ROS-20260310-73-0023

Vulnerability in coredns related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20260310-73-0044

Vulnerability in python-django related to algorithmic complexity. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20260310-73-0046

Vulnerability in python-django related to algorithmic complexity. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

PT-2026-24873

CVE-2026-3925 Incorrect security UI in LookalikeChecks in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to perform UI spoofing via a crafted HTML page. C… https://t.co/XnxsUXtXOT...

PT-2026-24271

Use after free in Broadcast DVR allows an authorized attacker to elevate privileges locally...

PT-2026-24317

Name of the Vulnerable Software and Affected Versions Microsoft Office Excel affected versions not specified Microsoft Office Microsoft 365 Apps for Enterprise Microsoft Office Online Server Description A use-after-free issue exists in Microsoft Office Excel, Microsoft Office, Microsoft 365 Apps...

Microsoft Windows GDI Bitmap Parsing Out-Of-Bound Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Windows. Interaction with the GDI library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...

PT-2026-24282

Interested in USB Airgap? Soon a detail description of CVE-2026-24288. This vulnerability in the Windows Mobile Broadband driver could allow an attacker to execute code. Ability to send unsolicited events from the USB device to the host is the entry point. Stay tuned! 😉...

PT-2026-24325

Name of the Vulnerable Software and Affected Versions SQL Server affected versions not specified Description Improper validation of a specified type of input in SQL Server can allow an authorized attacker to elevate privileges over a network. Recommendations At the moment, there is no information...

PT-2026-24881

🚨 CVE-2026-3934 Insufficient policy enforcement in ChromeDriver in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium 🎖@cveNotify...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 146.0.7680.71 contained a security vulnerability. This vulnerability stemmed from excessive memory access in WebML, which could allow remote attackers to exploit heap corruption through specially crafted HT...

EulerOS 2.0 SP13 : python-virtualenv (EulerOS-SA-2026-1260)

According to the versions of the python-virtualenv package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : virtualenv is a tool for creating isolated virtual python environments. Prior to version 20.36.1, TOCTOU Time-of-Check-Time-of-Use...

SonicWALL SonicOS Out-of-bounds Read(CVE-2026-0402)

A post-authentication Out-of-bounds Read vulnerability in SonicOS allows a remote attacker to crash a firewall. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

PT-2026-24260

Name of the Vulnerable Software and Affected Versions SQL Server versions 2016 SP3 through 2025 Description An improper access control issue in SQL Server allows an authorized attacker to elevate privileges over a network. An attacker can gain sysadmin privileges remotely on affected SQL Server...

PT-2026-24330

Name of the Vulnerable Software and Affected Versions .NET versions 9.0.0 through 9.0.13 .NET versions 10.0.0 through 10.0.3 Microsoft.Bcl.Memory versions 9.0.0 through 9.0.13 Microsoft.Bcl.Memory versions 10.0.0 through 10.0.3 Description An out-of-bounds read issue exists in .NET and...

MCP-In-SoS: Risk Assessment Framework for Open-Source MCP Servers

Model Context Protocol MCP servers have rapidly emerged over the past year as a widely adopted way to enable Large Language Model LLM agents to access dynamic, real-world tools. As MCP servers proliferate and become easy to adopt via open-source releases, understanding their security risks become...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 146.0.7680.71 contained a security vulnerability. This vulnerability stemmed from WebML’s integer overflow issue, which could allow remote attackers to exploit heap corruption through specially crafted HTML...

EulerOS 2.0 SP13 : gdb (EulerOS-SA-2026-1270)

According to the versions of the gdb packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw has been found in GNU Binutils 2.45. Impacted is the function bfdelfparseehframe of the file bfd/elf-eh-frame.c of the component Linker...

SonicWALL SonicOS NULL Pointer Dereference (CVE-2026-0401)

A post-authentication NULL Pointer Dereference vulnerability in SonicOS allows a remote attacker to crash a firewall. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

UBUNTU-CVE-2026-26130

Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network...