1339 matches found
CVE-2026-0160
In TextRtpPayloadDecoderNode::DecodeT140 of TextRtpPayloadDecoderNode.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0160
The vulnerability CVE-2026-0160 affects the TextRtpPayloadDecoderNode, specifically in DecodeT140 of TextRtpPayloadDecoderNode.cpp. It is caused by a missing bounds check that can result in an out-of-bounds write. The documented impact is remote code execution with no additional privileges requir...
CVE-2026-0157
Summary of findings (CVE-2026-0157): The available documents consistently describe an out-of-bounds read in RtcpHeader::decodeRtcpHeader, caused by a missing bounds check. This leads to remote information disclosure without requiring user interaction; exploitation can occur over the network. The ...
CVE-2026-0141
CVE-2026-0141 describes a likely out-of-bounds read in decodeAppPacket of RtcpAppPacket.cpp caused by a missing bounds check. The vulnerability enables a remote information disclosure without requiring additional execution privileges and without user interaction. Public references in the provided...
GHSA-9C59-2MVC-VFR8 Langflow: IDOR/BOLA in Monitor API — Missing Ownership Enforcement on 7 Endpoints
Summary Langflow's /api/v1/monitor router exposes 7 endpoints that perform read, write, and delete operations on user-owned resources — messages, sessions, build artifacts, and LLM transaction logs — without verifying that the authenticated requester owns the targeted resource. Any authenticated...
Linux Distros Unpatched Vulnerability : CVE-2026-6040
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap use-after-free existed when importing the blank-width characters of an ODF number format. A position value read from the document was not checked against...
CVE-2026-54413
driftregion iso14229 up to 0.9.0 has an integer underflow in Handle_0x27_SecurityAccess() that enables a remote unauthenticated attacker to crash a UDS server and possibly read memory beyond the receive buffer by sending a 0x27 SecurityAccess request after a prior well-formed 0x27 message. The co...
File Browser: Improper Access Control Occurs via Pre-Created Public Share for a Non-existent Path
Summary This is similar vulnrability of CVE-2026-0035, which was fixed in Android MediaProvider with high severity. In the original Java issue, MediaStore.createWriteRequest accepted attacker-controlled URIs and created a future grant even when the referenced media item did not exist yet. The...
PT-2026-49065
Name of the Vulnerable Software and Affected Versions File Browser versions prior to 2.63.6 Description Lack of maximum length validation for passwords allows an arbitrarily large string to be passed into the login API. When a large password is submitted, the CheckPwd function in users/password.g...
CVE-2026-53675
BuddyPress 14.4.0 contains an insecure direct object reference vulnerability in the friends REST API that allows any authenticated attacker to enumerate another user's complete friend list. Attackers can query the friends endpoint with an arbitrary userid because the getitemspermissionscheck meth...
Uncontrolled Recursion
Overview Affected versions of this package are vulnerable to Uncontrolled Recursion in the MVG decoder when processing a crafted file due to a missing depth or visited-set check. An attacker can cause a denial of service by supplying a specially crafted MVG file that triggers a stack overflow...
CVE-2026-53460 ImageMagick: Policy Bypass can trigger out-of-Memory condition
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, a missing check for maximum memory request in AcquireAlignedMemory could trigger an out-of-Memory condition. This issue has been patched in versions 6.9.13-50 a...
PT-2026-48423
Name of the Vulnerable Software and Affected Versions Jenkins versions prior to 2.568 Jenkins LTS versions prior to 2.555.3 Description A missing permission check allows attackers who possess the Item/Cancel permission, but lack the Item/Read permission, to cancel queue items that they are not...
CVE-2026-53675 BuddyPress 14.4.0 Friends List IDOR via REST API
BuddyPress 14.4.0 contains an insecure direct object reference vulnerability in the friends REST API that allows any authenticated attacker to enumerate another user's complete friend list. Attackers can query the friends endpoint with an arbitrary userid because the getitemspermissionscheck meth...
nebula-mesh: GET /api/v1/audit-log discloses all entries to any operator
internal/api/audit.go:12 — handleGetAuditLog does no admin check. The route is bearer-auth gated only; any operator API key returns the full audit log via store.ListAuditEntries up to limit=1000. This includes cross-tenant actor names, host/CA/operator IDs, action timestamps, and masked-IP entrie...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the iowqremovepending function in iowq. This function does not check whether the predecessor has...
CVE-2026-8839
The MapPress Maps for WordPress plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in all versions up to, and including, 2.96.6. This is due to missing ownership verification in the REST API routes registered via MappressApi::restapiinit, where the GET...
CVE-2026-8839 MapPress Maps for WordPress <= 2.96.6 - Unauthenticated Insecure Direct Object Reference via REST API Endpoints
The MapPress Maps for WordPress plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in all versions up to, and including, 2.96.6. This is due to missing ownership verification in the REST API routes registered via MappressApi::restapiinit, where the GET...
PT-2026-47142
Name of the Vulnerable Software and Affected Versions MapPress Maps for WordPress versions prior to 2.96.7 Description An authorization bypass exists due to missing ownership verification in REST API routes registered via the Mappress Api::rest api init function. The GET...
CVE-2026-8454
Imager::File::GIF versions through 1.002 for Perl allow a heap out of bounds OOB write on crafted multi-frame GIF files. Imager::File::GIF's ireadgifmultilow allocates a single per-row buffer GifRow sized for the GIF's global screen width 'SWidth' and reuses it across every image in the file. The...