EUVD-2026-29025

A vulnerability has been found in Open5GS up to 2.7.7. This issue affects the function OpenAPIlistcreate of the component SMF. Such manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The project was informed ...

CVE-2026-8268

A vulnerability has been found in Open5GS up to 2.7.7. This issue affects the function OpenAPIlistcreate of the component SMF. Such manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The project was informed ...

CVE-2026-8269

Open5GS up to version 2.7.7 is affected in the SMF component due to the smf_nsmf_handle_create_sm_context function. A manipulation of input/context leads to a Denial of Service, with remote exploitation possible and the exploit publicly available. Affected function is explicitly named in multiple...

CVE-2026-8269 Open5GS SMF smf_nsmf_handle_create_sm_context denial of service

A vulnerability was found in Open5GS up to 2.7.7. Impacted is the function smfnsmfhandlecreatesmcontext of the component SMF. Performing a manipulation results in denial of service. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The project was...

CVE-2026-8268

Open5GS SMF OpenAPI_list_create is affected up to version 2.7.7. The vulnerability enables remote manipulation of OpenAPI_list_create, causing denial of service. Publicly disclosed exploit exists and may be used. The report notes the project was informed early via an issue but has not responded y...

CVE-2026-8268

A vulnerability has been found in Open5GS up to 2.7.7. This issue affects the function OpenAPIlistcreate of the component SMF. Such manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The project was informed ...

CVE-2026-8268 Open5GS SMF OpenAPI_list_create denial of service

A vulnerability has been found in Open5GS up to 2.7.7. This issue affects the function OpenAPIlistcreate of the component SMF. Such manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The project was informed ...

Outline 安全漏洞

Outline is an open-source knowledge base developed by Outline. Versions 0.84.0 to 1.7.0 of Outline contain security vulnerabilities. These vulnerabilities stem from a corrupted authorization pattern in the subscriptions.create API endpoint. When both collectionId and documentId are provided...

Open5GS 安全漏洞

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for LTE/NR networks. Versions of Open5GS 2.7.7 and earlier contain security vulnerabilities. These vulnerabilities stem from the function smfnsmfhandlecreatesmcontext in the SMF component,...

PT-2026-39567

A vulnerability has been found in Open5GS up to 2.7.7. This issue affects the function OpenAPI list create of the component SMF. Such manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The project was informe...

MLflow 路径遍历漏洞

MLFlow is an open-source platform that simplifies machine learning development. It includes features for tracking experiments, packaging code for reproducible runs, and sharing and deploying models. Versions of MLFlow prior to 3.9.0 contained a path traversal vulnerability. This vulnerability...

Exploit for Code Injection in Apache Nifi

CVE-2023-34468 — Apache NiFi 1.21.0 RCE PoC Remote Code Execu...

CVE-2026-42296

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Prior to versions 3.7.14 and 4.0.5, a user with create Workflow permission can bypass templateReferencing: Strict to get host network access, switch service accounts, override pod...

SUSE CVE-2026-43132

In the Linux kernel, the following vulnerability has been resolved: dm-verity: correctly handle dmbufioclientcreate failure If either of the calls to dmbufioclientcreate in verityfecctr fails, then dmbufioclientdestroy is later called with an ERRPTR argument. That causes a crash. Fix this...

GHSA-WWQH-7JM5-GJ7W free5GC's PCF npcf-policyauthorization POST /app-sessions panics on suppFeat=1 with missing AfRoutReq via nil pointer dereference

Summary free5GC's PCF POST /npcf-policyauthorization/v1/app-sessions handler panics on a single authenticated request whose ascReqData.suppFeat == "1" enabling traffic-routing feature negotiation and whose medComponents entries supply an afAppId but NO AfRoutReq. The create path then calls...

Open WebUI's Base Model Routing Bypasses Access Control via Model Chaining

Base Model Routing Bypasses Access Control via Model Chaining Affected Component Model chaining via basemodelid: - backend/openwebui/routers/models.py lines 170-214, createnewmodel - backend/openwebui/routers/models.py lines 254-308, importmodels - backend/openwebui/main.py lines 1696-1711, base...

Missing Authorization

Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Missing Authorization via the createfolder process. An attacker can create unauthorized folders in another user's account, potentially flooding the victim's folder tree or planting phishing content, by...

CVE-2026-29202

Insufficient input validation of the plugin parameter of the createuser plugin allows arbitrary Perl code execution on behalf of the already authenticated account's system user...

EUVD-2026-28776

In the Linux kernel, the following vulnerability has been resolved: nfs: return EISDIR on nfs3proccreate if dalias is a dir If we found an alias through nfs3docreate/nfsaddorobtain /dsplicealias which happens to be a dir dentry, we don't return any error, and simply forget about this alias, but t...

EUVD-2026-28557

In the Linux kernel, the following vulnerability has been resolved: drm: Account property blob allocations to memcg DRMIOCTLMODECREATEPROPBLOB allows userspace to allocate arbitrary-sized property blobs backed by kernel memory. Currently, the blob data allocation is not accounted to the allocatin...