kernel: kernel: Privilege escalation or denial of service via use-after-free in nf_tables_addchain()

A flaw was found in the Linux kernel. A local attacker with CAPNETADMIN capabilities, or remote packet traffic, could exploit a use-after-free vulnerability in the nftablesaddchain function's error handling. Successful exploitation could lead to a kernel crash, resulting in a Denial of Service Do...

squid: Squid: Denial of Service via heap Use-After-Free vulnerability in ICP handling

A flaw was found in Squid. A remote attacker can exploit a heap Use-After-Free vulnerability when handling ICP Internet Cache Protocol traffic. This allows them to perform a reliable and repeatable Denial of Service DoS attack, making the Squid service unavailable. This attack is limited to...

CVE-2026-33102

Url redirection to untrusted site 'open redirect' in M365 Copilot allows an unauthorized attacker to elevate privileges over a network...

CVE-2026-41343

OpenClaw before 2026.3.31 lacks a shared pre-auth concurrency budget on the public LINE webhook path, allowing attackers to cause transient availability loss. Remote attackers can flood the webhook endpoint with concurrent requests before signature verification to exhaust resources and degrade...

CVE-2026-41334

OpenClaw before 2026.3.31 contains a decompression bomb vulnerability in image processing that fails to properly enforce pixel-limit guards on sips. Attackers can exploit this by uploading oversized images to cause denial of service through excessive memory consumption...

CVE-2026-41333 OpenClaw < 2026.3.31 - Authentication Rate Limiting Bypass via Fake DeviceToken

OpenClaw before 2026.3.31 contains an authentication rate limiting bypass vulnerability that allows attackers to circumvent shared authentication protections using fake device tokens. Attackers can exploit the mixed WebSocket authentication flow to bypass rate limiting controls and conduct brute...

CVE-2026-33102

Url redirection to untrusted site 'open redirect' in M365 Copilot allows an unauthorized attacker to elevate privileges over a network...

CVE-2026-28525

SWUpdate contains an integer underflow vulnerability in the multipart upload parser in mongoosemultipart.c that allows unauthenticated attackers to cause a denial of service by sending a crafted HTTP POST request to /upload with a malformed multipart boundary and controlled TCP stream timing...

CVE-2026-41265

CVE-2026-41265 affects Flowise with the Airtable_Agents class, where the run method evaluates an LLM-generated Python script without proper sandboxing. This allows prompt-injection via chatflows to coax the LLM into returning a malicious Python script that executes attacker-controlled commands on...

CVE-2026-41275 Flowise: Password Reset Link Sent Over Unsecured HTTP

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the password reset functionality on cloud.flowiseai.com sends a reset password link over the unsecured HTTP protocol instead of HTTPS. This behavior introduces the risk of a man-in-the-middle...

EUVD-2026-25272

@node-oauth/oauth2-server is a module for implementing an OAuth2 server in Node.js. The token exchange path accepts RFC7636-invalid codeverifier values including one-character strings for S256 PKCE flows. Because short/weak verifiers are accepted and failed verifier attempts do not consume the...

CVE-2026-41213

The CVE concerns @node-oauth/oauth2-server, a Node.js OAuth2 server module. The token exchange path accepts RFC7636-invalid code_verifier values for S256 PKCE flows (including one-character verifiers). The underlying cause is that ABNF enforcement for code_verifier is not performed during token e...

EUVD-2026-25250

TP-Link TL-WR841N v13 uses DES-CBC encryption in the TDDPv2 debug protocol with a cryptographic key derived from default web management credentials, making the key predictable if device is left in default configuration. A network-adjacent attacker can exploit this weakness to gain unauthorized...

EUVD-2025-209567

Yadea T5 Electric Bicycles models manufactured in/after 2024 have a weak authentication mechanism in their keyless entry system. The system utilizes the EV1527 fixed-code RF protocol without implementing rolling codes or cryptographic challenge-response mechanisms. This is vulnerable to signal...

GHSA-PQHX-W72W-M393 ntfy.sh allows a remote attacker to execute arbitrary code via the parseActions function

An issue in Ntfy ntfy.sh before v.2.22.0 allows a remote attacker to execute arbitrary code via the parseActions function...

CVE-2026-5039

TP-Link TL-WR841N v13 uses DES-CBC encryption in the TDDPv2 debug protocol with a cryptographic key derived from default web management credentials, making the key predictable if device is left in default configuration. A network-adjacent attacker can exploit this weakness to gain unauthorized...

CVE-2025-70994

Yadea T5 Electric Bicycles models manufactured in/after 2024 have a weak authentication mechanism in their keyless entry system. The system utilizes the EV1527 fixed-code RF protocol without implementing rolling codes or cryptographic challenge-response mechanisms. This is vulnerable to signal...

Microsoft Dynamics 365 (online) Spoofing Vulnerability

Server-side request forgery ssrf in Microsoft Dynamics 365 Online allows an unauthorized attacker to perform spoofing over a network...

ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New Stories

You scroll past one incident and see another that feels familiar, like it should have been fixed years ago, but it still works with small changes. Same bugs. Same mistakes. The supply chain is messy. Packages you did not check are stealing data, adding backdoors, and spreading. Attacking the...

Security Bulletin: Vulnerability in libsoup affects IBM Netezza Appliance

Summary The libsoup package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVECVE-2025-14523 Vulnerability Details CVEID:CVE-2025-14523 DESCRIPTION: A flaw in libsoup’s HTTP header handling allows multiple Host: headers in a request and returns the last...