CVE-2026-28742

Naxclow devices use a uniform request-signing scheme based on a hard-coded, platform-wide salt embedded in every firmware image. Once this salt is recovered from any device, an attacker can generate valid signatures for arbitrary device or account operations due to the absence of per-device keys,...

CVE-2026-28742 Naxclow IoT Platform Use of hard-coded cryptographic key

Naxclow devices use a uniform request-signing scheme based on a hard-coded, platform-wide salt embedded in every firmware image. Once this salt is recovered from any device, an attacker can generate valid signatures for arbitrary device or account operations due to the absence of per-device keys,...

CVE-2026-28742

CVE-2026-28742 relates to Naxclow IoT Platform devices using a uniform, hard-coded platform-wide salt for request signing embedded in firmware. The lack of per‑device keys, server-side nonce tracking, or replay protections allows recovered salts to enable valid signatures for arbitrary device or ...

PT-2026-48951

Name of the Vulnerable Software and Affected Versions Naxclow Smart Doorbell X3 affected versions not specified Naxclow devices affected versions not specified Description Naxclow devices utilize a uniform request-signing scheme that relies on a hard-coded, platform-wide salt embedded in every...

SUSE CVE-2026-44393

An issue was discovered in OpenStack oslo.messaging 1.0.0 through 17.3.0. The oslo.messaging RabbitMQ driver does not perform TLS hostname verification when connecting to the message broker. When sslcafile is configured, the driver enables certificate chain validation but does not pass the expect...

EUVD-2026-34294

An issue was discovered in OpenStack oslo.messaging 1.0.0 through 17.3.0. The oslo.messaging RabbitMQ driver does not perform TLS hostname verification when connecting to the message broker. When sslcafile is configured, the driver enables certificate chain validation but does not pass the expect...

CVE-2026-44393

An issue was discovered in OpenStack oslo.messaging 1.0.0 through 17.3.0. The oslo.messaging RabbitMQ driver does not perform TLS hostname verification when connecting to the message broker. When sslcafile is configured, the driver enables certificate chain validation but does not pass the expect...

EUVD-2021-6990

Malicious code in bioql PyPI...

CVE-2025-20141

A vulnerability in the handling of specific packets that are punted from a line card to a route processor in Cisco IOS XR Software Release 7.9.2 could allow an unauthenticated, adjacent attacker to cause control plane traffic to stop working on multiple Cisco IOS XR platforms. This vulnerability ...

CVE-2025-20141 Cisco IOS XR Software Release 7.9.2 Denial of Service Vulnerabillity

A vulnerability in the handling of specific packets that are punted from a line card to a route processor in Cisco IOS XR Software Release 7.9.2 could allow an unauthenticated, adjacent attacker to cause control plane traffic to stop working on multiple Cisco IOS XR platforms. This vulnerability ...

F5 Networks BIG-IP : Linux kernel TCP ISN vulnerability (K15301)

The 1 IPv4 and 2 IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service disrupted networking or hijack network sessions by predicting...