10325 matches found
EUVD-2026-34172
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP Windows before build 9.0.15051.93227...
CVE-2026-44682
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP Windows before build 9.0.15051.93227...
CVE-2026-44682
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP Windows before build 9.0.15051.93227...
CVE-2026-42061
CVE-2026-42061 describes a local privilege escalation caused by excessive permissions granted to child processes in Acronis DeviceLock DLP (Windows) prior to build 9.0.15051.93227 . Affected component and root cause are stated, with the CVSSv3 score reported as 7.3 (High) and attack vector LOCAL,...
CVE-2026-44609
Local privilege escalation due to EXE hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP Windows before build 9.0.15051.93227...
CVE-2026-44609
CVE-2026-44609 affects Acronis DeviceLock DLP for Windows prior to build 9.0.15051.93227. The vulnerability is an EXE hijacking issue that enables local privilege escalation. Exploitation details are not provided in the supplied documents beyond the affected product and build, and there is no inf...
CVE-2026-10273
A vulnerability was found in php-censor up to 2.1.6. This affects an unknown function of the file src/Model/Build/GitBuild.php of the component Webhook Endpoint. Performing a manipulation of the argument commitId results in os command injection. The attack can be initiated remotely. The exploit h...
Pre-Auth Takeover of Build Pipelines in GoCD
GoCD contains a critical information disclosure vulnerability whose exploitation allows unauthenticated attackers to leak configuration information including build secrets and encryption keys. id: CVE-2021-43287 info: name: Pre-Auth Takeover of Build Pipelines in GoCD author: dhiyaneshDk severity...
Langflow < 1.9.0 - Remote Code Execution
Langflow versions prior to 1.9.0 are vulnerable to unauthenticated remote code execution RCE via the buildpublictmp endpoint. Attackers can submit a manipulated flow JSON containing Python code that is executed during the build process without proper sandboxing. id: CVE-2026-33017 info: name:...
Fortra FileCatalyst Workflow <= v5.1.6 - SQL Injection
A SQL Injection vulnerability in Fortra FileCatalyst Workflow allows an attacker to modify application data. Likely impacts include creation of administrative users and deletion or modification of data in the application database. Data exfiltration via SQL injection is not possible using this...
SUSE CVE-2026-32685
Path traversal vulnerability in Gleam's handling of custom documentation pages allows arbitrary file read and file write outside the intended documentation output directory. The documentation.pages entries from gleam.toml are incorporated into filesystem paths without sufficient validation or...
SUSE CVE-2026-43965
Path traversal vulnerability in Gleam's dependency management allows arbitrary directory deletion via malicious build/packages/packages.toml content. Package keys read from build/packages/packages.toml by LocalPackages::readfromdisc are passed without validation to paths.buildpackagespackage, whi...
Exploit for Stack-based Buffer Overflow in Microsoft
CVE-2026-41089 Detector Safe detection script for CVE-2026-...
PT-2026-46063
Local privilege escalation due to EXE hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP Windows before build 9.0.15051.93227...
PT-2026-46061
Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis DeviceLock DLP Windows before build 9.0.15051.93227...
PT-2026-46065
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP Windows before build 9.0.15051.93227...
Microsoft Build 2026: Securing code, agents, and models across the development lifecycle
In this article 1. Secure your code 2. Secure your agents 3. Trust agents with your data 4. Secure your models 5. Trust starts with security Today, developers and security teams are caught in growing tension. AI is accelerating development and introducing new issues around insecure code, opaque...
CVE-2026-40619
A high security vulnerability affecting Security Center main server installations has been identified. It could allow an attacker with local OS privileges to the main server to access the Server Admin credentials. A third party hired by Genetec found the issue. There is currently no evidence of...
CVE-2026-43965
Path traversal vulnerability in Gleam's dependency management allows arbitrary directory deletion via malicious build/packages/packages.toml content. Package keys read from build/packages/packages.toml by LocalPackages::readfromdisc are passed without validation to paths.buildpackagespackage, whi...
EEF-CVE-2026-32685 Path Traversal in gleam docs build via documentation.pages Allows Arbitrary File Read and Write
Summary Path traversal vulnerability in Gleam's handling of custom documentation pages allows arbitrary file read and file write outside the intended documentation output directory. The documentation.pages entries from gleam.toml are incorporated into filesystem paths without sufficient validatio...