CVE-2026-11412 Jinher OA GetFormSn.aspx sql injection

A weakness has been identified in Jinher OA C6. The affected element is an unknown function of the file /C6/JHSoft.Web.ModuleCount/GetFormSn.aspx. Executing a manipulation of the argument queryID can lead to sql injection. The attack may be performed from remote. The exploit has been made availab...

CVE-2026-11411

CVE-2026-11411 describes a path traversal flaw in iAI Lab PDF AI App 4.21.0 on Android, specifically in the chatpdf.pro component’s getExternalCacheDir function. By manipulating the _display_name argument, an attacker with local access can cause path traversal. The exploit has been released publi...

Exploit for Heap-based Buffer Overflow in Mediatek Mt6890_Firmware

CVE-2026-20452 — MediaTek WLAN AP Heap Overflow PoC Proof of...

Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack

Microsoft's GitHub repositories have become the latest to fall victim to the ongoing Miasma self-replicating supply chain attack campaign. The incident impacted 73 Microsoft repositories across four of its GitHub organizations, including Azure, Azure-Samples, Microsoft, and MicrosoftDocs, per...

CVE-2026-48567

Authentication bypass by spoofing in Azure HorizonDB allows an unauthorized attacker to elevate privileges over a network...

Linux Distros Unpatched Vulnerability : CVE-2026-10725

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Protocol::HTTP2 versions before 1.13 for Perl is vulnerable to a HTTP/2 Bomb. Protocol::HTTP2's inbound HPACK path has no header-list size limit, so a small...

EulerOS Virtualization 2.12.0 : python-virtualenv (EulerOS-SA-2026-2113)

According to the versions of the python-virtualenv package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : virtualenv is a tool for creating isolated virtual python environments. Prior to version 20.36.1, TOCTOU...

Hiding in Plain Floats: Steganographic Carriers for Indirect Prompt and Content Injection

Text-centered prompt-injection defenses assume that the malicious signal is visible in one of the inspected text views. We study a reproducible LLM01-style indirect prompt/content-injection failure mode where that assumption breaks: a payload caught in plain English slips past the same detector...

EulerOS Virtualization 2.12.1 : python-virtualenv (EulerOS-SA-2026-2088)

According to the versions of the python-virtualenv package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : virtualenv is a tool for creating isolated virtual python environments. Prior to version 20.36.1, TOCTOU...

PT-2026-47164

Name of the Vulnerable Software and Affected Versions onedev versions prior to 15.0.6 Description Improper authorization exists in the REST API component. A remote attacker can manipulate the project.defaultBranch argument within the '/repositories/projectId/default-branch' endpoint to bypass...

EulerOS Virtualization 2.10.1 : util-linux (EulerOS-SA-2026-2038)

According to the versions of the util-linux packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in util-linux. Improper hostname canonicalization in the login1 utility, when invoked with the -h option, can...

PT-2026-47152

Name of the Vulnerable Software and Affected Versions Jinher OA C6 affected versions not specified Description A SQL injection flaw exists in the file '/C6/JHSoft.Web.ModuleCount/GetFormSn.aspx'. A remote attacker can exploit this by manipulating the queryID argument. SQL injection is a technique...

RHEL 9 : fence-agents (RHSA-2026:22330)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:22330 advisory. The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or...

EulerOS Virtualization 2.13.0 : binutils (EulerOS-SA-2026-2160)

According to the versions of the binutils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw has been found in GNU Binutils 2.45. Impacted is the function bfdelfparseehframe of the file bfd/elf-eh-frame.c of the...

CVE-2026-6240 Authenticated Stack-based Buffer Overflow in ONVIF DeleteUsers Service on TP-Link Tapo C520WS

A stack-based buffer overflow vulnerability exists in Tapo C520WS v2 in the ONVIF DeleteUsers service, due to insufficient boundary checks when handling multiple user deletion parameters. An authenticated attacker can send a crafted malicious request containing an excessive number of identifiers ...

CVE-2026-9719 LatePoint <= 5.6.0 - Cross-Site Request Forgery via invoices__change_status Action

The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.6.0. This is due to missing or incorrect nonce validation on the changestatus function. This makes it possible for...

CVE-2026-9719

CVE-2026-9719 concerns the LatePoint WordPress plugin (versions up to 5.6.0). The issue is a Cross‑Site Request Forgery caused by missing/incorrect nonce validation in the change_status function, enabling unauthenticated actors to alter invoice statuses (e.g., mark unpaid as paid) via forged requ...

CVE-2026-46357

HAX CMS helps manage microsite universe with PHP or NodeJs backends. Prior to version 26.0.0, the HAX CMS NodeJS application crashes when an authenticated attacker sends a specially crafted site creation request to the createSite endpoint. A single request is sufficient to take the entire...

CVE-2026-5589

An integer underflow in btmeshsolrecv in the Bluetooth Mesh solicitation handling subsys/bluetooth/mesh/solicitation.c leads to an out-of-bounds write. When CONFIGBTMESHODPRIVPROXYSRV is enabled, the function parses solicitation PDUs from raw BLE advertising payloads. The AD parsing loop reads an...

CVE-2025-27850

The locally served web site on the Garmin WDU v1 1.4.6 and v2 5.0 allows a symlink attack. If a malicious graphics package containing symlinks is uploaded, the web server follows the supplied links when serving content. No mechanisms to restrict those link targets to a specific area of the...