CVE-2026-31587

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: q6apm: move component registration to unmanaged version q6apm component registers dais dynamically from ASoC toplology, which are allocated using device managed version apis. Allocating both component and dynamic dais...

Yelp: I.D.O.R To Order,Book,Buy,reserve On YELP FOR FREE (UNAUTHORIZED USE OF OTHER USER'S CREDIT CARD)

@hk755a found an Insecure Direct Object Reference IDOR Vulnerability that allowed an attacker to pay with someone else's registered credit card, while ordering food with Grubhub through the /checkout/transactionplatform endpoint. No credit card information was disclosed as a result of this...