PT-2026-23026

Multiple Cisco products are affected by a vulnerability in the Snort 3 detection engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting in an interruption of packet inspection. This vulnerability is due to incomplete error checking...

CAM-LDS: Cyber Attack Manifestations for Automatic Interpretation of System Logs and Security Alerts

Log data are essential for intrusion detection and forensic investigations. However, manual log analysis is tedious due to high data volumes, heterogeneous event formats, and unstructured messages. Even though many automated methods for log analysis exist, they usually still rely on domain-specif...

HPE Aruba Networking Wireless Operating System 安全漏洞

HPE Aruba Networking Wireless Operating System is a wireless network operating system developed by the American company HPE. There are security vulnerabilities in the HPE Aruba Networking Wireless Operating System. These vulnerabilities stem from defects in the data packet processing logic, which...

Cisco Secure Firewall Threat Defense 安全漏洞

Cisco Secure Firewall Threat Defense is an integrated firewall platform developed by the American company Cisco. There is a security vulnerability present in Cisco Secure Firewall Threat Defense. This vulnerability stems from a memory management logic error during the execution of Snort 3 SSL...

PT-2026-22945

Name of the Vulnerable Software and Affected Versions affected versions not specified Description A flaw exists in the client isolation mechanism that could allow an attacker to circumvent Layer 2 L2 communication limitations between clients, potentially redirecting traffic at Layer 3 L3...

PT-2026-22941

Name of the Vulnerable Software and Affected Versions Wi-Fi affected versions not specified Description A security issue exists in how Wi-Fi handles wireless encryption during transmissions. An attacker can create specially crafted, authenticated transmissions that appear to come from a trusted...

Bdtask Tradebox SQL注入漏洞

Bdtask Tradebox is an inventory management system developed by the Bangladeshi company Bdtask. Version 5.4 of Bdtask Tradebox contains a SQL injection vulnerability. This vulnerability stems from the symbol parameter, which allows for SQL injections. It is possible for authenticated attackers to...

PT-2026-22883

Name of the Vulnerable Software and Affected Versions IDC SFX SeriesSFX2100 SuperFlex Satellite Receiver affected versions not specified Description The /root/anaconda-ks.cfg installation configuration file insecurely stores a hardcoded root password hash. This password is highly susceptible to...

ROS-20260304-73-0035

A vulnerability in the memdupuser function of the Linux kernel is related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20260304-73-0030

A vulnerability in the nfs4statestartnet function of the Linux kernel is related to a pointer dereferencing error. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: brotli (UTSA-2026-005387)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005387 advisory. Scrapy versions up to 2.13.2 are vulnerable to a denial of service DoS attack due to a flaw in its brotli decompression implementation. The protection mechanism...

Symlink Attack

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Symlink Attack via the validateBindMounts process. An attacker can access files or directories outside of intended boundaries by exploiting symlinked parent directories combined with...

Symlink Attack

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Symlink Attack via the ZIP extraction process when a pre-existing symlink exists in the destination path. An attacker can write files outside the intended extraction directory by crafting...

Replay Attack

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Replay Attack via the webhook replay handling. An attacker can cause duplicate inbound actions to be processed by replaying previously valid signed webhook requests after the replay windo...

Replay Attack

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Replay Attack via the voice-call webhook process. An attacker can cause replayed webhook events to be accepted as new by modifying the i-twilio-idempotency-token header in a signed reques...

Symlink Attack

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Symlink Attack via the resolveSandboxedMediaSource process. An attacker can access files outside the intended sandbox confinement by submitting crafted media paths that exploit a symlink...

Symlink Attack

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Symlink Attack via the stageSandboxMedia process. An attacker can overwrite arbitrary files outside the intended workspace by staging media files to a destination path containing a symlin...

CVE-2026-3486 itsourcecode College Management System student-fee.php sql injection

A vulnerability has been found in itsourcecode College Management System 1.0. This vulnerability affects unknown code of the file /admin/student-fee.php. Such manipulation of the argument rollno leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed t...

EUVD-2026-9323

A vulnerability has been found in itsourcecode College Management System 1.0. This vulnerability affects unknown code of the file /admin/student-fee.php. Such manipulation of the argument rollno leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed t...

CVE-2026-3485

CVE-2026-3485 affects the D-Link DIR-868L, specifically the SSDP Service’s function sub_1BF84. Manipulation of the ST argument causes an OS command injection. The vulnerability is remotely exploitable and, per the provided PT-2026-22824 entry, the exploit has been published. The affected devices ...