CVE-2026-44505

Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. network-libp2p handles kad get-record query progress in handledhtget network-libp2p/src/swarm.rs. Prior to version 1.4.0, when a peer returns a FoundRecord, the code verifies the record...

Nimiq 安全漏洞

Nimiq is an open-source implementation of the Albatross protocol in Rust. Prior versions of the Nimiq network-libp2p 1.4.0 contained security vulnerabilities. These vulnerabilities stemmed from improper handling of the kad get-record query, where incorrect validation of records resulted in...

EUVD-2026-35876

Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. network-libp2p handles kad get-record query progress in handledhtget network-libp2p/src/swarm.rs. Prior to version 1.4.0, when a peer returns a FoundRecord, the code verifies the record...

Node Version Manager 安全漏洞

Node Version Manager is an open-source node version manager developed by nvm.sh. Versions of Node Version Manager prior to 0.40.4 contain security vulnerabilities. These vulnerabilities stem from the ability to execute arbitrary commands from the configured image version string. The functions...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure to clear the erriov and errbuftype fields during the smb2openfile function. This...

CVE-2026-43168

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix reflink preserve cleanup issue commit c06c303832ec "ocfs2: fix xattr array entry countedby error" doesn't handle all cases and the cleanup job for preserved xattr entries still has bug: - the 'last' pointer should be...

Linux Distros Unpatched Vulnerability : CVE-2026-43027

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: nfconntrackhelper: pass helper to expect cleanup nfconntrackhelperunregister calls nfctexpectiteratedestroy to remove expectations belonging to the...

fprime 输入验证错误漏洞

fprime is an open-source flight software and embedded system framework developed by NASA. Versions of fprime prior to 4.2.0 contained a vulnerability related to input validation errors. This vulnerability stemmed from boundary-checking use of U32 addition, which allowed overflow bypasses, and the...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011356)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011356 advisory. In the Linux kernel, the following vulnerability has been resolved: net: netpoll: fix incorrect refcount handling causing incorrect cleanup commit efa95b01da18...

OESA-2026-1863 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to detect potential corrupted nid in freenidlist As reported, on-disk footer.ino and footer.nid is the same and out-of-range, let's add sanity check on...

ROS-20260216-73-0016

Vulnerability in gpac related to incorrect resource cleanup or release. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Azure Linux 3.0 Security Update: kernel (CVE-2024-46784)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46784 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix error handling in...

WordPress plugin ELEX WordPress HelpDesk & Customer Ticketing System 跨站脚本漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. WordPress is a blogging platform developed using the PHP language, which provides the ability to host a personal blog site on a PHP and MySQL based server.WordPress plugin is an...

kernel: scsi: qla2xxx: Wait for io return on terminate rport

A flaw was found in the Linux kernel’s SCSI driver component qla2xxx used with FCP-2 devices. When the terminaterportio function is invoked , the driver may exit cleanup before all outstanding I/O operations have returned. This can lead to a use-after-free condition when resources are freed while...

CVE-2025-66033 Improper Memory Cleanup in the Okta Java SDK

Okta Java Management SDK facilitates interactions with the Okta management API. In versions 21.0.0 through 24.0.0, specific multithreaded implementations may encounter memory issues as threads are not properly cleaned up after requests are completed. Over time, this can degrade performance and...

Grav CMS 跨站脚本漏洞

Grav CMS is a flat file-based content management system from Grav open source. A cross-site scripting vulnerability exists in Grav CMS version 1.7.49, which stems from the page editor not properly cleaning up the script tag and could lead to a stored cross-site scripting attack...

TencentOS Server 3: python39:3.9 and python39-devel:3.9 (TSSA-2024:0768)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0768 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

WordPress plugin WP Count Down Timer 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin ... A cross-site...

WordPress plugin Skip to Timestamp 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

CVE-2025-64686

...