CVE-2026-7854

A security vulnerability has been detected in D-Link DI-8100 16.07.26A1. Affected by this vulnerability is the function urlruleasp of the file /urlrule.asp of the component POST Parameter Handler. Such manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploi...

Video: Reflected XSS in plugin/Meet/iframe.php via Unescaped user and pass Parameters in JavaScript String Literal

Summary plugin/Meet/iframe.php echoes the attacker-controlled user and pass query parameters unescaped into a JavaScript double-quoted string literal inside a block. An attacker who sends a victim to a crafted URL can break out of the string and execute arbitrary JavaScript in the victim's browse...

Use of GET Request Method With Sensitive Query Strings

Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Use of GET Request Method With Sensitive Query Strings in the OAuth login process, where the user's password hash is included as a query parameter in a redirect UR...

CVE-2026-31893 Tunnelblick arbitrary file read via symlink following in tunnelblickd

Tunnelblick is an open source graphic user interface for OpenVPN on macOS. In versions 3.3beta26 through 9.0beta01, any local user can read arbitrary root-owned files by exploiting a symlink following vulnerability in tunnelblick-helper, reachable through the world-accessible tunnelblickd Unix...

GHSA-8M7C-8M39-RV4X awslabs/tough Delegated Roles have a Signature Threshold Bypass

Summary Improper verification of cryptographic signature uniqueness in delegated role validation in awslabs/tough before tough-v0.22.0 allows remote authenticated users to bypass the TUF signature threshold requirement by duplicating a valid signature, causing the client to accept forged delegate...

EUVD-2026-27418

A weakness has been identified in D-Link DI-8100 16.07.26A1. Affected is the function sprintf of the file /autoreboot.asp of the component HTTP Handler. This manipulation of the argument enable/time causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been made...

EUVD-2026-27345

A flaw was found in Open vSwitch. When Open vSwitch is configured with a conntrack flow using FTP helpers over the userspace datapath, a remote attacker can send a specially crafted FTP stream with an EPASV command exceeding 255 characters. This heap access error can lead to a crash, resulting in...

Security Bulletin: Vulnerabilities in Spring WebFlux, Jenkins, Spring Securiy, Spring Framework, and Node.js lodash might affect IBM Storage Defender Copy Data Management.

Summary IBM Storage Defender Copy Data Management can be affected by vulnerabilities in Spring WebFlux, Jenkins, Spring Securiy, Spring Framework, and Node.js lodash. Vulnerabilities include an attacker, local attacker, remote attacker and authenticated attacker could exploit these vulnerabilitie...

CVE-2026-7854

A security vulnerability has been detected in D-Link DI-8100 16.07.26A1. Affected by this vulnerability is the function urlruleasp of the file /urlrule.asp of the component POST Parameter Handler. Such manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploi...

CVE-2026-7853 D-Link DI-8100 HTTP auto_reboot.asp sprintf buffer overflow

A weakness has been identified in D-Link DI-8100 16.07.26A1. Affected is the function sprintf of the file /autoreboot.asp of the component HTTP Handler. This manipulation of the argument enable/time causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been made...

CVE-2026-7853 D-Link DI-8100 HTTP auto_reboot.asp sprintf buffer overflow

A weakness has been identified in D-Link DI-8100 16.07.26A1. Affected is the function sprintf of the file /autoreboot.asp of the component HTTP Handler. This manipulation of the argument enable/time causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been made...

GHSA-QH7Q-6QM3-653W Jupyter Server has an open redirection vulnerability in `next` query parameter

Summary The ?next=... URL query parameter has an open redirection vulnerability. In jupyterserver=2.17.0, this URL query parameter allows redirection to arbitrary external domains, which can be exploited to facilitate phishing attacks on server users. Details The vulnerability is caused by...

CVE-2026-32689

Allocation of Resources Without Limits or Throttling vulnerability in phoenixframework phoenix allows a denial of service via the long-poll transport's NDJSON body handling. In 'Elixir.Phoenix.Transports.LongPoll':publish/4, when a POST request is received with Content-Type: application/x-ndjson,...

CVE-2026-7845 chatchat-space Langchain-Chatchat Vision Chat Paste Image dialogue.py PIL.Image.tobytes weak hash

A flaw has been found in chatchat-space Langchain-Chatchat up to 0.3.1.3. This issue affects the function PIL.Image.tobytes of the file libs/chatchat-server/chatchat/webuipages/dialogue/dialogue.py of the component Vision Chat Paste Image Handler. This manipulation of the argument...

EUVD-2026-27317

A security flaw has been discovered in IObit Advanced SystemCare 19. This affects an unknown part of the file ASC.exe of the component Service. The manipulation results in symlink following. Attacking locally is a requirement. This attack is characterized by high complexity. It is indicated that...

CVE-2026-7834 EFM ipTIME NAS1dual misc_main.cgi get_csrf_whites stack-based overflow

A security vulnerability has been detected in EFM ipTIME NAS1dual 1.5.24. This issue affects the function getcsrfwhites of the file /cgi/advanced/miscmain.cgi. Such manipulation leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and...

kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache

A flaw was found in the Linux kernel's NFSv4.0 server nfsd. A remote, unauthenticated attacker can exploit this heap overflow vulnerability in the NFSv4.0 LOCK replay cache. By using two cooperating NFSv4.0 clients, where one sets a lock with a large owner string and another requests a conflictin...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses minimatch-10.1.2.tgz, minimatch-10.2.2.tgz which is vulnerable to CVE-2026-27903, CVE-2026-27904

Summary IBM Maximo Application Suite - Visual Inspection component uses minimatch-10.1.2.tgz, minimatch-10.2.2.tgz which is vulnerable to CVE-2026-27903, CVE-2026-27904, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-27903...

EUVD-2023-60572

ERPGo SaaS 3.9 contains a CSV injection vulnerability that allows authenticated attackers to execute arbitrary code by injecting formula payloads into vendor name fields. Attackers can add malicious formulas like =10+20+cmd|' /C calc'!A0 in the vendor creation form, which execute when the exporte...

CVE-2026-6918

In Eclipse Open9J versions 0.21 to 0.58, a pre-authentication remote attacker can crash JITServer by sending a 32-byte crafted TCP message...