CVE-2026-21864

Valkey-Bloom is a Rust based Valkey module which brings a Bloom Filter Module data type into the Valkey distributed key-value database. Prior to commit a68614b6e3845777d383b3a513cedcc08b3b7ccd, a specially crafted RESTORE command can cause Valkey to hit an assertion, causes the server to shutdown...

CVE-2025-69253

free5GC is an open-source project for 5th generation 5G mobile core networks. Versions up to and including 1.4.1 of the User Data Repository are affected by Improper Error Handling with Information Exposure. The NEF component reliably leaks internal parsing error details e.g., invalid character '...

EUVD-2026-7455

Astro is a web framework. Prior to version 9.5.4, Server-Side Rendered pages that return an error with a prerendered custom error page eg. 404.astro or 500.astro are vulnerable to SSRF. If the Host: header is changed to an attacker's server, it will be fetched on /500.html and they can redirect...

CVE-2026-21864 Remote DoS from malformed RESTORE command

Valkey-Bloom is a Rust based Valkey module which brings a Bloom Filter Module data type into the Valkey distributed key-value database. Prior to commit a68614b6e3845777d383b3a513cedcc08b3b7ccd, a specially crafted RESTORE command can cause Valkey to hit an assertion, causes the server to shutdown...

CVE-2026-21864 Remote DoS from malformed RESTORE command

Valkey-Bloom is a Rust based Valkey module which brings a Bloom Filter Module data type into the Valkey distributed key-value database. Prior to commit a68614b6e3845777d383b3a513cedcc08b3b7ccd, a specially crafted RESTORE command can cause Valkey to hit an assertion, causes the server to shutdown...

CVE-2026-27643 free5GC has improper error handling in NEF with information exposure

free5GC UDR is the user data repository UDR for free5GC, an an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.1, the NEF component reliably leaks internal parsing error details e.g., invalid character 'n' after top-level value to remote clients...

CVE-2026-27643

free5GC UDR is the user data repository UDR for free5GC, an an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.1, the NEF component reliably leaks internal parsing error details e.g., invalid character 'n' after top-level value to remote clients...

CVE-2026-27643

CVE-2026-27643 affects free5GC UDR, where the NEF component in versions up to and including 1.4.1 leaks internal parsing error details to remote clients, aiding service fingerprinting. All deployments using the Nnef_PfdManagement service may be affected. A patch is available in free5gc/udr PR #56...

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure in the NnefPfdManagement process. An attacker can obtain internal parsing error details by sending crafted requests that trigger error conditions, which may allow them to fingerprint server software and logic flows...

CVE-2026-27642 free5GC has Improper Input Validation in UDM UEAU Service

free5gc UDM provides Unified Data Management UDM for free5GC, an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.1, remote attackers can inject control characters e.g., %00 into the supi parameter, triggering internal URL parsing errors net/url:...

CVE-2026-27642

In free5GC UDM (Nudm_UEAU), versions up to 1.4.1 are affected. Remote attackers can inject control characters (for example, %00) into the supi parameter, triggering net/url parsing errors and exposing system‑level error details, enabling service fingerprinting. A fix is available via free5gc/udm ...

CVE-2025-69251

free5gc UDM provides Unified Data Management UDM for free5GC, an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.1, remote attackers can inject control characters e.g., %00 into the ueId parameter, triggering internal URL parsing errors net/url:...

EUVD-2025-207565

free5GC is an open-source project for 5th generation 5G mobile core networks. Versions up to and including 1.4.1 of the User Data Repository are affected by Improper Error Handling with Information Exposure. The NEF component reliably leaks internal parsing error details e.g., invalid character '...

CVE-2025-69253 free5GC vulnerable to improper error handling in NEF with information exposure

free5GC is an open-source project for 5th generation 5G mobile core networks. Versions up to and including 1.4.1 of the User Data Repository are affected by Improper Error Handling with Information Exposure. The NEF component reliably leaks internal parsing error details e.g., invalid character '...

CVE-2025-69253 free5GC vulnerable to improper error handling in NEF with information exposure

free5GC is an open-source project for 5th generation 5G mobile core networks. Versions up to and including 1.4.1 of the User Data Repository are affected by Improper Error Handling with Information Exposure. The NEF component reliably leaks internal parsing error details e.g., invalid character '...

ImageMagick 代码注入漏洞

ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It can read, convert, and write images in various formats. Versions of ImageMagick prior to 7.1.2-15 and 6.9.13-40 contained a code injection vulnerability. This vulnerability stemmed from the ps...

Guest Initiated Machine Check Errors

Summary AMD received a report from the security team at Amazon Web Services AWS indicating that it may be possible for guest VMs to cause a crash of a host system. By flooding the host system with a large number of malformed System Management Interrupts SMIs, it may be possible for a guest VM to...

Mozilla Firefox和Mozilla Thunderbird 代码问题漏洞

Mozilla Firefox and Mozilla Thunderbird are both products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla Application Suite. This software supports IMAP and POP email...

PT-2026-21584

Valkey-Bloom is a Rust based Valkey module which brings a Bloom Filter Module data type into the Valkey distributed key-value database. Prior to commit a68614b6e3845777d383b3a513cedcc08b3b7ccd, a specially crafted RESTORE command can cause Valkey to hit an assertion, causes the server to shutdown...

PT-2026-21592

Name of the Vulnerable Software and Affected Versions free5gc UDM versions up to and including 1.4.1 Description free5gc UDM provides Unified Data Management for free5GC, an open-source 5G mobile core network project. Remote attackers can inject control characters, such as %00, into the supi...