MINI-C74W-HX3R-73XQ

Bulletin has no description...

MINI-295V-M3W3-HVW7

Bulletin has no description...

mcp-tool-poisoning-poc

mcp-tool-poisoning — Educational PoC Demonstrates the Too...

MINI-FQCF-XQF6-P32C

Bulletin has no description...

SUSE CVE-2026-11046

Insufficient validation of untrusted input in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

MINI-PQG9-C52P-G3M8

Bulletin has no description...

MINI-6C22-M7P5-MHH7

Bulletin has no description...

MINI-222X-FP9M-834V

Bulletin has no description...

ECHO-BDFA-6E88-F71C

Bulletin has no description...

ECHO-72FD-0B9F-0D34

Bulletin has no description...

MINI-GX8F-4P38-P3FW

Bulletin has no description...

MINI-2J7M-Q84J-GF6X

Bulletin has no description...

MINI-X3X9-97P6-PW9R

Bulletin has no description...

SUSE CVE-2025-24784

kubewarden-controller is a Kubernetes controller that allows you to dynamically register Kubewarden admission policies. The policy group feature, added to by the 1.17.0 release. By being namespaced, the AdmissionPolicyGroup has a well constrained impact on cluster resources. Hence, it's considere...

CVE-2025-66335

Apache Doris MCP Server versions earlier than 0.6.1 are affected by an improper neutralization flaw in query context handling that may allow execution of unintended SQL statements and bypass of intended query validation and access restrictions through the MCP query execution interface. Version...

CVE-2026-7587

A vulnerability has been found in Open5GS up to 2.7.7. This vulnerability affects the function amfnsmfpdusessionhandleupdatesmcontext of the file /src/amf/nsmf-handler.c of the component AMF. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit...

CVE-2025-9973

Due to not validating the organization context when executing adaptive authentication flows, the WSO2 Identity Server allows adaptive authentication logic to be triggered on unintended organizations. A malicious actor with privileges to configure adaptive authentication within one organization ca...

CVE-2026-34837

Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1, he REST endpoint POST /api/v1/aiassistance/texttools/:id contains an authorization failure. Context data e.g., a group or organization supplied to be used in the AI prompt were not checked if they are accessible f...

CVE-2026-6275

The StatCounter – Free Real Time Visitor Stats plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.1.1 This is due to insufficient output escaping on the post author's nickname in the statcounteraddToTags function. The function is hooked to wphead...

CVE-2025-39666

Local privilege escalation in Checkmk 2.2.0 EOL, Checkmk 2.3.0 before 2.3.0p46, Checkmk 2.4.0 before 2.4.0p25, and Checkmk 2.5.0 beta before 2.5.0b3 allows a site user to escalate their privileges to root, by manipulating files in the site context that are processed when the omd administrative...