CVE-2026-48774

ProxySQL is a proxy for MySQL and its forks, as well as PostgreSQL. In versions 3.0.0 through 3.0.8, ProxySQL's GenAI/MCP runsqlreadonly tool violates its documented read-only contract for MySQL targets. The tool validates only the full input string with a substring blacklist and first-keyword...

EUVD-2026-16464

Incus vulnerable to denial of source through crafted bucket backup file...

CVE-2026-33743

Incus is a system container and virtual machine manager. Prior to version 6.23.0, a specially crafted storage bucket backup can be used by an user with access to Incus' storage bucket feature to crash the Incus daemon. Repeated use of this attack can be used to keep the server offline causing a...

PT-2026-21590

Name of the Vulnerable Software and Affected Versions free5GC SMF versions up to and including 1.4.1 Description free5GC SMF provides Session Management Function for free5GC, an open-source project for 5th generation 5G mobile core networks. The SMF component experiences a panic and terminates wh...

CVE-2025-65565

A denial-of-service vulnerability exists in the omec-project UPF pfcpiface component in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association is established, a PFCP Session Establishment Request that is missing the mandatory F-SEID CPF-SEID Information Element is not properly validated. The...