CVE-2026-41503

Technical details about CVE-2026-41503 are not publicly available in the provided documents. Monitor for updates from official advisories.

CVE-2026-41475 BACnet Stack: Out-of-Bounds Read in WritePropertyMultiple Decoder via Deprecated Tag Parser

BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, an out-of-bounds read vulnerability in bacnet-stack's WritePropertyMultiple service decoder allows unauthenticated remote attackers to read past allocated buffer boundaries by sending a truncated W...

CVE-2026-41135 free5GC PCF: Memory Leak via CORS Middleware Registration in HTTP Handler Leads to Denial of Service

free5GC UDR is the Policy Control Function PCF for free5GC, an an open-source project for 5th generation 5G mobile core networks. A memory leak vulnerability in versions prior to 1.4.3 allows any unauthenticated attacker with network access to the PCF SBI interface to cause uncontrolled memory...

PT-2026-5199

Name of the Vulnerable Software and Affected Versions Drupal CKEditor 5 Premium Features versions 0.0.0 through 1.2.9 Drupal CKEditor 5 Premium Features versions 1.3.0 through 1.3.5 Drupal CKEditor 5 Premium Features versions 1.4.0 through 1.4.2 Drupal CKEditor 5 Premium Features versions 1.5.0...

CVE-2026-22023

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.3, there is an out-of-bounds heap read...

CVE-2026-22024 CryptoLib Memory Leak in KMC Encrypt Function Leads to Resource Exhaustion

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.3, the cryptographyencrypt function allocates...

CryptoLib 安全漏洞

CryptoLib is a NASA open source application. It is used to provide a software-only solution using the CCSDS space data link security protocol. A security vulnerability exists in CryptoLib versions prior to 1.4.3 that stems from a failure to enforce target size limits during Base64 decoding, which...

CVE-2025-54723

Deserialization of Untrusted Data vulnerability in BoldThemes DentiCare denticare allows Object Injection.This issue affects DentiCare: from n/a through 1.4.3...

CVE-2025-54723

Deserialization of Untrusted Data vulnerability in BoldThemes DentiCare denticare allows Object Injection.This issue affects DentiCare: from n/a through 1.4.3...

CVE-2025-54723

Deserialization of untrusted data in BoldThemes DentiCare (WordPress Theme)

CVE-2025-8074

Origin validation error vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.3-13973 allows local users to write arbitrary files with non-sensitive information via unspecified vectors...

Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks.

...

Handcrafted in the Alps Goodby CSV 安全漏洞

Handcrafted in the Alps Goodby CSV is a Handcrafted in the Alps open source application. A security vulnerability exists in Handcrafted in the Alps Goodby CSV versions prior to 1.4.3, which stems from insecure deserialization and could lead to remote code execution...

CVE-2015-9466

The wti-like-post plugin before 1.4.3 for WordPress has WtiLikePostProcessVote SQL injection via the HTTPCLIENTIP, HTTPXFORWARDEDFOR, HTTPXFORWARDED, HTTPFORWARDEDFOR, or HTTPFORWARDED variable...

CVE-2025-0669 BOINC Server Cross-Site Request Forgery

Cross-Site Request Forgery CSRF vulnerability in BOINC Server allows Cross Site Request Forgery.This issue affects BOINC Server: before 1.4.3...

BOINC Server 安全漏洞

BOINC Server is an open source distributed computing platform server from the US-based BOINC organization for creating and managing volunteer computing projects. A security vulnerability exists in BOINC Server versions prior to 1.4.3 that stems from vulnerability to cross-site request forgery...

Faction 授权问题漏洞

Faction is an open source pen inspection report generation and evaluation collaboration framework from Faction Security. An authorization issue vulnerability exists in versions of Faction prior to 1.4.3, which stems from an attacker being able to register a new user with administrator privileges ...

SUSE CVE-2020-3996

Velero prior to 1.4.3 and 1.5.2 in some instances doesn't properly manage volume identifiers which may result in information leakage to unauthorized users...

OpenFGA Security Vulnerabilities

OpenFGA is OpenFGA's high performance and flexible authorization/licensing engine built for developers and inspired by Google Zanzibar. A security vulnerability exists in OpenFGA versions prior to 1.4.3, which stems from the fact that in certain scenarios that depend on the model and tuple used,...

PT-2023-27907 · Knplabs · Knplabs/Knp-Snappy

Name of the Vulnerable Software and Affected Versions: knplabs/knp-snappy versions prior to 1.4.3 Description: The issue concerns a PHAR deserialization vulnerability in the knplabs/knp-snappy PHP library. This vulnerability allows an attacker to gain remote code execution by exploiting the lack ...