EUVD-2026-38005

In JetBrains GoLand before 2026.1.3 remote code execution was possible via untrusted project configuration...

EUVD-2026-37784

libssh2 through 1.11.1, fixed in commit 7acf3df contains an out-of-bounds write vulnerability in ssh2transportread that fails to enforce upper bounds on packetlength field. Remote attackers can send crafted SSH packets with excessively large packetlength values to corrupt heap memory and achieve...

EUVD-2026-37640

Subscriber Broken Authentication in Melhor Envio = 2.16.3 versions...

EUVD-2026-37110

Denial-of-service in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

EUVD-2026-36961

Contributor PHP Object Injection in Events Calendar for GeoDirectory = 2.3.25 versions...

EUVD-2026-36743

remotion-dev remotion v4.0.409 was discovered to contain a remote code execution RCE vulnerability...

EUVD-2026-36388

Vulnerability Title...

EUVD-2026-35972

A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS...

EUVD-2026-35868

A vulnerability allowing remote code execution RCE on the Backup Server by an authenticated domain user...

EUVD-2026-35726

Windows Kerberos Denial of Service Vulnerability...

EUVD-2026-35363

DoS vulnerability in the log service. Impact: Successful exploitation of this vulnerability may affect availability...

EUVD-2025-26377

Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft OctoCloud allows Authentication Bypass. This issue affects OctoCloud: from s1.09.03 before v1.11.01...

EUVD-2026-34738

Insufficient policy enforcement in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. Chromium security severity: Low...

EUVD-2026-34647

Inappropriate implementation in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

EUVD-2026-34599

Uninitialized Use in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

EUVD-2026-34080

A remote attacker with user privileges can exploit a stack buffer overflow in dali-devconfig to gain full system access as root...

EUVD-2026-34079

A remote attacker with user privileges can exploit a stack buffer overflow to gain full system access as root...

EUVD-2021-34844

Dräger CC-Vision Basic before 7.5.3 and Dräger CC-Vision E-Cal before 7.2.5.0 contain an out-of-bounds write vulnerability when loading .gdt files. A crafted .gdt file can trigger a buffer overflow during file parsing, allowing an attacker to crash the application or execute malicious code on the...

EUVD-2025-210041

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Axiomthemes Racquet allows PHP Local File Inclusion. This issue affects Racquet: from n/a through 1.12.0...

EUVD-2025-210019

Memory Corruption when running a memory copy operation due to invalid writes caused by a null pointer...