CVE-2026-39951

CVE-2026-39951 affects Cacti versions 1.2.30 and earlier, exposing a Stored SQL Injection through graph_name_regexp in the Reports feature. The vulnerability is fixed in version 1.2.31. Public references confirm the issue and include a fix commit and security advisory link. No exploitation detail...

CVE-2026-39948

Cacti

CVE-2026-39955

CVE-2026-39955 affects Cacti up to version 1.2.30, with a pre-authentication SQL injection caused by an unanchored FILTER_VALIDATE_REGEXP in graph_view.php. The issue is fixed in version 1.2.31. Impact centers on unauthorized access to potentially sensitive data before authentication; exploitatio...

Advantech R-SeeNet - Cross-Site Scripting

Advantech R-SeeNet contains a cross-site scripting vulnerability in the devicegraphpage.php script via the graph parameter. A specially crafted URL by an attacker can lead to arbitrary JavaScript code execution. id: CVE-2021-21801 info: name: Advantech R-SeeNet - Cross-Site Scripting author: gy74...

CVE-2026-48506 MessagePack-CSharp: MessagePackReader.Skip can recurse without enforcing maximum object graph depth

MessagePack for C is a MessagePack serializer for C. Prior to 2.5.301 and 3.1.7, MessagePackReader.TrySkip recursively descends into nested arrays and maps without incrementing the reader depth or calling the configured depth checks. This bypasses MessagePackSecurity.MaximumObjectGraphDepth, the...

EUVD-2026-38388

MessagePack for C is a MessagePack serializer for C. Prior to 2.5.301 and 3.1.7, MessagePackReader.TrySkip recursively descends into nested arrays and maps without incrementing the reader depth or calling the configured depth checks. This bypasses MessagePackSecurity.MaximumObjectGraphDepth, the...

CVE-2026-48506

The CVE-2026-48506 entry concerns MessagePack-CSharp: MessagePackReader.TrySkip() can recurse without incrementing depth checks, bypassing MaximumObjectGraphDepth and risking unbounded recursion leading to StackOverflow. Affected: MessagePack-CSharp (reader Skip usage in nested arrays/maps). Root...

CVE-2026-48513

MessagePack for C is a MessagePack serializer for C. Prior to 2.5.301 and 3.1.7, runtime-generated union deserializers emitted by DynamicUnionResolver do not call MessagePackSecurity.DepthStepref reader and do not decrement reader.Depth around recursive deserialization and skip paths. This means...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: audio-graph-card: fixed the refcount leak of cpuep in graphforeachlink. ofgetnextchild returns a node with its refcount incremented, and decrements the refcount of the previous node. Therefore, in the error-prone part of th...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ASoc: audio-graph-card2 – Fixed a refcount leak issue in graphgettype. We should call ofnodeput for the reference before its replacement, since the reference was returned by ofgetparent, which increased the refcount. Additionally...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Device property: Fixed the node refcount leak in fwnodegraphgetnextendpoint. The “parent” returned by fwnodegraphgetportparent has its refcount incremented when ‘prev’ is not NULL. This variable needs to be set after using it...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: eventpoll: Fixed semi-unbounded recursion. Ensured that epoll instances never form a graph with more than EPMAXNESTS+1 links. Currently, eploopcheckproc ensures that the graph is free of loops and performs some recursion depth...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: simple-card-utils: Fixed the pointer check in graphutilParseLinkDirectionation. Now, it checks whether the passed pointers are valid before writing to them. This also fixes a USBAN warning: UBSAN: Invalid-load in...

PT-2026-50547

Today I received a public security credit for a vulnerability I responsibly disclosed: CVE-2026-54683 – Improper authorization in NL Portal The vulnerability allowed any authenticated portal user to download documents belonging to other users when they had access to a valid document identifier. A...

CVE-2026-0150

In ExecuteGraph command handler of EdgeTPU firmware, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with root privileges needed. User interaction is not needed for exploitation...

CVE-2026-0150

CVE-2026-0150 affects EdgeTPU firmware, specifically the ExecuteGraph command handler. The issue is a possible out-of-bounds write caused by an integer overflow, enabling local escalation of privilege with root privileges required. Exploitation does not require user interaction. The available con...

CVE-2026-0150

In ExecuteGraph command handler of EdgeTPU firmware, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with root privileges needed. User interaction is not needed for exploitation...

CVE-2026-47248

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.78 and 9.9.1-alpha.2, Parse Server's GraphQL endpoint discloses schema metadata to unauthenticated callers through Did you mean ...? suggestions embedded in GraphQL...

EUVD-2026-36534

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.78 and 9.9.1-alpha.2, Parse Server's GraphQL endpoint discloses schema metadata to unauthenticated callers through Did you mean ...? suggestions embedded in GraphQL...

Exploit for Authorization Bypass Through User-Controlled Key in Saleor

CVE-2026-24136 - Saleor GraphQL IDOR / Unauthenticated PII Exf...