CVE-2026-10847

CVE-2026-10847 is a local privilege escalation affecting Check Point Identity Agent Full for Windows OS. An authenticated local user may gain SYSTEM privileges by exploiting improper handling of executable resolution during log collection. The documented impact is elevated privileges on the affec...

CVE-2025-58468

A cross-site request forgery CSRF vulnerability has been reported to affect Notification Center. The remote attackers can then exploit the vulnerability to gain privileges or hijack user identities. We have already fixed the vulnerability in the following version: Notification Center 1.10.0.3291...

CVE-2025-58468 Notification Center

A cross-site request forgery CSRF vulnerability has been reported to affect Notification Center. The remote attackers can then exploit the vulnerability to gain privileges or hijack user identities. We have already fixed the vulnerability in the following version: Notification Center 1.10.0.3291...

Microsoft Office Click-To-Run Elevation of Privilege Vulnerability

Use after free in Microsoft Office Click-To-Run allows an authorized attacker to elevate privileges locally...

CVE-2026-46319 net/sched: act_ct: Only release RCU read lock after ct_ft

In the Linux kernel, the following vulnerability has been resolved: net/sched: actct: Only release RCU read lock after ctft When looking up a flow table in actct in tcfctflowtableget, rhashtablelookupfast internally opens and closes an RCU read critical section before returning ctft. The...

EUVD-2026-35354

An authorization bypass through user-controlled key vulnerability has been reported to affect QuMagie. The remote attackers can then exploit the vulnerability to gain unintended privileges. We have already fixed the vulnerability in the following version: QuMagie 2.9.1 and later...

CVE-2026-36175

An issue in the U-Boot component of GNCC GP5 v7.1.76 allows physically-proximate attackers to bypass authentication and gain root access via interrupting the boot sequence and injecting a crafted string into the kernel boot arguments...

CVE-2026-11295

Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform privilege escalation via a crafted HTML page. Chromium security severity: Low...

China-Linked TA4922 Expands Phishing Attacks to U.K., Germany, Italy, and South Africa

A new China-linked cybercrime group known as TA4922 has expanded its targeting focus to target European organizations in the U.K., Germany, Italy, and South Africa. These efforts have been complemented by a "rapid operational tempo" and a continually evolving malware arsenal comprising known...

SUSE CVE-2026-46239

In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5647: Fix runtime PM refcount leak in sctrl Three control cases AUTOGAIN, EXPOSUREAUTO, ANALOGUEGAIN directly return without calling pmruntimeput, causing runtime PM reference count leaks. Change these cases from...

CVE-2026-46239

In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5647: Fix runtime PM refcount leak in sctrl Three control cases AUTOGAIN, EXPOSUREAUTO, ANALOGUEGAIN directly return without calling pmruntimeput, causing runtime PM reference count leaks. Change these cases from...

UBUNTU-CVE-2026-46239

In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5647: Fix runtime PM refcount leak in sctrl Three control cases AUTOGAIN, EXPOSUREAUTO, ANALOGUEGAIN directly return without calling pmruntimeput, causing runtime PM reference count leaks. Change these cases from...

CVE-2026-46239 media: i2c: ov5647: Fix runtime PM refcount leak in s_ctrl

In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5647: Fix runtime PM refcount leak in sctrl Three control cases AUTOGAIN, EXPOSUREAUTO, ANALOGUEGAIN directly return without calling pmruntimeput, causing runtime PM reference count leaks. Change these cases from...

CVE-2025-43306

A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. A malicious app may be able to gain root privileges...

SUSE CVE-2015-2667

Untrusted search path vulnerability in GNS3 1.2.3 allows local users to gain privileges via a Trojan horse uuid.dll in an unspecified directory...

CVE-2026-44059 Non-reentrant privilege toggle

A race condition in the privilege toggle mechanism in Netatalk 2.2.5 through 4.4.2 allows a local attacker to obtain limited information, modify limited data, or cause a minor service disruption...

Astra Linux - уязвимость в linux

A memory-bound write flaw 1 or 2 bytes of memory was identified in the Linux kernel’s NFS subsystem, related to the way users use mirroring replication of files via NFS. A user with access to the NFS mount could potentially exploit this flaw to crash the system or escalate privileges on the syste...

kernel: crypto: algif_aead - Revert to operating out-of-place

A flaw was found in the Linux kernel's algifaead cryptographic algorithm interface. An incorrect in-place operation causes source and destination data mappings to differ during cryptographic processing. A low-privileged local attacker can exploit this flaw to corrupt the contents of sensitive...

Explainable Machine Learning for Phishing Detection on Heterogeneous Datasets with MCP-Enabled Deployment

With the growth in digital transformation and Internet usage, the Social Engineering techniques such as Phishing have become a major concern for the users and the organizations. Phishing attacks involve deceptive techniques to trick users into revealing confidential information that causes...

CVE-2026-33377

An Editor can overwrite a dashboard not owned by them to acquire admin on that specific dashboard. The user must have write access to the dashboard to escalate privilege...