7243 matches found
EUVD-2026-35656
Windows Universal Disk Format File System Driver UDFS Elevation of Privilege Vulnerability...
CVE-2026-40404
Windows Universal Disk Format File System Driver UDFS Elevation of Privilege Vulnerability...
CVE-2026-40409
Windows Universal Disk Format File System Driver UDFS Elevation of Privilege Vulnerability...
CVE-2026-40404
CVE-2026-40404 concerns a Windows Universal Disk Format (UDFS) File System Driver Elevation of Privilege. The vulnerability affects the UDFS component, with a local attack vector, requiring low privileges and no user interaction, and yields high impact to confidentiality, integrity, and availabil...
CVE-2026-40404 Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability
...
CVE-2026-40404 Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability
...
CVE-2026-40409 Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability
...
CVE-2026-40409
Technical details for CVE-2026-40409 are not publicly available in the provided documents. Monitor for updates from Microsoft/NVD for affected products, root cause, impact, and remediation.
CVE-2026-40409 Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability
...
CVE-2026-49955 Hermes WebUI < 0.51.270 Resource Exhaustion via passkey/options
Hermes WebUI before version 0.51.270 contains a resource exhaustion vulnerability that allows unauthenticated remote attackers to degrade service availability by repeatedly calling the passkey options endpoint without completing assertion. Attackers can send unlimited POST requests to the...
Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability
...
Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability
...
PT-2026-47853
Hermes WebUI before version 0.51.270 contains a resource exhaustion vulnerability that allows unauthenticated remote attackers to degrade service availability by repeatedly calling the passkey options endpoint without completing assertion. Attackers can send unlimited POST requests to the...
PT-2026-47870
Windows Universal Disk Format File System Driver UDFS Elevation of Privilege Vulnerability...
PT-2026-47871
Windows Universal Disk Format File System Driver UDFS Elevation of Privilege Vulnerability...
CVE-2026-11450
A vulnerability was detected in GL.iNet GL-MT3000 4.4.5. This affects the function dlopen in the library /usr/lib/oui-httpd/rpc/ of the component Path Normalization Handler. Performing a manipulation of the argument devname results in command injection. It is possible to initiate the attack...
Security Bulletin: Due to use of spring-web-6.2.17.jar, IBM Sterling Connect:Direct Web Services is vulnerable to allows an attacker to consume available disk space.
Summary spring-web-6.2.17.jar is used by IBM Sterling Connect:Direct Web Services CVE-2026-22740. Vulnerability Details CVEID:CVE-2026-22740 DESCRIPTION: A WebFlux server application that processes multipart requests creates temp files for parts larger than 10 K. Under some circumstances, temp...
CVE-2026-10277
A vulnerability was found in j3k0 mcp-google-workspace up to 831790e7d5c2663325733d9f5579cc339a267c4c. This issue affects the function saveToDisk of the file src/tools/gmail.ts of the component MCP Gmail Tool. Performing a manipulation results in improper access controls. It is possible to initia...
CVE-2026-28954
A file quarantine bypass was addressed with additional checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. A maliciously crafted disk image may bypass Gatekeeper checks...
CVE-2026-42191
OpenTelemetry.Exporter.OpenTelemetryProtocol is the OTLP OpenTelemetry Protocol exporter implementation. From 1.8.0 to 1.15.2, the OTLP disk retry feature in OpenTelemetry.Exporter.OpenTelemetryProtocol silently fell back to Path.GetTempPath when OTELDOTNETEXPERIMENTALOTLPRETRY=disk was set but...