CLSA-2026-1777567181 openssl: Fix of CVE-2026-28390

CVE-2026-28390: fix NULL pointer dereference in rsacmsdecrypt when CMS RSA-OAEP pSourceFunc is missing its parameter...

CLSA-2026-1777553052 openssl: Fix of CVE-2026-28389

CVE-2026-28389: fix NULL pointer dereference in dhcmssetsharedinfo and ecdhcmssetsharedinfo when the CMS KeyEncryptionAlgorithmIdentifier parameter field is omitted...

CLSA-2026-1777552800 openssl: Fix of CVE-2026-28389

CVE-2026-28389: fix NULL pointer dereference in dhcmssetsharedinfo and ecdhcmssetsharedinfo when the CMS KeyEncryptionAlgorithmIdentifier parameter field is omitted...

CLSA-2026-1777541792 Fix CVE(s): CVE-2026-28390

SECURITY UPDATE: NULL dereference in CMS RSA-OAEP decryption when the optional pSourceFunc parameters field is omitted from a KeyTransportRecipientInfo, leading to a denial of service. - debian/patches/CVE-2026-28390.patch: check plab-parameter for NULL before accessing its type field in...

grav-exploit

GravCMS 1.10.7 - Unauthenticated Remote Code Execution RCE...

CVE-2026-42798

Little CMS lcms2 2.16 through 2.18 before 2.19 has an integer overflow in ParseCube in cmscgats.c...

Exploit for CVE-2026-42141

CVE-2026-42141 - xibo CMS SSRF SSRF vulnerability in Xibo CMS...

CVE-2026-42798

Little CMS lcms2 2.16 through 2.18 before 2.19 has an integer overflow in ParseCube in cmscgats.c...

EUVD-2026-26351

Little CMS lcms2 2.16 through 2.18 before 2.19 has an integer overflow in ParseCube in cmscgats.c...

CVE-2026-42798

Little CMS lcms2 2.16 through 2.18 before 2.19 has an integer overflow in ParseCube in cmscgats.c...

CVE-2026-42798

Little CMS lcms2 2.16 through 2.18 before 2.19 has an integer overflow in ParseCube in cmscgats.c...

CVE-2026-42798

Little CMS (lcms2) versions 2.16–2.18 before 2.19 have an integer overflow in ParseCube within cmscgats.c. The provided documents do not include exploit details or explicit remediation steps. References show a version delta toward 2.19 (lcms2.18...lcms2.19), but the materials do not state a confi...

CVE-2026-42798

Little CMS lcms2 2.16 through 2.18 before 2.19 has an integer overflow in ParseCube in cmscgats.c...

Exploit for Code Injection in Craftcms Craft_Cms

CVE-2025-32432 Here's the updated README file, now including t...

Bootstrap CMS 注入漏洞

Bootstrap CMS is an open-source content management system based on PHP. The Bootstrap CMS 0.9.0-alpha version has a vulnerability due to an unknown function in the Page Creation Handler component file resources/views/pages/show.blade.php, which allows for code injection when manipulating the body...

Little CMS 输入验证错误漏洞

Little CMS lcms or liblcms is an open-source color management system developed by Marti Maria. This system offers features such as black-point compensation, processing of various pixel formats, and configuration file editing. Versions 2.16 to 2.18 of Little CMS, as well as earlier versions, had a...

Important: edk2

Issue Overview: Potential use-after-free in DANE client code CVE-2026-28387 NULL Pointer Dereference When Processing a Delta CRL NOTE: https://openssl-library.org/news/secadv/20260407.txt CVE-2026-28388 Possible NULL dereference when processing CMS KeyAgreeRecipientInfo CVE-2026-28389 Possible NU...

Amazon Linux 2 : edk2, --advisory ALAS2-2026-3275 (ALAS-2026-3275)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3275 advisory. Potential use-after-free in DANE client code CVE-2026-28387 NULL Pointer Dereference When Processing a Delta CRL NOTE: https://openssl-library.org/news/secadv/20260407.txt CVE-2026-28388 Possible...

PT-2026-36080

Name of the Vulnerable Software and Affected Versions Little CMS lcms2 versions 2.16 through 2.18 Description An integer overflow exists in the ParseCube function within the cmscgats.c file. An integer overflow occurs when a program attempts to store a numeric value that is too large for the...

Camaleon CMS v2.9.0 - Path Traversal

Exploit Title: Camaleon CMS v2.9.0 - Path Traversal Date: 2026-02-02 Exploit Author: Sakshi Velampudi CyberQuestor Vendor Homepage: https://github.com/owen2345/camaleon-cms Software Link: https://github.com/owen2345/camaleon-cms/releases/tag/2.9.0 Version: = 2.9.0 Tested on: Linux CVE:...