CVE-2026-5652

An insecure direct object reference vulnerability in the Users API component of Crafty Controller allows a remote, authenticated attacker to perform user modification actions via improper API permissions validation...

CVE-2026-40566

FreeScout is a free self-hosted help desk and shared mailbox. Versions prior to 1.8.213 have a Server-Side Request Forgery SSRF vulnerability in the IMAP/SMTP connection test functionality of FreeScout's MailboxesController. Three AJAX actions fetchtest line 731, sendtest line 682, and imapfolder...

Hardy Barth Salia EV Charge Controller

RISK EVALUATION Successful exploitation of these vulnerabilities could crash the device being accessed; a buffer overflow condition may allow remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these...

CVE-2026-29647

In OpenXiangShan NEMU, insufficient Smstateen permission enforcement allows lower-privileged code to access IMSIC state via stopei/vstopei CSRs even when mstateen0.IMSIC is cleared, potentially enabling cross-context information leakage or disruption of interrupt handling...

CVE-2026-6383 vulnerabilities

Vulnerabilities for packages: virt-api-fips, virt-handler-fips, virt-operator-fips, virt-api, virt-controller-fips, virt-controller, virt-operator, virt-handler...

GHSA-J6CV-3W8P-VRG8 vulnerabilities

Vulnerabilities for packages: virt-api-fips, virt-handler-fips, virt-operator-fips, virt-api, virt-controller-fips, virt-controller, virt-operator, virt-handler...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-006949)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006949 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: host: xhci: Fix potential memory leak in xhciallocstreaminfo xhciallocstreaminfo allocates...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013335)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013335 advisory. In the Linux kernel, the following vulnerability has been resolved: ACPI: EC: Fix oops when removing custom query handlers When removing custom query handlers, the...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-013185)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013185 advisory. In the Linux kernel, the following vulnerability has been resolved: serial: amba-pl011: avoid SBSA UART accessing DMACR register Chapter B Generic UART in ARM Server...

PT-2026-34013

An insecure direct object reference vulnerability in the Users API component of Crafty Controller allows a remote, authenticated attacker to perform user modification actions via improper API permissions validation...

FreeScout 安全漏洞

FreeScout is a lightweight and powerful free open-source help desk and shared inbox built using PHP Laravel framework by FreeScout Inc. Versions of FreeScout prior to 1.8.213 contained security vulnerabilities. These vulnerabilities stemmed from the IMAP/SMTP connection testing functionality in t...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-010800)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010800 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bcsp: receive data only if registered Currently, bcsprecv can be called even when the...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013162)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013162 advisory. In the Linux kernel, the following vulnerability has been resolved: Revert mmc: dwmmc: Fix IDMAC operation with pages bigger than 4K The commit 8396c793ffdf mmc:...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010912)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010912 advisory. In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: setup GPIO controller later in probe The GPIO controller component of the...

FreeScout 安全漏洞

FreeScout is a lightweight and powerful free open-source help desk and shared inbox built using PHP Laravel framework by FreeScout Inc. Versions of FreeScout prior to 1.8.215 contained security vulnerabilities. These vulnerabilities stemmed from the MailboxesController::updateSave function, which...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011233)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011233 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: Free resources after unregistering them The DP component's unbind operation walks...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011234)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011234 advisory. In the Linux kernel, the following vulnerability has been resolved: nvme-fc: use lock accessing portstate and rport state nvmefcunregisterremote removes the remote...

CVE-2026-29647

In OpenXiangShan NEMU, insufficient Smstateen permission enforcement allows lower-privileged code to access IMSIC state via stopei/vstopei CSRs even when mstateen0.IMSIC is cleared, potentially enabling cross-context information leakage or disruption of interrupt handling...

CVE-2026-6284

An attacker with network access to the PLC is able to brute force discover passwords to gain unauthorized access to systems and services. The limited password complexity and no password input limiters makes brute force password enumeration possible...

EUVD-2026-23917

Dell PowerProtect Data Domain appliances, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper privilege management vulnerability in IDRAC. A high privileged attacker with local access could...