CVE-2026-7824 PaperCut Hive (Ricoh): Plain text password in logs

An issue was discovered in the PaperCut Hive Ricoh embedded application. When the "Deep Logging" diagnostic mode is enabled, the application inadvertently records administrative credentials in plain text within the log files. An attacker with administrative access to the PaperCut Hive management...

PT-2026-36984

Name of the Vulnerable Software and Affected Versions PaperCut Hive Ricoh embedded application affected versions not specified Description An issue exists where the application records administrative credentials in plain text within log files when the "Deep Logging" diagnostic mode is enabled. An...

DEBIAN-CVE-2026-29004

BusyBox before commit 42202bf contains a heap buffer overflow vulnerability in the DHCPv6 client udhcpc6 DNSSERVERS option handler in networking/udhcp/d6dhcpc.c that allows network-adjacent attackers to trigger memory corruption by sending a crafted DHCPv6 response with a malformed D6OPTDNSSERVER...

CVE-2026-29004 BusyBox DHCPv6 Client Heap Buffer Overflow via DNS_SERVERS

BusyBox before commit 42202bf contains a heap buffer overflow vulnerability in the DHCPv6 client udhcpc6 DNSSERVERS option handler in networking/udhcp/d6dhcpc.c that allows network-adjacent attackers to trigger memory corruption by sending a crafted DHCPv6 response with a malformed D6OPTDNSSERVER...

CVE-2026-29004

BusyBox prior to commit 42202bf contains a heap buffer overflow in the DHCPv6 client (udhcpc6) DNS_SERVERS option handler (networking/udhcp/d6_dhcpc.c). Attackers on the network-adjacent path can trigger memory corruption by sending a crafted DHCPv6 response with a malformed D6_OPT_DNS_SERVERS op...

CVE-2026-29004

BusyBox before commit 42202bf contains a heap buffer overflow vulnerability in the DHCPv6 client udhcpc6 DNSSERVERS option handler in networking/udhcp/d6dhcpc.c that allows network-adjacent attackers to trigger memory corruption by sending a crafted DHCPv6 response with a malformed D6OPTDNSSERVER...

CVE-2026-29004

BusyBox before commit 42202bf contains a heap buffer overflow vulnerability in the DHCPv6 client udhcpc6 DNSSERVERS option handler in networking/udhcp/d6dhcpc.c that allows network-adjacent attackers to trigger memory corruption by sending a crafted DHCPv6 response with a malformed D6OPTDNSSERVER...

PT-2026-36890

Name of the Vulnerable Software and Affected Versions BusyBox versions prior to commit 42202bf Description A heap buffer overflow exists in the DHCPv6 client udhcpc6 DNS SERVERS option handler within the networking/udhcp/d6 dhcpc.c file. Network-adjacent attackers can trigger memory corruption by...

ILM Informatique OpenConcerto 安全漏洞

ILM Informatique OpenConcerto is a business management software suite developed by the French company ILM Informatique. Version 1.7.5 of ILM Informatique OpenConcerto contains a security vulnerability, which stems from the storage of plaintext passwords, potentially allowing the retrieval of...

Astra Linux – Vulnerability in poppler-22, poppler

A issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h; this could lead to a denial of service. This issue arises because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an embedded file...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecchardev: fixed the kernel data leak caused by ioctl calls. It is possible to view the data of kernel pages by providing a larger insize value in struct croseccommand1 when invoking EC host commands. This...

Astra Linux – Vulnerability in SQLite3

The ext/misc/zipfile.c file in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded \0' characters in filenames, resulting in a memory-management error that can be detected using tools like valgrind...

CVE-2026-23863

CVE-2026-23863 affects WhatsApp for Windows prior to version 2.3000.1032164386.258709. The issue is an attachment spoofing flaw where documents with embedded NUL bytes in the filename could be displayed as one file type but executed when opened. Root cause is improper handling of specially crafte...

CVE-2026-23863

An attachment spoofing issue in WhatsApp for Windows prior to v2.3000.1032164386.258709 could have allowed maliciously formatted documents with embedded NUL bytes in the filename to be shown in the application as one type of file but run as an executable when opened. We have not seen evidence of...

CVE-2026-23863

An attachment spoofing issue in WhatsApp for Windows prior to v2.3000.1032164386.258709 could have allowed maliciously formatted documents with embedded NUL bytes in the filename to be shown in the application as one type of file but run as an executable when opened. We have not seen evidence of...

EUVD-2026-26663

A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger write UAF crash in the GPU GLES user-space shared library. On certain platforms, when the process executing graphics workload has system privileges this could enable subsequent exploit on the...

CVE-2026-37540

OpenAMP v2025.10.0 ELF loader contains an integer overflow in firmware image parsing: elf_loader.c multiplies two attacker-controlled 16-bit values from the ELF header without overflow checking. On 32-bit embedded targets (e.g., STM32MP1, Zynq, i.MX), large inputs can wrap the product to a small ...

CVE-2026-37540

OpenAMP v2025.10.0 ELF loader contains an integer overflow vulnerability in firmware image parsing. In elfloader.c, it performs multiplication of two attacker-controlled 16-bit values from the ELF header without overflow checking. On 32-bit embedded systems STM32MP1, Zynq, i.MX, large values can...

PT-2026-36295

Bitwarden CLI 2026.4.0 from 2026-04-22T21:57Z to 2026-04-22T23:30Z, when obtained from npm, had embedded malicious code. This is related to a Checkmarx supply chain incident...

CVE-2026-37540

OpenAMP v2025.10.0 ELF loader contains an integer overflow vulnerability in firmware image parsing. In elfloader.c, it performs multiplication of two attacker-controlled 16-bit values from the ELF header without overflow checking. On 32-bit embedded systems STM32MP1, Zynq, i.MX, large values can...