CVE-2026-31709

In the Linux kernel SMB client (cifsacl), CVE-2026-31709 arises from insufficient validation of a server-provided DACL when rewriting security descriptors. The fix extends structural validation to ensure the DACL header, size, and per-ACE bounds are checked before any rewrite paths (replace_sids_...

EUVD-2026-26532

A vulnerability was detected in AcademySoftwareFoundation OpenImageIO up to 3.2.0.1-dev. This vulnerability affects unknown code of the file src/dds.imageio/ddsinput.cpp of the component DDS Image Handler. The manipulation results in out-of-bounds write. The attack needs to be approached locally...

CVE-2026-7581

The CVE describes a vulnerability in alexta69 MeTube up to 2026.04.09, affecting the CORS Policy implementation (function on_prepare in app/main.py). The issue results in a permissive cross-domain policy that can interact with untrusted domains and is exploitable remotely. A public exploit is ind...

CVE-2026-7580

A vulnerability was detected in Exiftool up to 13.53. Impacted is the function Processmrld of the file lib/Image/ExifTool/GM.pm of the component JPEG/QuickTime/MOV/MP4. The manipulation of the argument -ee results in code injection. Attacking locally is a requirement. Upgrading to version 13.54 i...

CVE-2026-7554

A vulnerability was determined in D-Link M60 up to 1.20B02. Affected by this issue is some unknown functionality of the file /usr/bin/httpd. This manipulation causes weak password recovery. The attack can be initiated remotely. A high degree of complexity is needed for the attack. The exploitatio...

EUVD-2026-26480

A vulnerability was determined in D-Link M60 up to 1.20B02. Affected by this issue is some unknown functionality of the file /usr/bin/httpd. This manipulation causes weak password recovery. The attack can be initiated remotely. A high degree of complexity is needed for the attack. The exploitatio...

CVE-2026-7550

CVE-2026-7550 affects SourceCodester Pharmacy Sales and Inventory System 1.0. The vulnerability is in an unknown function of the file /ajax.php?action=save_customer where manipulation of the argument ID leads to an SQL injection. It is exploitable remotely and the exploit has been disclosed publi...

CVE-2026-7549 SourceCodester Pharmacy Sales and Inventory System ajax.php delete_customer sql injection

A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts an unknown function of the file /ajax.php?action=deletecustomer. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been...

SUSE CVE-2026-3833

A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of nameConstraints labels, specifically for dNSName DNS or rfc822Name email constraints within excludedSubtrees or permittedSubtrees. A remote attacker can exploit this by crafting a leaf...

CVE-2026-7536 Open5GS BSF pcfBindings bsf_sess_add_by_ip_address denial of service

A vulnerability was determined in Open5GS up to 2.7.7. This vulnerability affects the function bsfsessaddbyipaddress of the file /nbsf-management/v1/pcfBindings of the component BSF. Executing a manipulation of the argument ipv4Addr can lead to denial of service. The attack can be launched...

CVE-2026-7536

A vulnerability was determined in Open5GS up to 2.7.7. This vulnerability affects the function bsfsessaddbyipaddress of the file /nbsf-management/v1/pcfBindings of the component BSF. Executing a manipulation of the argument ipv4Addr can lead to denial of service. The attack can be launched...

CVE-2026-7535

A vulnerability was found in Open5GS up to 2.7.7. This affects the function amfnamfcommhandleregistrationstatusupdaterequest in the library /lib/app/ogs-init.c of the file /namf-comm/v1/ue-contexts/ueContextId/transfer-update. Performing a manipulation of the argument ueContextId results in denia...

CVE-2026-37539

Buffer overflow vulnerability in cannelloni v2.0.0 in CAN frame parsing in parser.cpp in function parseCANFrame, and decoder.cpp in function decodeFrame allowing remote attackers to cause a denial of service crash or possibly execute arbitrary code via crafted CAN FD frames...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to perform boundary checks on user control pointers in drm-compatible ioctl paths, which could lea...

PT-2026-36531

A vulnerability was found in ggerve coding-standards-mcp. This issue affects the function get style guide/get best practices of the file server.py. The manipulation of the argument Language results in path traversal. It is possible to launch the attack remotely. The exploit has been made public a...

maccms_pro 访问控制错误漏洞

Maccmspro is a content management system developed by Maccmspro’s individual developers. Versions of Maccmspro prior to 2022.1.3 had an access control vulnerability. This vulnerability stemmed from an unlimited upload issue in the install function of the file/admi.php/admin/addon/add.html within...

CVE-2026-37554

An issue was discovered in Vanetza V2X v26.02 allowing remote unauthorized attackers to cause a denial of service. The vulnerability exists in the GeoNetworking packet processing pipeline where OpenSSL exceptions from ECC point validation invalid compressed point, point not on curve are not...

PT-2026-36536

Name of the Vulnerable Software and Affected Versions astro-mcp-server versions prior to 1.1.2 Description A flaw in the MCP Tool Query Construction component, specifically within a function in the src/index.ts file, allows for remote SQL injection. This occurs when the request.params.arguments...

STARE: Step-Wise Temporal Alignment and Red-Teaming Engine for Multi-Modal Toxicity Attack

Red-teaming Vision-Language Models is essential for identifying vulnerabilities where adversarial image-text inputs trigger toxic outputs. Existing approaches treat image generation as a black box, returning only terminal toxicity scores and leaving open the question of when and how toxic semanti...

CVE-2026-37525

AGL app-framework-binder afb-daemon through v19.90.0 contains a privilege escalation vulnerability in the supervision Do command. The onsupervisioncall function in src/afb-supervision.c explicitly nullifies the request credentials by calling afbcontextchangecred&xreq-;context, NULL before...