CVE-2026-3379 Tenda F453 SetIpBind fromSetIpBind buffer overflow

A vulnerability has been found in Tenda F453 1.0.0.3. This vulnerability affects the function fromSetIpBind of the file /goform/SetIpBind. The manipulation of the argument page leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be...

CVE-2026-3379

A vulnerability has been found in Tenda F453 1.0.0.3. This vulnerability affects the function fromSetIpBind of the file /goform/SetIpBind. The manipulation of the argument page leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be...

EUVD-2026-9115

A vulnerability has been found in Tenda F453 1.0.0.3. This vulnerability affects the function fromSetIpBind of the file /goform/SetIpBind. The manipulation of the argument page leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be...

ASB-A-439253642

In vsockbindconnectible of afvsock.c, there is a possible way to achieve code execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

OESA-2026-1436 kata-containers security update

This is core component of Kata Container, to make it work, you need a isulad/docker engine. Security Fixes: Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In versions prior to 3.26.0, when a contain...

OESA-2026-1437 kata-containers security update

This is core component of Kata Container, to make it work, you need a isulad/docker engine. Security Fixes: Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In versions prior to 3.26.0, when a contain...

OESA-2026-1435 kata-containers security update

This is core component of Kata Container, to make it work, you need a isulad/docker engine. Security Fixes: Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In versions prior to 3.26.0, when a contain...

dmaengine: idxd: fix device leaks on compat bind and unbind

...

CVE-2026-27901

CVE-2026-27901 affects Svelte (SSR) via contenteditable bindings: in versions prior to 5.53.5, bind:innerText and bind:textContent on contenteditable elements were not properly escaped, allowing HTML injection and XSS when untrusted data is rendered as the binding’s initial server-side value. The...

Svelte 跨站脚本漏洞

Svelte is an open-source approach to building web applications. Versions of Svelte prior to 5.53.5 contained a cross-site scripting vulnerability. This vulnerability stemmed from incorrect escaping of content within bind:innerText and bind:textContent, which could lead to HTML injection and...

PT-2026-22076

Name of the Vulnerable Software and Affected Versions Svelte versions prior to 5.53.5 Description Svelte, a performance-oriented web framework, had an issue where the contents of bind:innerText and bind:textContent on contenteditable elements were not properly escaped in versions prior to 5.53.5...

CVE-2026-27624

Coturn is a free open source implementation of TURN and STUN Server. Coturn is commonly configured to block loopback and internal ranges using "denied-peer-ip" and/or default loopback restrictions. CVE-2020-26262 addressed bypasses involving "0.0.0.0", "::1" and "::", but IPv4-mapped IPv6 is not...

CVE-2026-27624

Coturn is a free open source implementation of TURN and STUN Server. Coturn is commonly configured to block loopback and internal ranges using "denied-peer-ip" and/or default loopback restrictions. CVE-2020-26262 addressed bypasses involving "0.0.0.0", "::1" and "::", but IPv4-mapped IPv6 is not...

CVE-2026-2871

A weakness has been identified in Tenda A21 1.0.0.0. This affects the function fromSetIpMacBind of the file /goform/SetIpMacBind. This manipulation of the argument list causes stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been made available to th...

CVE-2026-2871

A weakness has been identified in Tenda A21 1.0.0.0. This affects the function fromSetIpMacBind of the file /goform/SetIpMacBind. This manipulation of the argument list causes stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been made available to th...

CVE-2026-2871

A weakness has been identified in Tenda A21 1.0.0.0. This affects the function fromSetIpMacBind of the file /goform/SetIpMacBind. This manipulation of the argument list causes stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been made available to th...

Tenda A21 安全漏洞

The Tenda A21 is a wireless signal extender produced by the Chinese company Tenda. Version 1.0.0.0 of the Tenda A21 contains a security vulnerability. This vulnerability stems from the fromSetIpMacBind function in the/goform/SetIpMacBind file, where an stack buffer overflow occurs due to improper...

CVE-2026-27002 OpenClaw: Docker container escape via unvalidated bind mount config injection

OpenClaw is a personal AI assistant. Prior to version 2026.2.15, a configuration injection issue in the Docker tool sandbox could allow dangerous Docker options bind mounts, host networking, unconfined profiles to be applied, enabling container escape or host data access. OpenClaw 2026.2.15 block...

CVE-2026-27002 OpenClaw: Docker container escape via unvalidated bind mount config injection

OpenClaw is a personal AI assistant. Prior to version 2026.2.15, a configuration injection issue in the Docker tool sandbox could allow dangerous Docker options bind mounts, host networking, unconfined profiles to be applied, enabling container escape or host data access. OpenClaw 2026.2.15 block...

CVE-2026-27002 OpenClaw: Docker container escape via unvalidated bind mount config injection

OpenClaw is a personal AI assistant. Prior to version 2026.2.15, a configuration injection issue in the Docker tool sandbox could allow dangerous Docker options bind mounts, host networking, unconfined profiles to be applied, enabling container escape or host data access. OpenClaw 2026.2.15 block...