PT-2026-51991

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the mt76 wireless driver for the mt7996 PCI chip. A race condition occurs when the chip is detaching; the mt7996 coredump unregister function releases...

PT-2026-51655

Name of the Vulnerable Software and Affected Versions GeoVision GV-I/O Box 4E version 2.09 Description Multiple OS command injection issues exist within the libNetSetObj.so internal library, which is used to configure the network stack. A remote attacker can execute arbitrary commands by sending ...

PT-2026-51662

Name of the Vulnerable Software and Affected Versions GeoVision GV-I/O Box 4E version 2.09 Description OS command injection flaws exist in the libNetSetObj.so internal library, which is used to configure the network stack. A remote attacker can execute arbitrary commands by sending a specially...

PT-2026-51657

Name of the Vulnerable Software and Affected Versions GeoVision GV-I/O Box 4E affected versions not specified Description The DVRSearch service, which runs by default and listens for UDP messages on port 10001, contains a stack-based buffer overflow. The issue occurs when the server processes...

PT-2026-51659

Name of the Vulnerable Software and Affected Versions GeoVision GV-I/O Box 4E affected versions not specified Description The DVRSearch service, which runs by default and listens for UDP messages on port 10001, contains a stack-based buffer overflow. The issue occurs when the server reads up to...

Google Chrome < 149.0.7827.196 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 149.0.7827.196. It is, therefore, affected by multiple vulnerabilities as referenced in the 202606stable-channel-update-for-desktop0482630350 advisory. - Use after free in Autofill. CVE-2026-13038 - Use after free in...

Google Chrome < 149.0.7827.196 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 149.0.7827.196. It is, therefore, affected by multiple vulnerabilities as referenced in the 202606stable-channel-update-for-desktop0482630350 advisory. - Use after free in Autofill. CVE-2026-13038 - Use after free in WebG...

GHSA-XJVP-4FHW-GC47 vulnerabilities

Vulnerabilities for packages: node-feature-discovery, cadvisor, sriov-network-device-plugin-fips, cadvisor-fips, nvidia-container-toolkit-fips, buildah-fips, prometheus-podman-exporter, sriov-network-device-plugin, podman-fips, rancher-agent, nvidia-container-toolkit, rancher,...

CVE-2026-41579 vulnerabilities

Vulnerabilities for packages: node-feature-discovery, cadvisor, sriov-network-device-plugin-fips, cadvisor-fips, nvidia-container-toolkit-fips, buildah-fips, prometheus-podman-exporter, sriov-network-device-plugin, podman-fips, rancher-agent, nvidia-container-toolkit, rancher,...

CVE-2026-41579 vulnerabilities

Vulnerabilities for packages: buildah, rancher-agent, cadvisor, nvidia-container-toolkit, sriov-network-device-plugin, rancher, node-feature-discovery, k8s-device-plugin...

GHSA-XJVP-4FHW-GC47 vulnerabilities

Vulnerabilities for packages: buildah, rancher-agent, cadvisor, nvidia-container-toolkit, sriov-network-device-plugin, rancher, node-feature-discovery, k8s-device-plugin...

CVE-2026-50221

In OpenStack Swift before 2.37.2, proxy-server does not strip internal update headers X-Container-Host, X-Container-Device, X-Delete-At-Host, X-Delete-At-Device from client requests before forwarding them to object-servers. An authenticated user with write access can inject these headers to...

CVE-2026-50221

In OpenStack Swift before 2.37.2, proxy-server does not strip internal update headers X-Container-Host, X-Container-Device, X-Delete-At-Host, X-Delete-At-Device from client requests before forwarding them to object-servers. An authenticated user with write access can inject these headers to...

MINI-X29F-9757-H92G

Bulletin has no description...

Hubbell Aclara Metrum Cellular Web Interface

ADVISORY SUMMARY Successful exploitation of this vulnerability could allow attackers to manipulate critical device settings and repeatedly disrupt operations, potentially causing a loss of communications to the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to...

CVE-2026-56324

Capgo before 12.128.2 contains a rate limit bypass vulnerability in the channelself endpoint that allows attackers to circumvent rate limiting by rotating the user-controlled deviceid parameter. Attackers can send multiple requests per second by changing deviceid values to flood the channeldevice...

CVE-2026-56324

Capgo before 12.128.2 contains a rate limit bypass vulnerability in the channelself endpoint that allows attackers to circumvent rate limiting by rotating the user-controlled deviceid parameter. Attackers can send multiple requests per second by changing deviceid values to flood the channeldevice...

CVE-2026-56324 Capgo - Rate Limit Bypass via User-Controlled device_id Parameter

Capgo before 12.128.2 contains a rate limit bypass vulnerability in the channelself endpoint that allows attackers to circumvent rate limiting by rotating the user-controlled deviceid parameter. Attackers can send multiple requests per second by changing deviceid values to flood the channeldevice...

EUVD-2026-38374

Capgo before 12.128.2 contains a rate limit bypass vulnerability in the channelself endpoint that allows attackers to circumvent rate limiting by rotating the user-controlled deviceid parameter. Attackers can send multiple requests per second by changing deviceid values to flood the channeldevice...

CVE-2026-56324

Capgo contains a rate limit bypass in the channel_self endpoint prior to version 12.128.2. The vulnerability lets an attacker rotate the user-controlled device_id parameter to bypass rate limiting, enabling multiple requests per second and flooding the channel_devices table, potentially causing d...