MINI-86JP-4P5Q-72XV

Bulletin has no description...

MINI-X4WW-MH4J-3533

Bulletin has no description...

MINI-G94G-R4MM-JM6V

Bulletin has no description...

CVE-2026-7263

CVE-2026-7263 affects PHP 8.4.x (before 8.4.21) and 8.5.x (before 8.5.6). The issue is in the DOMNode::C14N() path, where XML processing can mis-handle data, creating a circular linked list in the XML document structure. This can cause the processor to enter an infinite loop, resulting in denial ...

CGA-R657-P3Q7-6WC9

Bulletin has no description...

MINI-WV3M-FC5J-7FJJ

Bulletin has no description...

CVE-2026-8193

CVE-2026-8193 affects Akaunting 3.1.21, specifically the Invoice PDF Rendering component’s dompdf.php file. The vulnerability arises from unknown processing in that file, enabling a remote attacker to manipulate inputs to achieve server-side request forgery (SSRF). Exploitation is indicated as po...

Updated rootcerts, nss & firefox packages fix security vulnerabilities

Use-after-free in the DOM: Core & HTML component. CVE-2026-6746 Use-after-free in the WebRTC component. CVE-2026-6747 Uninitialized memory in the Audio/Video: Web Codecs component. CVE-2026-6748 Information disclosure due to uninitialized memory in the Graphics: Canvas2D component. CVE-2026-6749...

UBUNTU-CVE-2026-42311

Pillow is a Python imaging library. From version 10.3.0 to before version 12.2.0, processing a malicious PSD file could lead to memory corruption, potentially resulting in a crash or arbitrary code execution. This issue has been patched in version 12.2.0...

CVE-2026-42311

Pillow is a Python imaging library. From version 10.3.0 to before version 12.2.0, processing a malicious PSD file could lead to memory corruption, potentially resulting in a crash or arbitrary code execution. This issue has been patched in version 12.2.0...

UBUNTU-CVE-2026-42310

Pillow is a Python imaging library. From version 4.2.0 to before version 12.2.0, an attacker can supply a malicious PDF that causes the process to hang indefinitely, consuming 100% CPU and making the application unresponsive. This issue has been patched in version 12.2.0...

BELL-CVE-2026-43222

Bulletin has no description...

EUVD-2026-28903

Pillow is a Python imaging library. From version 10.3.0 to before version 12.2.0, processing a malicious PSD file could lead to memory corruption, potentially resulting in a crash or arbitrary code execution. This issue has been patched in version 12.2.0...

CVE-2026-42310 Pillow: PDF Parsing Trailer Infinite Loop (DoS)

Pillow is a Python imaging library. From version 4.2.0 to before version 12.2.0, an attacker can supply a malicious PDF that causes the process to hang indefinitely, consuming 100% CPU and making the application unresponsive. This issue has been patched in version 12.2.0...

CVE-2026-42310 Pillow: PDF Parsing Trailer Infinite Loop (DoS)

Pillow is a Python imaging library. From version 4.2.0 to before version 12.2.0, an attacker can supply a malicious PDF that causes the process to hang indefinitely, consuming 100% CPU and making the application unresponsive. This issue has been patched in version 12.2.0...

EUVD-2026-28902

Pillow is a Python imaging library. From version 4.2.0 to before version 12.2.0, an attacker can supply a malicious PDF that causes the process to hang indefinitely, consuming 100% CPU and making the application unresponsive. This issue has been patched in version 12.2.0...

Spring AI's MilvusVectorStore#doDelete(List) implementation is vulnerable to filter-expression injection via unsanitized document IDs

Spring AI's MilvusVectorStoredoDeleteList implementation is vulnerable to filter-expression injection via unsanitized document IDs. Spring AI 1.0.x: affected from 1.0.0 through latest 1.0.x; upgrade to 1.0.7 or greater. Spring AI 1.1.x: affected from 1.1.0 through latest 1.1.x; upgrade to 1.1.6 o...

CVE-2026-41705

The CVE affects Spring AI MilvusVectorStore#doDelete(List) and is caused by a filter-expression injection from unsanitized document IDs. Affected are Spring AI 1.0.x (1.0.0–1.0.x); upgrade to 1.0.7+; and Spring AI 1.1.x (1.1.0–1.1.x); upgrade to 1.1.6+. CVSSv3.1 base score 8.6 (HIGH): Network acc...

VMware Spring AI 安全漏洞

VMware Spring AI is a development framework from VMware that integrates artificial intelligence and big language modeling capabilities in the Spring ecosystem. A security vulnerability exists in VMware Spring AI versions 1.0.0 through 1.0.7 prior and 1.1.0 through 1.1.6 prior, which stems from...

PT-2026-39225

Name of the Vulnerable Software and Affected Versions Spring AI versions 1.0.0 through 1.0.6 Spring AI versions 1.1.0 through 1.1.5 Description The doDeleteList function in the MilvusVectorStore implementation is susceptible to filter-expression injection. This occurs because document IDs are not...