587 matches found
PT-2026-26110
CVE-2026-30704 The WiFi Extender WDR201A HW V2.1, FW LFMZX28040922V1.02 exposes an unprotected UART interface through accessible hardware pads on the PCB https://t.co/S8rCq08owM...
QSpy: A Quantum RAT for Circuit Spying and IP Theft
As quantum computing platforms increasingly adopt cloud-based execution, users submit quantum circuits to remote compilers and backends, trusting that what they submit is exactly what will be run. This shift introduces new trust assumptions in the submission pipeline, which remain largely...
CVE-2026-3206
Improper Resource Shutdown or Release vulnerability in KrakenD, SLU KrakenD-CE CircuitBreaker modules, KrakenD, SLU KrakenD-EE CircuitBreaker modules. This issue affects KrakenD-CE: before 2.13.1; KrakenD-EE: before 2.12.5...
EUVD-2026-8663
Improper Resource Shutdown or Release vulnerability in KrakenD, SLU KrakenD-CE CircuitBreaker modules, KrakenD, SLU KrakenD-EE CircuitBreaker modules. This issue affects KrakenD-CE: before 2.13.1; KrakenD-EE: before 2.13.0...
CVE-2026-3206
Improper Resource Shutdown or Release vulnerability in KrakenD, SLU KrakenD-CE CircuitBreaker modules, KrakenD, SLU KrakenD-EE CircuitBreaker modules. This issue affects KrakenD-CE: before 2.13.1; KrakenD-EE: before 2.12.5...
CVE-2026-3206 Improper management of context cancelations
Improper Resource Shutdown or Release vulnerability in KrakenD, SLU KrakenD-CE CircuitBreaker modules, KrakenD, SLU KrakenD-EE CircuitBreaker modules. This issue affects KrakenD-CE: before 2.13.1; KrakenD-EE: before 2.12.5...
PT-2026-21928
Name of the Vulnerable Software and Affected Versions KrakenD-CE versions prior to 2.13.1 KrakenD-EE versions prior to 2.13.0 Description An improper resource shutdown or release issue exists in KrakenD, specifically within the CircuitBreaker modules of both KrakenD-CE and KrakenD-EE. The issue...
CVE-2026-27470
ZoneMinder is a free, open source closed-circuit television software application. In versions 1.36.37 and below and 1.37.61 through 1.38.0, there is a second-order SQL Injection vulnerability in the web/ajax/status.php file within the getNearEvents function. Event field values specifically Name a...
CVE-2026-23197
In the Linux kernel, the following vulnerability has been resolved: i2c: imx: preserve error state in block data length handler When a block read returns an invalid length, zero or I2CSMBUSBLOCKMAX, the length handler sets the state to IMXI2CSTATEFAILED. However, i2cimxmasterisr unconditionally...
CVE-2026-23197 i2c: imx: preserve error state in block data length handler
In the Linux kernel, the following vulnerability has been resolved: i2c: imx: preserve error state in block data length handler When a block read returns an invalid length, zero or I2CSMBUSBLOCKMAX, the length handler sets the state to IMXI2CSTATEFAILED. However, i2cimxmasterisr unconditionally...
SUSE CVE-2026-23055
In the Linux kernel, the following vulnerability has been resolved: i2c: riic: Move suspend handling to NOIRQ phase Commit 53326135d0e0 "i2c: riic: Add suspend/resume support" added suspend support for the Renesas I2C driver and following this change on RZ/G3E the following WARNING is seen on...
CVE-2026-23055
In the Linux kernel, the following vulnerability has been resolved: i2c: riic: Move suspend handling to NOIRQ phase Commit 53326135d0e0 "i2c: riic: Add suspend/resume support" added suspend support for the Renesas I2C driver and following this change on RZ/G3E the following WARNING is seen on...
Explainability Methods for Hardware Trojan Detection: A Systematic Comparison
Hardware trojan detection requires accurate identification and interpretable explanations for security engineers to validate and act on results. This work compares three explainability categories for gate-level trojan detection on the Trust-Hub benchmark: 1 domain-aware property-based analysis of...
CVE-2026-22043 RustFS has IAM deny_only Short-Circuit that Allows Privilege Escalation via Service Account Minting
RustFS is a distributed object storage system built in Rust. In versions 1.0.0-alpha.13 through 1.0.0-alpha.78, a flawed denyonly short-circuit in RustFS IAM allows a restricted service account or STS credential to self-issue an unrestricted service account, inheriting the parent’s full privilege...
PT-2026-2144
Name of the Vulnerable Software and Affected Versions RustFS versions 1.0.0-alpha.13 through 1.0.0-alpha.78 Description RustFS is a distributed object storage system built in Rust. A flaw in the deny only short-circuit within RustFS IAM allows a restricted service account or STS credential to...
CVE-2006-3416
Tor before 0.1.1.20 kills the circuit when it receives an unrecognized relay command, which causes network circuits to be disbanded. NOTE: while this item is listed under the "Security fixes" section of the developer changelog, the developer clarified on 20060707 that this is only a self-DoS...
CVE-2025-68755
The CVE-2025-68755 entry concerns the Linux kernel MOST I2C driver, which was reported as completely broken for five years and has been removed from staging. The root cause was a change requiring an interface device pointer before registration; the I2C driver was never updated, creating a potenti...
PT-2026-1243
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The MOST I2C driver within the Linux kernel was broken for five years without detection. A commit required drivers to set an interface device pointer before registration, but the I2C...
PT-2026-27651
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel's ATM LANE LAN Emulation module contains a null pointer dereference issue in the lec arp clear vccs function. This flaw occurs when the underlying Virtual Circuit VCC is...
SUSE CVE-2023-54175
In the Linux kernel, the following vulnerability has been resolved: i2c: xiic: xiicxfer: Fix runtime PM leak on error path The xiicxfer function gets a runtime PM reference when the function is entered. This reference is released when the function is exited. There is currently one error path wher...