RUSTSEC-2026-0132 Potential out-of-bounds write via public `Context` fields

The Context struct has all fields public pub dlen, pub digest, etc.. Code from other modules within the same crate can directly modify dlen to a value exceeding the digest vector length. When reset is subsequently called, self.digestself.dlen as usize = 0 becomes an out-of-bounds write. Withdrawa...

Potential out-of-bounds write via public `Context` fields

The Context struct has all fields public pub dlen, pub digest, etc.. Code from other modules within the same crate can directly modify dlen to a value exceeding the digest vector length. When reset is subsequently called, self.digestself.dlen as usize = 0 becomes an out-of-bounds write. Withdrawa...

RUSTSEC-2026-0127 Integer overflow in `array::ReadWrite::new()` leading to potential memory corruption

In array::ReadWrite::new line 83 of accessor/src/array.rs, let bytes = mem::sizeof:: len can overflow usize when len is very large. In release mode, this silently wraps, potentially making bytes = 0. The mapper then maps with 0 bytes, and subsequent accesses e.g. readvolatileat lead to undefined...

Integer overflow in `array::ReadWrite::new()` leading to potential memory corruption

In array::ReadWrite::new line 83 of accessor/src/array.rs, let bytes = mem::sizeof:: len can overflow usize when len is very large. In release mode, this silently wraps, potentially making bytes = 0. The mapper then maps with 0 bytes, and subsequent accesses e.g. readvolatileat lead to undefined...

net/packet: fix TOCTOU race on mmap'd vnet_hdr in tpacket_snd()

...

CVE-2026-7605

A security flaw has been discovered in JeecgBoot up to 3.9.1. This vulnerability affects the function CommonController.uploadImgByHttp/HttpFileToMultipartFileUtil.httpFileToMultipartFile/HttpFileToMultipartFileUtil.downloadImageData of the file CommonController.java of the component...

SUSE CVE-2026-31696

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix missing validation of ticket length in non-XDR key preparsing In rxrpcpreparse, there are two paths for parsing key payloads: the XDR path for large payloads and the non-XDR path for payloads = 28 bytes. While the XDR...

sglang 注入漏洞

SGLang is a programming language and runtime system developed by SGL-project, aimed at accelerating large model inference. Versions of SGLang 0.5.9 and earlier contained a injection vulnerability. This vulnerability stemmed from the operation of the gettokenizer function in the...

PT-2026-36641

Name of the Vulnerable Software and Affected Versions CodeWise Tornet Scooter Mobile App version 4.75 Description An issue exists in an unknown function within the /TwoFactor file that results in improper restriction of excessive authentication attempts. This allows a remote attacker to perform a...

PT-2026-36601

Name of the Vulnerable Software and Affected Versions TRENDnet TEW-821DAP versions prior to 1.12B01 Description A flaw in the Firmware Update component allows remote OS command injection. The issue exists within the tools diagnostic function located in the /tmp/diagnostic file. This allows a remo...

WordPress plugin PixelYourSite Pro 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

NextChat 安全漏洞

NextChat is an open-source project developed by NextChat for quickly deploying private ChatGPT web applications. Versions of NextChat 2.16.1 and earlier contained a security vulnerability. This vulnerability stemmed from the improper authorization in the addMcpServer function within the...

PT-2026-36627

A vulnerability was found in ruvnet sublinear-time-solver 1.5.0. Affected by this vulnerability is the function export state of the file src/consciousness-explorer/mcp/server.js of the component MCP Interface. The manipulation results in path traversal. The attack can be executed remotely. The...

TRENDnet TEW-821DAP 命令注入漏洞

TRENDnet TEW-821DAP is a wireless access point from the company TRENDnet. Versions of TRENDnet TEW-821DAP prior to 1.12B01 contained a command injection vulnerability. This vulnerability stemmed from improper operation of the toolsdiagnostic function, which could lead to OS command injections...

PT-2026-36639

Name of the Vulnerable Software and Affected Versions sgl-project SGLang versions prior to 0.6.0 Description A code injection issue exists in the HuggingFace Transformer Handler within the get tokenizer function of the python/sglang/srt/utils/hf transformers utils.py file. When a caller sets the...

Open5GS 安全漏洞

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for LTE/NR networks. Versions of Open5GS 2.7.6 and earlier contain security vulnerabilities. These vulnerabilities stem from improper handling of parameters regtype by unknown functions in...

PT-2026-36603

Name of the Vulnerable Software and Affected Versions TRENDnet TEW-821DAP versions prior to 1.12B01 Description An issue exists in the Firmware Update Handler component within the cameo dev.sh file. Specifically, the platform do upgrade cameo dev function fails to sufficiently verify data...

CVE-2026-7596

A vulnerability has been found in nextlevelbuilder ui-ux-pro-max-skill up to 2.5.0. Affected by this issue is the function data.get of the file .claude/skills/design-system/scripts/generate-slide.py of the component Slide Generator. Such manipulation leads to cross site scripting. The attack may ...

CVE-2026-7596 nextlevelbuilder ui-ux-pro-max-skill Slide Generator generate-slide.py data.get cross site scripting

A vulnerability has been found in nextlevelbuilder ui-ux-pro-max-skill up to 2.5.0. Affected by this issue is the function data.get of the file .claude/skills/design-system/scripts/generate-slide.py of the component Slide Generator. Such manipulation leads to cross site scripting. The attack may ...

CVE-2026-7501

A weakness has been identified in LinkStackOrg LinkStack up to 4.8.6. Impacted is the function editPage of the file app/Http/Controllers/UserController.php. Executing a manipulation of the argument pageDescription can lead to cross site scripting. It is possible to launch the attack remotely. The...