PT-2026-48123

Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description A protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature through a physical attack. This issue is related to access control errors, whi...

PT-2026-40237

Name of the Vulnerable Software and Affected Versions Microsoft Windows DNS Client affected versions not specified Description A heap-based buffer overflow exists in the Microsoft Windows DNS Client, specifically within the dnsapi.dll component. This issue occurs during the processing of DNS...

ROS-20260512-73-0006

A vulnerability in Incus container management system and virtual machine manager is related to incorrect directory path name restriction. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary commands...

Intel Slim Bootloader 输入验证错误漏洞

Intel Slim Bootloader is a lightweight security bootloader designed by Intel Corporation for the Intel platform. There is an input validation vulnerability in Intel Slim Bootloader, which stems from an integer overflow issue in the UEFI firmware. This vulnerability may lead to privilege escalatio...

PT-2026-40242

Name of the Vulnerable Software and Affected Versions Microsoft SSO Plugin for Jira & Confluence affected versions not specified Description An incorrect implementation of the authentication algorithm allows an unauthorized attacker to forge login responses and bypass Entra ID. This enables the...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a resource management vulnerability, which stemmed from the reuse of UI components after they were released. This vulnerability could allow remote attackers to achieve sandbox escap...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a security vulnerability, which was caused by improper implementations in the Downloads component. This vulnerability could allow attackers to execute UI deception after users insta...

PT-2026-40075

Use after free for some Linux kernel driver for the IntelR Ethernet 800 series before version 2.3.14 within Ring 0: Kernel may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may...

PT-2026-40212

Integer underflow wrap or wraparound in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...

PT-2026-40219

Use after free in Windows TCP/IP allows an unauthorized attacker to disclose information over a network...

PT-2026-40209

Heap-based buffer overflow in Volume Manager Extension Driver allows an authorized attacker to execute code with a physical attack...

PT-2026-40239

Name of the Vulnerable Software and Affected Versions Microsoft 365 Copilot for Android affected versions not specified Description Improper access control in the intelligent virtual assistant allows an authorized attacker to perform spoofing attacks locally. Spoofing is a technique where a perso...

PT-2026-40246

Improper neutralization of input during web page generation 'cross-site scripting' in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally...

PT-2026-40241

Improper access control in Microsoft Office PowerPoint allows an authorized attacker to perform spoofing locally...

PT-2026-40309

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when a SOAP server has a typemap configured, the decoding process contains a mistake which checks the wrong variable in case of missing value element. This leads to dereferences a NULL pointer,...

PT-2026-40166

Null pointer dereference in Windows Storport Miniport Driver allows an unauthorized attacker to deny service over a network...

PT-2026-40181

Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally...

PT-2026-40142

Name of the Vulnerable Software and Affected Versions Windows Event Logging Service affected versions not specified Description Improper access control in the Windows Event Logging Service allows an authorized attacker to elevate privileges locally. Recommendations At the moment, there is no...

PT-2026-40176

Integer overflow or wraparound in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally...

PT-2026-40178

Name of the Vulnerable Software and Affected Versions Windows Win32K affected versions not specified Description A type confusion issue in the ICOMP component of Windows Win32K allows an authorized attacker to elevate privileges locally. Type confusion occurs when a program accesses a resource...