CVE-2026-11505

A flaw has been found in GL.iNet A1300, AX1800, AXT1800, MT2500, MT3000, MT6000, X3000 and XE3000 4.8.x. This affects an unknown function of the component glnassys. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack may be launched remotely. The attack requires ...

EUVD-2026-35024

A weakness has been identified in Tenda AC15 15.03.05.19. The impacted element is an unknown function of the file /etcro/smb.conf of the component Samba. Executing a manipulation can lead to weak password requirements. The attack is only possible within the local network. A high complexity level ...

firefox: thunderbird: webrtc: Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component...

SUSE CVE-2026-10701

Incorrect boundary conditions in the Graphics: Text component. This vulnerability was fixed in Firefox 151.0.3...

PT-2026-47508

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.103 Description An inappropriate implementation in Views allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape by using a crafted HTML page. This...

PT-2026-47256

A security vulnerability has been detected in TOTOLINK AC1200 T8 4.1.5cu.8611. This affects an unknown function of the file /etc/vsftpd.conf of the component vsftpd. The manipulation leads to least privilege violation. The attack may be initiated remotely. The exploit has been disclosed publicly...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by the American company Google. There is a security vulnerability in Google Chrome, which stems from issues with the Passwords component...

neovim 注入漏洞

Neovim is a modern, scalable text editor developed by Neovim OpenSource. Versions of Neovim 0.12.2 and earlier contained a vulnerability due to incorrect handling of the path parameter in the M.read function within the viewbranch component. This vulnerability could lead to command injection attac...

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. in the United States. Google Chrome has a vulnerability related to input validation, which stems from insufficient validation of unreliable inputs in the Views component...

Important: firefox

Issue Overview: Three inter-frame chunk discard paths in the push-mode APNG parser clear the chunk-header flag without consuming the chunk body and CRC, allowing attacker-controlled bytes inside an ignored ancillary chunk to be reinterpreted as a fresh chunk header on the next call to...

PT-2026-47268

A flaw has been found in GL.iNet A1300, AX1800, AXT1800, MT2500, MT3000, MT6000, X3000 and XE3000 4.8.x. This affects an unknown function of the component glnassys. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack may be launched remotely. The attack requires ...

PT-2026-47512

Name of the Vulnerable Software and Affected Versions Google Chrome on macOS versions prior to 149.0.7827.103 Description Insufficient validation of untrusted input in Dawn allows a remote attacker who has compromised the renderer process to leak cross-origin data through a crafted HTML page...

Google Chrome < 149.0.7827.102 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 149.0.7827.102. It is, therefore, affected by multiple vulnerabilities as referenced in the 202606stable-channel-update-for-desktop0153744567 advisory. - Use after free in Tracing in Google Chrome prior to 149.0.7827.10...

student_management_system 注入漏洞

studentmanagementsystem is a student information management tool personally developed by Vivek Singh. There is an injection vulnerability in studentmanagementsystem. This vulnerability stems from an unknown function in the Login component, located in the/index.ph file, which improperly handles...

RHEL 10 : frr (RHSA-2026:24347)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:24347 advisory. FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR...

ALSA-2026:24340 Important: frr security update

FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. Security Fixes: frr: denial of service via crafted FlowSpec component CVE-2026-37457 For more details about the security issues, including the...

Important: frr security update

FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. Security Fixes: frr: denial of service via crafted FlowSpec component CVE-2026-37457 For more details about the security issues, including the...

CVE-2026-11308

An inappropriate implementation flaw was found in the Extensions component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=505945112...

CVE-2026-11309

An insufficient policy enforcement flaw was found in the History component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=506392934...

CVE-2026-11307

An use after free flaw was found in the PDFium component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=504551617...