CVE-2026-31703 writeback: Fix use after free in inode_switch_wbs_work_fn()

In the Linux kernel, the following vulnerability has been resolved: writeback: Fix use after free in inodeswitchwbsworkfn inodeswitchwbsworkfn has a loop like: wbgetnewwb; while 1 list = llistdelall&newwb-switchwbsctxs; / Nothing to do? / if !list break; ... process the items ... Now adding of...

EUVD-2026-26501

A security vulnerability has been detected in alexta69 MeTube up to 2026.04.09. This affects the function onprepare of the file app/main.py of the component CORS Policy. The manipulation leads to permissive cross-domain policy with untrusted domains. The attack is possible to be carried out...

CVE-2026-7581

A security vulnerability has been detected in alexta69 MeTube up to 2026.04.09. This affects the function onprepare of the file app/main.py of the component CORS Policy. The manipulation leads to permissive cross-domain policy with untrusted domains. The attack is possible to be carried out...

CVE-2026-7580

A vulnerability was detected in Exiftool up to 13.53. Impacted is the function Processmrld of the file lib/Image/ExifTool/GM.pm of the component JPEG/QuickTime/MOV/MP4. The manipulation of the argument -ee results in code injection. Attacking locally is a requirement. Upgrading to version 13.54 i...

Exploit for Missing Authentication for Critical Function in Cpanel

No d...

EUVD-2026-26495

A weakness has been identified in MacCMS Pro up to 2022.1.3. This vulnerability affects the function install of the file /admi.php/admin/addon/add.html of the component Plugin Installation Handler. Executing a manipulation can lead to unrestricted upload. The attack may be performed from remote...

BIT-POSTGRESQL-JDBC-DRIVER-2026-42198 pgjdbc: Unbounded PBKDF2 iterations in SCRAM authentication allows CPU exhaustion DoS

pgjdbc is an open source postgresql JDBC Driver. From version 42.2.0 to before version 42.7.11, pgjdbc is vulnerable to a client-side denial of service during SCRAM-SHA-256 authentication. A malicious server can instruct the driver to perform SCRAM authentication with a very large iteration count...

EUVD-2026-26475

A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts an unknown function of the file /ajax.php?action=deletecustomer. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been...

Exploit for Missing Authentication for Critical Function in Cpanel

CVE-2026-41940 A security research tool for detecting and anal...

CVE-2026-37538

Buffer overflow vulnerability in socketcand 0.4.2 in file socketcand.c in function main allows attackers to cause a denial of service or other unspecified impacts via crafted busname...

CVE-2026-30363

Technical details are not publicly available in the provided documents. Monitor for updates.

EUVD-2026-26675

SQL injection vulnerability in MixPHP Framework 2.x thru 2.2.17 via crafted data array to the data function in BuildHelper.php...

socketcand 安全漏洞

socketcand is a CAN bus network service daemon from the personal developer Jan-Niklas Meier. A security vulnerability exists in socketcand version 0.4.2, which stems from a buffer overflow in the main function in the socketcand.c file, allowing an attacker to cause a denial of service or other...

PT-2026-36492

Name of the Vulnerable Software and Affected Versions MixPHP Framework versions 2.x through 2.2.17 Description SQL injection allows an attacker to interfere with the queries that an application makes to its database. This issue occurs via a crafted on array passed to the joinOn function within...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an error in the checking of packet pointers by the regsafe function in bpf, which could result in valid pack...

PT-2026-36491

SQL injection vulnerability in MixPHP Framework 2.x thru 2.2.17 via crafted data array to the data function in BuildHelper.php...

PT-2026-36290

A vulnerability was determined in Open5GS up to 2.7.7. This vulnerability affects the function bsf sess add by ip address of the file /nbsf-management/v1/pcfBindings of the component BSF. Executing a manipulation of the argument ipv4Addr can lead to denial of service. The attack can be launched...

Flipper Zero Firmware 安全漏洞

Flipper Zero Firmware is an open source firmware update and development tool for multifunctional devices from Flipper Devices. A security vulnerability exists in the Flipper Zero Firmware commit ad2a80 version, which originates from a stack overflow in the Main function...

PT-2026-36374

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The tegra crypto driver fails to set the CRYPTO ALG ASYNC flag on its asynchronous algorithms. This causes the crypto API to incorrectly select these algorithms for users requesting only...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the improper memory release in the fscryptsetupfilename function within f2fsrename. This could le...