CVE-2026-10015

An integer overflow flaw was found in the WTF component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=514746176...

CVE-2026-10012

An use after free flaw was found in the Skia component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=514063977...

CVE-2026-10003

An use after free flaw was found in the Views component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513609324...

CVE-2026-9872

An out of bounds write flaw was found in the GPU component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=505077859...

CVE-2026-9874

An use after free flaw was found in the Dawn component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=500609038...

Joern 4.0.551

Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...

Linux Distros Unpatched Vulnerability : CVE-2026-46170

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mptcp: pm: ADDADDR rtx: free sk if last When an ADDADDR is retransmitted, the sk is held in skresettimer, and released at the end. If at that moment, it was the...

Linux Distros Unpatched Vulnerability : CVE-2026-10011

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to leak...

Linux Distros Unpatched Vulnerability : CVE-2026-46130

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dm-verity-fec: fix reading parity bytes split across blocks take 3 fecdecodebufs assumes that the parity bytes of the first RS codeword it decodes are never spl...

Linux Distros Unpatched Vulnerability : CVE-2026-10016

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in DOM in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

📄 strongSwan 5.9.13 Denial of Service

strongSwan version 5.9.13 suffers from a denial of service vulnerability. Exploit Title: strongSwan 5.9.13 - DoS Date: 2026-05-13 Exploit Author: Lukas Johannes Moeller Vendor Homepage: https://www.strongswan.org/ Software Link: https://download.strongswan.org/strongswan-5.9.13.tar.bz2 Version:...

PT-2026-44989

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.26.0 Description The planar bitmap decoder contains an out-of-bounds heap write when decoding RLE planar data. In the libfreerdp/codec/planar.c file, the freerdp bitmap decompress planar function validates the X...

Linux Distros Unpatched Vulnerability : CVE-2026-46209

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/gem: Fix inconsistent plane dimension calculation in drmgemfbinitwithfuncs drmgemfbinitwithfuncs computes sub-sampled plane dimensions using plain integer...

CVE-2026-42789

Improper Following of a Certificate's Chain of Trust vulnerability in Erlang OTP publickey pubkeycert module allows a non-CA certificate to be accepted as an intermediate issuer, enabling certificate chain forgery. In lib/publickey/src/pubkeycert.erl, pubkeycert:validateextensions/7 contains two...

Linux Distros Unpatched Vulnerability : CVE-2026-46173

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - exit: prevent preemption of oopsing TASKDEAD task When an already-exiting task oopses, maketaskdead currently calls dotaskdead with preemption enabled. That is...

Linux Distros Unpatched Vulnerability : CVE-2026-46180

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: brcmfmac: Fix potential use-after-free issue when stopping watchdog task Watchdog task might end between sendsig and kthreadstop calls, what results in th...

Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-46597)

The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-46597 advisory. - An incorrectly placed cast from bytes to int allowed for server-side panic in the AES-GCM pack...

PT-2026-44951

Name of the Vulnerable Software and Affected Versions JetBrains TeamCity versions prior to 2026.1.1 Description A reflected Cross-Site Scripting XSS issue exists in the keyword filter. Reflected XSS occurs when an application receives data in an HTTP request and includes that data within the...

shopper 安全漏洞

Shopper is an open-source e-commerce management backend developed by Shopper Labs. Versions of Shopper prior to 2.8.0 contained a security vulnerability. This vulnerability stemmed from the CreateOrderFromCartAction::execute function, which created order lines before checking and increasing the...

Linux Distros Unpatched Vulnerability : CVE-2026-46107

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dm-thin: fix metadata refcount underflow There's a bug in dm-thin in the function rebalancechildren. If the internal btree node has one entry, the code tries to...