CVE-2026-8269 Open5GS SMF smf_nsmf_handle_create_sm_context denial of service

A vulnerability was found in Open5GS up to 2.7.7. Impacted is the function smfnsmfhandlecreatesmcontext of the component SMF. Performing a manipulation results in denial of service. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The project was...

CVE-2026-8268

Open5GS SMF OpenAPI_list_create is affected up to version 2.7.7. The vulnerability enables remote manipulation of OpenAPI_list_create, causing denial of service. Publicly disclosed exploit exists and may be used. The report notes the project was informed early via an issue but has not responded y...

CVE-2026-8268

A vulnerability has been found in Open5GS up to 2.7.7. This issue affects the function OpenAPIlistcreate of the component SMF. Such manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The project was informed ...

CVE-2026-8267 Open5GS SMF smf_nsmf_handle_created_data_in_vsmf denial of service

A flaw has been found in Open5GS up to 2.7.7. This vulnerability affects the function smfnsmfhandlecreateddatainvsmf of the component SMF. This manipulation causes denial of service. The attack may be initiated remotely. The exploit has been published and may be used. The project was informed of...

CVE-2026-8267

A flaw has been found in Open5GS up to 2.7.7. This vulnerability affects the function smfnsmfhandlecreateddatainvsmf of the component SMF. This manipulation causes denial of service. The attack may be initiated remotely. The exploit has been published and may be used. The project was informed of...

CVE-2026-8266 Open5GS SMF gsm-build.c gsm_build_pdu_session_establishment_accept denial of service

A vulnerability was detected in Open5GS up to 2.7.7. This affects the function gsmbuildpdusessionestablishmentaccept of the file /src/smf/gsm-build.c of the component SMF. The manipulation results in denial of service. The attack can be launched remotely. The exploit is now public and may be used...

CVE-2026-8266 Open5GS SMF gsm-build.c gsm_build_pdu_session_establishment_accept denial of service

A vulnerability was detected in Open5GS up to 2.7.7. This affects the function gsmbuildpdusessionestablishmentaccept of the file /src/smf/gsm-build.c of the component SMF. The manipulation results in denial of service. The attack can be launched remotely. The exploit is now public and may be used...

CVE-2026-8261

A vulnerability was determined in Squirrel up to 3.2. This affects the function SQFunctionProto::Load of the file squirrel/sqobject.cpp. This manipulation causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been publicly disclosed and may be utilized. T...

OpenEXR: OpenEXR: Arbitrary code execution and information disclosure via crafted EXR file

A flaw was found in OpenEXR, an image storage format for the motion picture industry. A remote attacker could exploit an integer overflow vulnerability in the internalexrundopiz function by providing a specially crafted EXR file. This flaw leads to out-of-bounds reads and writes, which may allow...

CVE-2026-8261

The CVE-2026-8261 entry concerns Squirrel up to version 3.2. The vulnerability resides in SQFunctionProto::Load within squirrel/sqobject.cpp, causing a heap-based buffer overflow. Attack is restricted to local execution. Public disclosure of the exploit is noted, and the project was informed via ...

Grav 跨站脚本漏洞

Grav is a scalable content management system CMS developed by the Grav open-source community, suitable for use in personal blogs, small content publishing platforms, and single-page product displays. Versions of Grav prior to 2.0.0-beta.2 contained a cross-site scripting vulnerability. This...

PT-2026-39892

Name of the Vulnerable Software and Affected Versions SandboxJS versions prior to 0.9.6 Description Sandbox-defined functions expose the Function.caller property, which allows sandboxed code to recover the internal LispType.Call runtime callback. An attacker can invoke this callback using forged...

PT-2026-39741

A weakness has been identified in aiwaves-cn agents up to e8c4e3c2d19739d3dff59e577d1c97090cc15f59. Affected by this issue is the function recall relevant memories to working memory of the file core/cat/looking glass/stray cat.py of the component cheshire cat core. This manipulation causes resour...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: numpy (UTSA-2026-017404)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017404 advisory. Null Pointer Dereference vulnerability exists in numpy.sort in NumPy and 1.19 in the PyArrayDescrNew function due to missing return-value validation, which allows...

PT-2026-39832

An issue in QuickJS-NG v.0.12.1 allows an attacker to execute arbitrary code via the js mapped arguments mark function...

📄 MATLAB R2024a Code Execution / Information Disclosure

MATLAB R2024a suffers from a remote code execution vulnerability as well as a sandbox escape that allows for information disclosure. ================================================================================================================================== | Title : MATLAB R2024a RCE | |...

PT-2026-39631

Name of the Vulnerable Software and Affected Versions Open5GS versions prior to 2.7.8 Description A weakness in the NRF component allows a remote attacker to cause a denial of service. The issue exists within the ogs nnrf nfm handle nf profile function located in the lib/sbi/nnrf-handler.c file...

Unity Linux 20.1070e Security Update: hdf5 (UTSA-2026-017692)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017692 advisory. An issue was discovered in the HDF HDF5 1.8.20 library. There is a memcpy parameter overlap in the function H5Olinkdecode in H5Olink.c. Tenable has extracted the...

PT-2026-39551

A flaw has been found in Squirrel up to 3.2. Impacted is the function validate format in the library sqstdlib/sqstdstring.cpp. Executing a manipulation can lead to stack-based buffer overflow. The attack can only be executed locally. The exploit has been published and may be used. The project was...

Open5GS 安全漏洞

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for LTE/NR networks. Versions of Open5GS 2.7.7 and earlier contain security vulnerabilities. These vulnerabilities originate from the smfnsmfhandleupdatedatainvsmf function in the...