PT-2026-50468

picklescan before 1.0.1 contains an unsafe deserialization vulnerability allowing unauthenticated users to execute arbitrary code by hiding eval calls nested under callable objects via getattr. Attackers can embed malicious code in pickle files that evades detection but executes when the pickle i...

CVE-2026-36418

JimuReport versions 2.3.4 and below are vulnerable to remote code execution due to improper handling of Aviator expressions. The /jmreport/executeSelectApi endpoint passes user-supplied input directly to the Aviator expression engine without adequate validation allowing attackers to execute...

PT-2026-50440

Name of the Vulnerable Software and Affected Versions Python StateMachine versions 3.0.0 through 3.1.x Description An issue exists where the library evaluates expressions from SCXML documents unsafely. The SCXMLProcessor passes attacker-controlled expression strings from attributes through a call...

CVE-2025-26240

The CVE-2025-26240 entry affects JazzCore’s python-pdfkit 1.0.0, where the from_string method allows JavaScript to execute within the server context and enables exfiltration of local files. This indicates a server-side execution vector with high impact on confidentiality, integrity, and availabil...

PT-2026-50439

Name of the Vulnerable Software and Affected Versions NGINX Open Source versions 1.31.0 through 1.31.1 Description A use-after-free flaw exists in the ngx http v3 module module when the software is configured to use the HTTP/3 QUIC module. A remote unauthenticated attacker can use a specially...

PT-2026-50438

NGINX Plus and NGINX Open Source have a vulnerability in the ngx http proxy v2 module and ngx http grpc module modules. This vulnerability exists when the proxy http version to 2 or grpc pass directives are used to proxy HTTP/2 traffic, the ignore invalid headers directive is set to off, and the...

CVE-2026-36418

The CVE concerns JimuReport versions ≤ 2.3.4, where remote code execution is possible via the /jmreport/executeSelectApi endpoint due to inadequate validation of user input passed to the Aviator expression engine. This is caused by improper handling of Aviator expressions, allowing arbitrary code...

PT-2026-50607

Name of the Vulnerable Software and Affected Versions Drupal core affected versions not specified Description Drupal core contains a gadget chain, which is a sequence of existing code fragments that can be leveraged during the deserialization of untrusted data. While this issue is not directly...

PT-2026-50197

Heap buffer overflow in WebRTC in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

PT-2026-50193

Use after free in Web Authentication in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

PT-2026-50192

Use after free in Passwords in Google Chrome on Android prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

PT-2026-50216

Heap buffer overflow in WebRTC in Google Chrome on Windows prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

Bosch Security Systems IP Cameras Remote Code Execution (CVE-2018-19036)

An issue was discovered in several Bosch IP cameras running firmware 6.32 and higher. A malicious client could potentially succeed in the unauthorized execution of code on the device via the network interface. This plugin only works with Tenable.ot. Please visit...

PT-2026-50502

Name of the Vulnerable Software and Affected Versions Splunk AI Toolkit versions prior to 5.7.4 Description A user with the "admin" Splunk role can execute arbitrary OS commands on the host running the Splunk Enterprise instance. This is caused by an unsafe shell execution pattern in the btool...

Malicious code in vite-config-field (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e5dabbc9cf746e153391fbe76f4dc54f9bccb9f7fd467d5b80d07c84ab1fb58 [email protected] impersonates the legitimate vite-plugin-pwa package README copies its banner/badges, funding field points at antfu's GitHub...

MAL-2026-5936 Malicious code in vite-config-field (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e5dabbc9cf746e153391fbe76f4dc54f9bccb9f7fd467d5b80d07c84ab1fb58 [email protected] impersonates the legitimate vite-plugin-pwa package README copies its banner/badges, funding field points at antfu's GitHub...

EUVD-2026-37201

In ServerCo getssl version 2.49 and prior, the ACME challenge token returned to the client was not strictly validated against RFC 8555 before being used in challenge-file handling, allowing a maliciously crafted token to influence local path/filename usage during validation. An attacker who can...

EUVD-2026-37195

In ParsePayloads of AudioSdpParser.cpp, there is a possible memory corruption due to type confusion. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

EUVD-2026-37196

In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

EUVD-2026-37193

In TextRtpPayloadDecoderNode::DecodeT140 of TextRtpPayloadDecoderNode.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...