EUVD-2026-37023

Improper input validation in the SSH Elevate Shell feature in Devolutions Remote Desktop Manager 2026.2.7 allows an authenticated user with permission to create or modify a shared SSH entry to execute arbitrary commands on a remote SSH host using stored elevation credentials via a crafted alterna...

CVE-2026-12161

Improper input validation in the SSH Elevate Shell feature in Devolutions Remote Desktop Manager 2026.2.7 allows an authenticated user with permission to create or modify a shared SSH entry to execute arbitrary commands on a remote SSH host using stored elevation credentials via a crafted alterna...

GHSA-8988-4F7V-96QF OpenTelemetry Core: Unbounded memory allocation in W3C Baggage propagation

Overview W3CBaggagePropagator.extract in @opentelemetry/core does not enforce size limits when parsing inbound baggage HTTP headers. The W3C Baggage specification recommends a maximum of 8,192 bytes and 180 entries; these limits were only enforced on the outbound inject path, not on the inbound...

MINI-HHPG-P4RH-74MW

Bulletin has no description...

MINI-582H-7HWW-C24F

Bulletin has no description...

MINI-CJM8-FW67-GGGV

Bulletin has no description...

MINI-V94P-8FG4-X4HW

Bulletin has no description...

MINI-QGRP-W2HF-XCVM

Bulletin has no description...

Leak in WASIp1 `fd_renumber` implementation

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-3p27-qvp9-27qf For more information see the GitHub-hosted security advisory...

ECHO-06DE-5A0F-CC51

Bulletin has no description...

ROOT-OS-UBUNTU-2204-CVE-2026-43116 CVE-2026-43116 in rootio-linux - Patched by Root

Root has patched CVE-2026-43116 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...

ROS-20260615-73-0040

The vulnerability of the resizevbarentry function in the RDP client FreeRDP is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

ROS-20260615-73-0042

The vulnerability of the persistentcachereadentryv3 function in the RDP client FreeRDP is related to buffer overflow in dynamic memory. Exploiting this vulnerability could allow an attacker to compromise the integrity and accessibility of protected information...

PT-2026-49598

Overview W3CBaggagePropagator.extract in @opentelemetry/core does not enforce size limits when parsing inbound baggage HTTP headers. The W3C Baggage specification recommends a maximum of 8,192 bytes and 180 entries; these limits were only enforced on the outbound inject path, not on the inbound...

MINI-48CG-FVM3-7R99

Bulletin has no description...

MINI-9GG8-Q9VH-RRJX

Bulletin has no description...

MINI-HP3R-MHMP-CM9R

Bulletin has no description...

Exploit for CVE-2022-30190

Explotación de Follina CVE-2022-30190 Follina CVE-2022-3...

Malicious code in npx-whoami-demo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0971bcb88de070f17d932feff04cd6e66ecc825f606b412414457a3afb4ad174 The package's only code file index.js, also registered as the package's bin entry unconditionally executes require'childprocess'.execSync"bash -c...

MINI-8Q9P-2HVP-H85W

Bulletin has no description...