CVE-2026-3109

Mattermost Plugins versions =11.4 10.11.11.0 fail to validate webhook request timestamps which allows an attacker to corrupt Zoom meeting state in Mattermost via replayed webhook requests. Mattermost Advisory ID: MMSA-2026-00584...

EUVD-2025-209067

HCL Aftermarket DPC is affected by Banner Disclosure vulnerability where attackers gain insights into the system’s software and version details which would allow them to craft software specific attacks...

CVE-2025-52642

HCL AION is affected by a vulnerability where internal filesystem paths may be exposed through application responses or system behaviour. Exposure of internal paths may reveal environment structure details which could potentially aid in further targeted attacks or information disclosure...

CVE-2026-4210

A security flaw has been discovered in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected by this vulnerability i...

CVE-2025-55269

HCL Aftermarket DPC is affected by Weak Password Policy vulnerability, which makes it easier for attackers to guess weak passwords or use brute-force techniques to gain unauthorized access to user accounts...

CVE-2025-55265

HCL Aftermarket DPC is affected by File Discovery which allows attacker could exploit this issue to read sensitive files present in the system and may use it to craft further attacks...

CVE-2025-55265

CVE-2025-55265 concerns HCL Aftermarket DPC. Connected documents describe a File Discovery issue that could allow reading sensitive files and enable further attacks. No concrete vendor/version details, root cause, exploit steps, or a published fix are provided in the available sources; monitor fo...

CVE-2025-55265 HCL Aftermarket DPC is affected by File Discovery

HCL Aftermarket DPC is affected by File Discovery which allows attacker could exploit this issue to read sensitive files present in the system and may use it to craft further attacks...

CVE-2025-55269 HCL Aftermarket DPC is affected by Weak Password Policy vulnerability

HCL Aftermarket DPC is affected by Weak Password Policy vulnerability, which makes it easier for attackers to guess weak passwords or use brute-force techniques to gain unauthorized access to user accounts...

CVE-2025-55269 HCL Aftermarket DPC is affected by Weak Password Policy vulnerability

HCL Aftermarket DPC is affected by Weak Password Policy vulnerability, which makes it easier for attackers to guess weak passwords or use brute-force techniques to gain unauthorized access to user accounts...

CVE-2025-55270

CVE-2025-55270 affects HCL Aftermarket DPC. Connected sources confirm an input validation error that can be exploited to inject executable code, enabling XSS, SQL injection, and command injection, among other attacks. Root cause: improper input validation in the affected component/file. Documente...

CVE-2025-55272 HCL Aftermarket DPC is affected by Banner Disclosure vulnerability

HCL Aftermarket DPC is affected by Banner Disclosure vulnerability where attackers gain insights into the system’s software and version details which would allow them to craft software specific attacks...

ksmbd: Compare MACs in constant time

...

wvp-GB28181-pro 代码问题漏洞

WVP-GB28181-Pro is a video monitoring platform developed by individual developer 648540858. Versions of WVP-GB28181-Pro 2.7.4 and earlier have code vulnerabilities. These vulnerabilities stem from a deserialization issue in the function GenericFastJsonRedisSerializer within the component API...

PT-2026-28471

Name of the Vulnerable Software and Affected Versions Tandoor Recipes versions prior to 2.6.0 Description Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Versions prior to 2.6.0 configure Django REST Framework with BasicAuthentication as a...

PT-2026-28651

Name of the Vulnerable Software and Affected Versions code-projects Simple Laundry System version 1.0 Description A security flaw exists in code-projects Simple Laundry System. The issue involves a SQL injection affecting the file /checkregisitem.php within the Parameter Handler component. The...

Timo 安全漏洞

Timo is a backend management system developed by auntvt. Version Timo 2.0.3 has a security vulnerability, which stems from a cross-site scripting vulnerability in the title field. Attackers can execute attacks through specially crafted links...

Beyond Content Safety: Real-Time Monitoring for Reasoning Vulnerabilities in Large Language Models

Large language models LLMs increasingly rely on explicit chain-of-thought CoT reasoning to solve complex tasks, yet the safety of the reasoning process itself remains largely unaddressed. Existing work on LLM safety focuses on content safety--detecting harmful, biased, or factually incorrect...

Unveiling the Resilience of LLM-Enhanced Search Engines against Black-Hat SEO Manipulation

The emergence of Large Language Model-enhanced Search Engines LLMSEs has revolutionized information retrieval by integrating web-scale search capabilities with AI-powered summarization. While these systems demonstrate improved efficiency over traditional search engines, their security implication...

HCL Aftermarket DPC 安全漏洞

HCL Aftermarket DPC is a digital spare parts and aftermarket management platform for HCL India. HCL Aftermarket DPC suffers from a security vulnerability that can be exploited by an attacker to obtain system software and version details to carry out software-specific attacks...