PT-2026-49186

The Form Builder CP WordPress plugin before 1.2.47 does not properly sanitize a form configuration value before storing it and using it as part of a client-side script execution, allowing authenticated users with Editor-level access and above to perform Stored Cross-Site Scripting attacks against...

CVE-2026-45389

Summary (OCaml-TLS CVE-2026-45389): OCaml-TLS versions before 2.1.0 fail to properly validate KeyUsage and ExtendedKeyUsage on client certificates during mutual TLS, allowing impersonation with certificates intended for server authentication. The issue arises in the server-side certificate valida...

CVE-2026-45389

In OCaml-TLS before 2.1.0, the server implementation does insufficient checks of the certificate provided by the client when doing client authentication, which allows impersonation with certificates that are not meant for client authentication because of KeyUsage and ExtendedKeyUsage...

PT-2026-49562

Name of the Vulnerable Software and Affected Versions Angular versions prior to 22.0.0-rc.2 Angular versions prior to 21.2.15 Angular versions prior to 20.3.22 Angular versions prior to 19.2.23 Description A Denial of Service DoS issue exists in the @angular/common package. The formatNumber...

PT-2026-49594

Name of the Vulnerable Software and Affected Versions AIOHTTP versions prior to 3.14.1 Description Payload resources are not closed correctly when a client disconnects during a write operation. If a payload utilizes an open file or other limited resources, an attacker can cause temporary resource...

ROS-20260615-73-0026

The vulnerabilities of the functions xfSetWindowMinMaxInfo and xfrailgetwindow in the RDP client FreeRDP are related to the use of memory after it is freed. Exploiting these vulnerabilities can allow a remote attacker to compromise the confidentiality, integrity, and accessibility of the protecte...

ROS-20260615-73-0007

The vulnerability of the StreamEnsureCapacity function in the RDP client FreeRDP is caused by a numerical overflow condition. Exploiting this vulnerability could allow an attacker, operating remotely, to cause service failures...

ROS-20260615-73-0009

The vulnerability of the RDP client FreeRDP is related to the use of memory after it is freed. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

ROS-20260615-73-0016

The vulnerability of the gdiSurfaceCommandClearCodec function in the RDP client FreeRDP is caused by a buffer overflow. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

ROS-20260615-73-0015

The vulnerability of the gdiSurfaceCommandClearCodec function in the RDP client FreeRDP is caused by a buffer overflow. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

ROS-20260615-73-0011

The vulnerability of the planardecompressplanerle function in the FreeRDP RDP client is related to data writing beyond the specified buffer. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information...

ROS-20260615-73-0043

The vulnerabilities of the functions kerberosAcceptSecurityContext and kerberosInitializeSecurityContextA in the FreeRDP client are related to a memory reclamation error. Exploiting these vulnerabilities could allow an attacker to compromise the accessibility of protected information...

ROS-20260615-73-0030

The vulnerability of the bitmapcacheput function in the FreeRDP client involves writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...

ROS-20260615-73-0031

The vulnerability of the updatereadcachebitmaporder function in the RDP client FreeRDP is related to integer overflow. Exploiting this vulnerability could allow a malicious actor to cause service failure...

ROS-20260615-73-0038

The vulnerability of the progressivedecompresstileupgrade function in the RDP client FreeRDP is related to integer overflow. Exploiting this vulnerability could allow a malicious actor to cause service failure...

ROS-20260615-73-0042

The vulnerability of the persistentcachereadentryv3 function in the RDP client FreeRDP is related to buffer overflow in dynamic memory. Exploiting this vulnerability could allow an attacker to compromise the integrity and accessibility of protected information...

ROS-20260615-73-0041

The vulnerability of the yuvensurebuffer function in the RDP client FreeRDP is related to incorrect calculations of the size of the buffer allocated. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending specially crafted NAL packets...

ROS-20260615-73-0027

The vulnerability of the avc420yuvtorgb function in the RDP client FreeRDP is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures...

CVE-2026-54412

LiamBindle MQTT-C through version 1.1.6 contains a heap-based out-of-bounds read and integer underflow in the mqttunpackpublishresponse function in src/mqtt.c that allows a remote unauthenticated attacker controlling an MQTT broker - or able to inject MQTT traffic into an unencrypted session - to...

SUSE SLES15 Security Update : kernel (SUSE-SU-2026:2383-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2383-1 advisory. The SUSE Linux Enterprise 15 SP4 kernel was updated to fix various security issues The following security issues were fixed: -...