591501 matches found
CVE-2026-12161
Improper input validation in the SSH Elevate Shell feature in Devolutions Remote Desktop Manager 2026.2.7 allows an authenticated user with permission to create or modify a shared SSH entry to execute arbitrary commands on a remote SSH host using stored elevation credentials via a crafted alterna...
PT-2026-49612
Incorrect default permissions issue exists in Optical Disc Archive Software for Windows 5.5.3 and earlier. If this vulnerability is exploited, arbitrary code may be executed with SYSTEM privileges...
PT-2026-49696
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 152 Firefox ESR versions prior to 140.12 Thunderbird versions prior to 152 Thunderbird ESR versions prior to 140.12 Description Memory safety bugs involving memory corruption may allow the execution of arbitrary code...
PT-2026-49805
In mfc core nal q get dec metadata sei nal of mfc core nal q.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...
PT-2026-49750
Name of the Vulnerable Software and Affected Versions stable-diffusion.cpp versions prior to master-584-0a7ae07 Description A heap buffer overflow exists in the SHORT BINUNICODE parsing for PyTorch checkpoint files within the pickle .ckpt parser in src/model.cpp. The issue stems from sign confusi...
PT-2026-49719
Name of the Vulnerable Software and Affected Versions Dell Peripheral Manager versions 1.5.1 through 1.7.2 Description An uncontrolled search path element issue allows an attacker to potentially execute arbitrary code by preloading a malicious executable. Recommendations At the moment, there is n...
PT-2026-49785
Name of the Vulnerable Software and Affected Versions WC-Radio affected versions not specified Description A missing bounds check in WC-Radio allows for an out-of-bounds write, which is a memory corruption occurance where data is written outside the intended buffer. This can lead to remote code...
PT-2026-49817
In TextRtpPayloadDecoderNode::DecodeT140 of TextRtpPayloadDecoderNode.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...
PT-2026-49809
Name of the Vulnerable Software and Affected Versions The product name cannot be determined. affected versions not specified Description An integer overflow in the IntfGraphCreate function within intfgraph.c can lead to an out-of-bounds write. This condition allows for remote code execution witho...
PT-2026-49818
Name of the Vulnerable Software and Affected Versions Google Android affected versions not specified Description An integer overflow in the numberOfReportBlocks of RtpSession.cpp can lead to an out-of-bounds write. This issue allows for remote escalation of privilege without requiring user...
PT-2026-49812
Name of the Vulnerable Software and Affected Versions Google Android affected versions not specified Description A memory corruption issue in the Modem component can be triggered during a SIP REFER request. This flaw allows for remote code execution without requiring additional execution privileg...
PT-2026-50140
Name of the Vulnerable Software and Affected Versions vLLM versions prior to 0.22.0 Description An assert-based security check in the activation function loading process allows an unauthenticated attacker to achieve arbitrary code execution on the server. This occurs when vLLM is run in Python...
PT-2026-50150
Name of the Vulnerable Software and Affected Versions n8n versions prior to 1.123.48 n8n versions prior to 2.21.8 n8n versions prior to 2.22.4 Description An authenticated user with permissions to create or modify workflows containing a Python Code Node can escape the sandbox to achieve arbitrary...
PT-2026-49755
Name of the Vulnerable Software and Affected Versions LangGraph SQLite Checkpoint versions prior to 4.1.1 Description The JsonPlusSerializer can reconstruct Python objects from JSON checkpoint payloads. If an unauthorized party modifies checkpoint bytes at rest in the backing store, the...
PT-2026-49770
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.5.12 Description An argument pattern validation bypass exists in the exec allowlist on Linux and macOS systems. When tools.exec.security is set to allowlist, the system skips argPattern checks and treats a...
PT-2026-50174
Name of the Vulnerable Software and Affected Versions n8n versions prior to 2.25.7 n8n versions prior to 2.26.2 Description The MicrosoftAgent365Trigger and StripeTrigger nodes fail to validate inbound requests. This allows an unauthenticated attacker with knowledge of the webhook URL to submit a...
PT-2026-49759
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.5.2 Description An environment variable injection exists where workspace .env files can influence the Python runtime selection during Gmail setup gcloud execution. Attackers with repository access can manipulate...
PT-2026-49778
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.5.6 Description The macOS Swift exec feature contains an allowlist bypass. The issue occurs because the system fails to account for combined POSIX inline-command flags, which are shorthand ways of grouping...
PT-2026-49804
In mfc core get dec metadata sei nal of mfc core reg api.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...
PT-2026-49725
Name of the Vulnerable Software and Affected Versions NVIDIA NeMo Framework affected versions not specified Description NVIDIA NeMo Framework contains a code injection flaw. A successful exploit could lead to arbitrary code execution, escalation of privileges, information disclosure, and data...