PT-2026-51259

Name of the Vulnerable Software and Affected Versions Radware Cyber Controller versions prior to 10.11.0 Description An issue exists within the HTML Report Generation component that allows for HTML injection. This flaw can be exploited remotely to inject malicious HTML code into reports...

PT-2026-51258

Name of the Vulnerable Software and Affected Versions kortix-ai suna versions prior to 0.8.39 Description A weakness in the Auth Endpoint component allows for remote cross-site scripting XSS, which is a technique where malicious scripts are injected into trusted websites. The issue exists within...

SUSE CVE-2025-15661

libssh2 through 1.11.1, fixed in commit 2dae302, contains an out-of-bounds heap read vulnerability in the sftpsymlink function in src/sftp.c that allows a malicious SSH server or man-in-the-middle attacker to disclose heap memory contents or cause a crash by sending a crafted SSHFXPNAME response...

kernel: mptcp: fix slab-use-after-free in __inet_lookup_established

A flaw was found in the Linux kernel's Multipath TCP MPTCP implementation. Due to incorrect memory allocation for IPv6 subflow child sockets, a use-after-free vulnerability exists. A remote attacker could exploit this by triggering concurrent lookups in the kernel's hash table, potentially leadin...

PT-2026-51137

Name of the Vulnerable Software and Affected Versions iCagenda versions prior to 4.0.8 Description The iCagenda extension for Joomla contains a flaw in the file attachment feature of its public event submission form. Due to improper restriction of file types, unauthenticated attackers can upload...

EUVD-2026-38087

Improper neutralization of special elements used in a command 'command injection' in Microsoft Copilot allows an unauthorized attacker to perform tampering over a network...

CVE-2008-1092

creationtimestamp| type| source ---|---|--- 2026-06-19 16:45:42+00:00| exploited| https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/b3532d4f-8337-4947-9d70-0ff69b988c66 2026-06-23 14:04:17+00:00| exploited|...

CVE-2013-1904

creationtimestamp| type| source ---|---|--- 2026-06-19 16:45:35+00:00| exploited| https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/2895e391-349d-4351-b274-f75a1d633be7 2026-06-23 14:04:08+00:00| exploited|...

CVE-2021-24217

creationtimestamp| type| source ---|---|--- 2026-06-19 12:48:06+00:00| exploited| https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/b4d293c6-01ac-4be3-99ba-fd4146b800cc 2026-06-23 14:04:02+00:00| exploited|...

Astra Linux – Vulnerability in openjdk-11

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. The supported versions affected by this vulnerability are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1, and 22.0.0.2. This...

Astra Linux – Vulnerability in Chromium

Before version 91.0.4472.164, using "after free" in WebSerial with Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

Astra Linux – Vulnerability in yaml-cpp

The Scanner::EnsureTokensInQueue function in yaml-cpp also known as LibYaml-C++ 0.6.2 allows remote attackers to cause a denial of service stack consumption and application crash through a crafted YAML file...

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in tab groups in Google Chrome prior to version 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

Astra Linux – Vulnerability in binutils

A vulnerability was identified in GNU Binutils 2.45. The affected component is the elfx8664relocatesection function in the file elf64-x86-64.c of the Linker component. This vulnerability causes a heap-based buffer overflow. The attack can only be executed locally. The exploit has been publicly...

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in TabStrip in Google Chrome prior to version 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

Astra Linux – Vulnerability in Thunderbird

In SkRegion.cpp, there is a potential out-of-bounds write due to an integer overflow. This could lead to a local privilege escalation without the need for additional execution privileges. User interaction is not required for exploitation...

Astra Linux – Vulnerability in Chromium

Using “after free” in Fonts in Google Chrome before version 88.0.4324.146 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

Astra Linux – Vulnerability in binutils

A vulnerability has been discovered in GNU Binutils 2.45. The affected element is the function elfswapshdr in the bfd/elfcode.h library of the Linker component. Manipulation of this function leads to a heap-based buffer overflow. This attack must be carried out locally. The exploit has been...

Astra Linux – Vulnerability in edk2

EDK2 is vulnerable to a vulnerability in the CreateHob function, which allows a user to trigger an integer overflow that leads to a buffer overflow through a local network. Successful exploitation of this vulnerability may result in compromises of confidentiality, integrity, and/or availability...

Astra Linux – Vulnerability in Chromium

Integer overflow in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...