Lucene search
K

16284 matches found

NVD
NVD
added 10 hours ago6 views

CVE-2026-42936

The installer of HYPER SBI 2 insecurely loads Dynamic Link Libraries. If there is a crafted DLL at the same directory when invoking the affected installer, arbitrary code may be executed with the privilege of the user invoking the installer...

8.4CVSS
Exploits0References1
Cvelist
Cvelist
added 11 hours ago6 views

CVE-2026-42936

The installer of HYPER SBI 2 insecurely loads Dynamic Link Libraries. If there is a crafted DLL at the same directory when invoking the affected installer, arbitrary code may be executed with the privilege of the user invoking the installer...

8.4CVSS
Exploits0References1
CVE
CVE
added 11 hours ago10 views

CVE-2026-42936

The CVE-2026-42936 entry concerns the HYPER SBI 2 installer, which insecurely loads Dynamic Link Libraries. A local attacker can place a crafted DLL in the installer’s directory, enabling arbitrary code execution with the invoking user’s privileges during installation. The documented impact is hi...

8.4CVSS7.1AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 11 hours ago6 views

CVE-2026-42936

The installer of HYPER SBI 2 insecurely loads Dynamic Link Libraries. If there is a crafted DLL at the same directory when invoking the affected installer, arbitrary code may be executed with the privilege of the user invoking the installer...

8.4CVSS7.1AI score
Exploits0References2
EUVD
EUVD
added 11 hours ago7 views

EUVD-2026-44591

The installer of HYPER SBI 2 insecurely loads Dynamic Link Libraries. If there is a crafted DLL at the same directory when invoking the affected installer, arbitrary code may be executed with the privilege of the user invoking the installer...

8.4CVSS7.1AI score
Exploits0References1
Nuclei
Nuclei
added 12 hours ago157 views

SiYuan Note - Cross-Site Scripting

SiYuan Note through version 3.6.1 is vulnerable to unauthenticated reflected Cross-Site Scripting XSS in the /api/icon/getDynamicIcon endpoint due to improper filtering of SVG elements with a namespace prefix such as . By using a namespaced script element, attackers can bypass the SanitizeSVG...

8.6CVSS6.3AI score0.00469EPSS
Exploits1References2
NVD
NVD
added yesterday6 views

CVE-2026-48806

Twig is a template language for PHP. Prior to 3.27.0, ArrayExpression does not guard dynamic mapping keys that are coerced to strings, allowing PHP to invoke toString on a Stringable object used as a mapping key without calling SandboxExtension::ensureToStringAllowed. This issue is fixed in versi...

7.1CVSS
Exploits0References3
NVD
NVD
added yesterday5 views

CVE-2026-46640

Twig is a template language for PHP. From 3.15.0 until 3.26.0, self. and import-alias dynamic attribute syntax can concatenate an attacker-controlled string into a MacroReferenceExpression name without identifier validation, causing raw PHP to be emitted into the generated template source and...

8.7CVSS0.00056EPSS
Exploits0References3
Cvelist
Cvelist
added yesterday25 views

CVE-2026-48806 Twig: Sandbox `__toString()` policy bypass via dynamic mapping keys

Twig is a template language for PHP. Prior to 3.27.0, ArrayExpression does not guard dynamic mapping keys that are coerced to strings, allowing PHP to invoke toString on a Stringable object used as a mapping key without calling SandboxExtension::ensureToStringAllowed. This issue is fixed in versi...

7.1CVSS
Exploits0References3
CVE
CVE
added yesterday28 views

CVE-2026-48806

Twig’s vulnerability CVE-2026-48806 concerns dynamic mapping keys in ArrayExpression not being wrapped for string coercion, allowing PHP to call __toString() on a Stringable key without SandboxExtension::ensureToStringAllowed(). The issue affects Twig

7.1CVSS6.1AI score
Exploits0References3
CVE
CVE
added yesterday20 views

CVE-2026-47732

Twig Sandbox: multiple __toString() policy bypasses via unguarded string coercion points existed prior to 3.26.0, enabling string coercion of Stringable operands through various constructs (conditional expressions, matches operator, loose comparisons, tests, template-loading tags, dynamic attribu...

7.1CVSS6.1AI score0.00044EPSS
Exploits0References3
NVD
NVD
added yesterday3 views

CVE-2026-49181

Integer underflow wrap or wraparound in Windows DHCP Client allows an unauthorized attacker to elevate privileges over a network...

7.5CVSS
Exploits0References1
NVD
NVD
added yesterday3 views

CVE-2026-48564

Heap-based buffer overflow in Windows DHCP Server allows an authorized attacker to execute code over a network...

8.8CVSS
Exploits0References1
CVE
CVE
added yesterday9 views

CVE-2026-58627

CVE-2026-58627 is a Windows DHCP Server Denial of Service vulnerability caused by uncontrolled resource consumption that allows a remote attacker to deny service over a network. Affected: Windows DHCP Server. Impact: availability loss (high). Mitigation: Microsoft has released updates and guidanc...

7.5CVSS6.1AI score
Exploits0References1
CVE
CVE
added yesterday7 views

CVE-2026-56159

CVE-2026-56159 is a heap-based buffer overflow in Windows DHCP Server that can allow an unauthenticated attacker to execute code over a network (remote code execution). The vulnerability is rated CRITICAL with Network attack vector and no explicit exploit details in the provided documents. Connec...

9.8CVSS6.3AI score
Exploits0References1
CVE
CVE
added yesterday5 views

CVE-2026-50370

CVE-2026-50370 is a heap-based buffer overflow in the Windows DHCP Server service that could allow an unauthenticated attacker on an adjacent network to execute code. The vulnerability is listed among the July 2026 Patch Tuesday disclosures and is included in Microsoft’s security updates (KB50995...

8.8CVSS6.3AI score
Exploits0References1
Cvelist
Cvelist
added yesterday17 views

CVE-2026-50370 DHCP Server Service Remote Code Execution Vulnerability

...

8.8CVSS
Exploits0References1
Cvelist
Cvelist
added yesterday18 views

CVE-2026-48564 DHCP Server Service Remote Code Execution Vulnerability

...

8.8CVSS
Exploits0References1
Microsoft Security Update
Microsoft Security Update
added yesterday3 views

2026-07 Dynamic Cumulative Update for Windows 10 Version 21H2 for x64-based Systems (KB5099539)

2026-07 Dynamic Cumulative Update for Windows 10 Version 21H2 for x64-based Systems KB5099539...

6.1AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added yesterday4 views

2026-07 Dynamic Cumulative Update for Windows 10 Version 21H2 for x86-based Systems (KB5099539)

2026-07 Dynamic Cumulative Update for Windows 10 Version 21H2 for x86-based Systems KB5099539...

6.1AI score
Exploits0
Rows per page
Query Builder