CVE-2026-20182

May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the was disclosed in February 2026. This new advisory is for a new vulnerability in the control connection handshaking. The section of this advisory includes Show...

CVE-2026-35415 Windows Storage Spaces Controller Elevation of Privilege Vulnerability

...

CVE-2026-35415

Technical details about CVE-2026-35415 are not publicly available in the provided connected documents. Monitor for updates for specifics on affected products, impact, and mitigations once they are published.

CVE-2026-27144 vulnerabilities

Vulnerabilities for packages: howdy-yall, grafana-operator, argo-rollouts, tailscale, mage, falco-no-driver, azurefile-csi, fuse-overlayfs-snapshotter, knative-eventing, newrelic-nri-statsd, prometheus, cadvisor, tetragon, opencost, gitleaks, http-echo, istio, prometheus-operator, nri-mssql,...

CVE-2026-32076 Windows Storage Spaces Controller Elevation of Privilege Vulnerability

...

CVE-2026-27907 Windows Storage Spaces Controller Elevation of Privilege Vulnerability

...

CVE-2026-27907 Windows Storage Spaces Controller Elevation of Privilege Vulnerability

...

CVE-2026-27907

CVE-2026-27907 is a Windows Storage Spaces Controller elevation-of-privilege vulnerability caused by an integer underflow. Exploitation would require local access with low privileges. Publicly available sources confirm the issue and that Microsoft released fixes (e.g., KB5082060 for Windows Serve...

Progress ShareFile Storage Zones Controller 代码问题漏洞

Progress ShareFile Storage Zones Controller is a file storage zone management control component developed by the American company Progress. There is a code vulnerability in Progress ShareFile Storage Zones Controller. This vulnerability stems from the fact that authenticated users can upload...

CVE-2024-53828 Ericsson Packet Core Controller (PCC) - Improper Handling of Syntactically Invalid Structure Vulnerability

Ericsson Packet Core Controller PCC versions prior to 1.38 contain a vulnerability where an attacker sending a large volume of specially crafted messages may cause service degradation...

CVE-2024-53828 Ericsson Packet Core Controller (PCC) - Improper Handling of Syntactically Invalid Structure Vulnerability

Ericsson Packet Core Controller PCC versions prior to 1.38 contain a vulnerability where an attacker sending a large volume of specially crafted messages may cause service degradation...

Ericsson Packet Core Controller 安全漏洞

Ericsson Packet Core Controller is a packet core controller developed by the Swedish company Ericsson. Versions of Ericsson Packet Core Controller prior to version 1.38 contained security vulnerabilities. These vulnerabilities could lead to service degradation if attackers sent a large number of...

Dell Integrated Dell Remote Access Controller Code Execution Vulnerability

Dell Integrated Dell Remote Access Controller is an embedded controller for remote management and monitoring of servers from Dell USA. A code execution vulnerability exists in Dell Integrated Dell Remote Access Controller. The vulnerability stems from the application failing to properly filter...

Pharos Controls Mosaic Show Controller

RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker to execute arbitrary commands with root privileges. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize...

EUVD-2026-8996

A security flaw has been discovered in youlaitech youlai-mall 2.0.0. This affects the function listPagedSpuForApp of the file mall-pms/pms-boot/src/main/java/com/youlai/mall/pms/controller/app/SpuController.java of the component App-side Product Pagination Endpoint. Performing a manipulation of t...

CVE-2026-3028

CVE-2026-3028 affects erzhongxmu JEEWMS up to 3.7. The vulnerability impacts function doAdd in src/main/java/com/jeecg/demo/controller/JeecgListDemoController.java, where an argument named Name can be manipulated to trigger cross-site scripting. The issue can be remotely exploited; public exploit...

warehouse 访问控制错误漏洞

Warehouse is a small-scale warehouse logistics management system developed by Yeqifu’s individual developer, based on Spring Boot. There is an access control vulnerability in Warehouse. This vulnerability stems from improper access control issues in the functions addCustomer, updateCustomer, and...

itsourcecode School Management System SQL注入漏洞

itsourcecode School Management System is an open-source school management system developed by itsourcecode. Version 1.0 of itsourcecode School Management System has a SQL injection vulnerability. This vulnerability arises from incorrect operations with parameter IDs in the file...

CVE-2023-4343

Broadcom RAID Controller web interface is vulnerable due to exposure of sensitive password information in the URL as a URL search parameter...

PT-2026-1952

Name of the Vulnerable Software and Affected Versions Ruckus vRIoT IoT Controller versions prior to 3.0.0.0 GA Description The Ruckus vRIoT IoT Controller firmware exposes a command execution service on TCP port 2004 running with root privileges. Authentication to this service relies on a hardcod...