to missing access-control validation, a user without permissions to a given experiment can directly query the endpoint and retrieve artifacts th...

CVE-2026-33866 Authorization Bypass in MLflow AJAX Endpoint

MLflow is vulnerable to an authorization bypass affecting the AJAX endpoint used to download saved model artifacts. Due to missing access‑control validation, a user without permissions to a given experiment can directly query this endpoint and retrieve model artifacts they are not authorized to...

freerdp: FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb

A heap buffer use after free has been discovered in FreeRDP. Asynchronous bulk transfer completions can use a freed channel callback after URBDRC channel close, leading to a use after free in urbwritecompletion...

RLSA-2026:6037 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Use-After-Free vulnerability in ATM subsystem CVE-2025-38180 kernel: macvlan: fix error recovery in macvlancommonnewlink CVE-2026-23209 kernel: net/sched: clsu32: use...

Tinyproxy 安全漏洞

Tinyproxy is a small, efficient HTTP/SSL proxy daemon developed by Tinyproxy. Versions of Tinyproxy 1.11.3 and earlier contained security vulnerabilities. These vulnerabilities stemmed from asynchronous HTTP request parsing, which could lead to denial-of-service attacks or bypassing security chec...

PT-2026-31048

The Hustle – Email Marketing, Lead Generation, Optins, Popups plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'hustle module converted' AJAX action in all versions up to, and including, 7.8.10.2. This makes it possible for...

CVE-2026-35448

WWBN AVideo is an open source video platform. In versions 26.0 and prior, the BlockonomicsYPT plugin's check.php endpoint returns payment order data for any Bitcoin address without requiring authentication. The endpoint was designed as an AJAX polling helper for the authenticated invoice.php page...

CVE-2026-34771

A flaw was found in Electron, a framework for building desktop applications. This vulnerability, known as a use-after-free, occurs when an application registers an asynchronous permission request handler and a frame navigates or a window closes while the handler is pending. A remote attacker coul...

SmartContract-VulnHunter

🛡️ SmartContract VulnHunter The ultimate smart contract securi...

Linux Distros Unpatched Vulnerability : CVE-2026-31399

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nvdimm/bus: Fix potential use after free in asynchronous initialization Dingisoul with KASAN reports a use after free if deviceadd fails in ndasyncdeviceregiste...

CVE-2026-4896

The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 6.7.25 via multiple AJAX actions including wcfmmodifyorderstatus, deletewcfmarticle,...

Claude SDK For Python: Memory Tool Path Validation Race Condition Allows Sandbox Escape

The async local filesystem memory tool in the Anthropic Python SDK validated that model-supplied paths resolved inside the sandboxed memory directory, but then returned the unresolved path for subsequent file operations. A local attacker able to write to the memory directory could retarget a...

CVE-2026-34771

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.0, 40.7.0, and 41.0.0-beta.8, apps that register an asynchronous session.setPermissionRequestHandler may be vulnerable to a use-after-free when handling fullscree...

CVE-2026-34771 Electron: Use-after-free in WebContents fullscreen, pointer-lock, and keyboard-lock permission callbacks

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.0, 40.7.0, and 41.0.0-beta.8, apps that register an asynchronous session.setPermissionRequestHandler may be vulnerable to a use-after-free when handling fullscree...

SUSE CVE-2026-31399

In the Linux kernel, the following vulnerability has been resolved: nvdimm/bus: Fix potential use after free in asynchronous initialization Dingisoul with KASAN reports a use after free if deviceadd fails in ndasyncdeviceregister. Commit b6eae0f61db2 "libnvdimm: Hold reference on parent while...

EUVD-2026-18780

In the Linux kernel, the following vulnerability has been resolved: nvdimm/bus: Fix potential use after free in asynchronous initialization Dingisoul with KASAN reports a use after free if deviceadd fails in ndasyncdeviceregister. Commit b6eae0f61db2 "libnvdimm: Hold reference on parent while...

CVE-2026-31399

In the Linux kernel, the following vulnerability has been resolved: nvdimm/bus: Fix potential use after free in asynchronous initialization Dingisoul with KASAN reports a use after free if deviceadd fails in ndasyncdeviceregister. Commit b6eae0f61db2 "libnvdimm: Hold reference on parent while...

CVE-2026-23466

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Open-code GGTT MMIO access protection GGTT MMIO access is currently protected by hotplug drmdeventer, which works correctly when the driver loads successfully and is later unbound or unloaded. However, if driver load fail...

UBUNTU-CVE-2026-31399

In the Linux kernel, the following vulnerability has been resolved: nvdimm/bus: Fix potential use after free in asynchronous initialization Dingisoul with KASAN reports a use after free if deviceadd fails in ndasyncdeviceregister. Commit b6eae0f61db2 "libnvdimm: Hold reference on parent while...

CVE-2026-31399 nvdimm/bus: Fix potential use after free in asynchronous initialization

In the Linux kernel, the following vulnerability has been resolved: nvdimm/bus: Fix potential use after free in asynchronous initialization Dingisoul with KASAN reports a use after free if deviceadd fails in ndasyncdeviceregister. Commit b6eae0f61db2 "libnvdimm: Hold reference on parent while...