CVE-2026-41683

i18next-http-middleware is a middleware to be used with Node.js web frameworks like express or Fastify and also for Deno. Prior to version 3.9.3, i18next-http-middleware wrote user-controlled language values into the Content-Language response header after passing them through utils.escape, which ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mm/damon: fixed the issue of dividing by zero in damongetintervalsscore. The current implementation allows regions with zero size without any special reasons. However, damongetintervalsscore crashes when the region size is zero d...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: regmap-irq: Use the new numconfigregs property in regmapaddirqchipfwnode Commit faa87ce9196d "regmap-irq: Introduce config registers for irq types" added the numconfigregs, then commit 9edd4f5aee84 "regmap-irq: Deprecate type...

Fedora 42 : coturn (2026-e673311164)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-e673311164 advisory. Coturn 4.10.0 Performance Add Linux-only recvmmsg client receive path for DTLS/UDP listener Skip response buffer allocation for STUN indications...

CVE-2026-21727 Grafana Correlations: Cross-Tenant Data Disclosure and Permanent Deletion via Legacy org_id=0 Record

--- title: Cross-Tenant Legacy Correlation Disclosure and Deletion draft: false hero: image: /static/img/heros/hero-legal2.svg content: " Cross-Tenant Legacy Correlation Disclosure and Deletion" date: 2026-01-29 product: Grafana severity: Low cve: CVE-2026-21727 cvssscore: "3.3" cvssvector:...

GHSA-R33W-FG8J-9C94 MagicLink: Insecure Deserialization of MagicLink Actions Leads to Remote Code Execution

Description MagicLink stores serialized action objects in the magiclinks.action database column and deserializes them without integrity validation or class allowlisting in src/MagicLink.php and src/Actions/ResponseAction.php. An attacker with the ability to manipulate database records e.g., via S...

GHSA-H3Q6-JFRG-3X6Q survey-pdf Upgraded jsPDF Version Due to Security Vulnerability

The following security vulnerability was identified in jsPDF versions = 4.0.0 and included the fix in the following survey-pdf releases: v1.12.59 v2.5.5 Action Users should upgrade survey-pdf in their projects to v1.12.59+ or v2.5.5+ immediately. Notes No other survey-pdf dependencies are affecte...

CVE-2022-23542

OpenFGA is an authorization/permission engine built for developers and inspired by Google Zanzibar. During an internal security assessment, it was discovered that OpenFGA version 0.3.0 is vulnerable to authorization bypass under certain conditions. This issue has been patched in version 0.3.1 and...

EUVD-2025-205605

Meshtastic is an open source mesh networking solution. The Meshtastic firmware starting from version 2.5 introduces asymmetric encryption PKI for direct messages, but when the pkiencrypted flag is missing, the firmware silently falls back to legacy AES-256-CTR channel encryption. This was an...

SUSE CVE-2022-50558

In the Linux kernel, the following vulnerability has been resolved: regmap-irq: Use the new numconfigregs property in regmapaddirqchipfwnode Commit faa87ce9196d "regmap-irq: Introduce config registers for irq types" added the numconfigregs, then commit 9edd4f5aee84 "regmap-irq: Deprecate type...

CVE-2022-50558

In the Linux kernel, the following vulnerability has been resolved: regmap-irq: Use the new numconfigregs property in regmapaddirqchipfwnode Commit faa87ce9196d "regmap-irq: Introduce config registers for irq types" added the numconfigregs, then commit 9edd4f5aee84 "regmap-irq: Deprecate type...

DEBIAN-CVE-2022-50558

In the Linux kernel, the following vulnerability has been resolved: regmap-irq: Use the new numconfigregs property in regmapaddirqchipfwnode Commit faa87ce9196d "regmap-irq: Introduce config registers for irq types" added the numconfigregs, then commit 9edd4f5aee84 "regmap-irq: Deprecate type...

UBUNTU-CVE-2022-50558

In the Linux kernel, the following vulnerability has been resolved: regmap-irq: Use the new numconfigregs property in regmapaddirqchipfwnode Commit faa87ce9196d "regmap-irq: Introduce config registers for irq types" added the numconfigregs, then commit 9edd4f5aee84 "regmap-irq: Deprecate type...

EUVD-2022-7210

Malicious code in bioql PyPI...

EUVD-2022-7675

Malicious code in bioql PyPI...

EUVD-2025-25079

Malicious code in bioql PyPI...

CVE-2025-38519 mm/damon: fix divide by zero in damon_get_intervals_score()

In the Linux kernel, the following vulnerability has been resolved: mm/damon: fix divide by zero in damongetintervalsscore The current implementation allows having zero size regions with no special reasons, but damongetintervalsscore gets crashed by divide by zero when the region size is zero...

Intel 800 Series Ethernet 安全漏洞

Intel 800 Series Ethernet is a new generation of high-speed Ethernet technology from Intel that supports 25GbE and 100GbE speeds and is backward compatible with 10GbE. An elevation of privilege vulnerability exists in Intel 800 Series Ethernet, which stems from insufficient control flow managemen...

SSH-Passkeys: Leveraging Web Authentication for Passwordless SSH

We propose a method for using Web Authentication APIs for SSH authentication, enabling passwordless remote server login with passkeys. These are credentials that are managed throughout the key lifecycle by an authenticator on behalf of the user and offer strong security guarantees. Passwords rema...

RHEL 8 : python3 (RHSA-2025:10602)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:10602 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...