EUVD-2026-3041

EUVD-2026-3041...

EUVD-2026-2491

In the Linux kernel, the following vulnerability has been resolved: tracing: Do not register unsupported perf events Synthetic events currently do not have a function to register perf events. This leads to calling the tracepoint register functions with a NULL function pointer which triggers:...

EUVD-2026-2508

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - zero initialize memory allocated via sockkmalloc Several crypto user API contexts and requests allocated with sockkmalloc were left uninitialized, relying on callers to set fields explicitly. This resulted in the...

EUVD-2026-2501

In the Linux kernel, the following vulnerability has been resolved: hwmon: w83791d Convert macros to functions to avoid TOCTOU The macro FANFROMREG evaluates its arguments multiple times. When used in lockless contexts involving shared driver data, this leads to Time-of-Check to Time-of-Use TOCTO...

EUVD-2026-2558

The Makesweat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'makesweatclubid' setting in all versions up to, and including, 0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level acce...

EUVD-2026-2549

The Gotham Block Extra Light plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.5.0 via the 'ghostban' shortcode. This makes it possible for authenticated attackers, with contributor-level access and above, to read the contents of arbitrary files on...

EUVD-2026-2573

EUVD-2026-2573...

EUVD-2026-2595

EUVD-2026-2595...

EUVD-2026-2590

EUVD-2026-2590...

EUVD-2026-2619

EUVD-2026-2619...

EUVD-2026-2617

EUVD-2026-2617...

EUVD-2026-2637

EUVD-2026-2637...

EUVD-2026-2639

EUVD-2026-2639...

EUVD-2026-2654

EUVD-2026-2654...

EUVD-2026-2067

Arbitrary file deletion vulnerability have been identified in a system function of mobility conductors running AOS-8 operating system. Successful exploitation of this vulnerability could allow an unauthenticated remote malicious actor to delete arbitrary files within the affected system and...

EUVD-2026-2061

Illustrator versions 29.8.3, 30.0 and earlier are affected by an Untrusted Search Path vulnerability that could result in arbitrary code execution in the context of the current user. If the application uses a search path to locate critical resources such as programs, an attacker could modify that...

EUVD-2026-2056

Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file and scope is...

EUVD-2026-2112

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally...

EUVD-2026-2117

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally...

EUVD-2026-2171

Use after free in Desktop Windows Manager allows an authorized attacker to elevate privileges locally...