CVE-2026-40061

When BIG-IP DNS is provisioned, a vulnerability exists in an undisclosed iControl REST and BIG-IP TMOS Shell tmsh command that may allow an authenticated attacker with the Resource Administrator or Administrator role to execute arbitrary system commands with higher privileges. In Appliance mode...

OpenTelemetry eBPF Instrumentation: Privileged Java agent injection allows arbitrary host file overwrite via untrusted TMPDIR

Summary A flaw in the Java agent injection path allows a local attacker controlling a Java workload to overwrite arbitrary host files when Java injection is enabled and OBI is running with elevated privileges. The injector trusted TMPDIR from the target process and used unsafe file creation...

The vulnerability of the enable function in Mullvad’s VPN client allows a hacker to trigger a service failure.

The vulnerability of the enable function in Mullvad’s VPN client involves an escape from the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

The vulnerability of the HNAP1 protocol implementation in the microprogramming-based router software of D–Link DIR-823G allows a attacker to cause a service failure.

The vulnerability of the HNAP1 protocol implementation in the microprogrammed software for D–Link DIR-823G routers is related to the escape operation from the buffer boundaries in memory when processing the SetParentsControlInfo parameter. Exploiting this vulnerability allows a remote attacker to...

IBM Spectrum Scale 路径遍历漏洞

IBM Spectrum Scale is a suite of scalable data and file management solutions from International Business Machines IBM based on IBM GPFS, an enterprise file management system optimized for petabyte-scale storage management. The product supports helping customers reduce storage costs while improvin...