Mix PHP 代码问题漏洞

Mix PHP is Mix PHP open source a PHP command line mode development framework that supports seamless multi-server ecosystem switching. A code issue vulnerability exists in Mix PHP versions 2.x through 2.2.17 that stems from a session and cache handler call to unserialize on Redis data in the...

OpenImageIO 缓冲区错误漏洞

OpenImageIO is an open-source image processing library developed by OpenImageIO. It features a user-friendly interface and supports a wide range of image formats. Versions of OpenImageIO 3.2.0.1-dev and earlier have a buffer error vulnerability, which stems from an out-of-bounds write issue in th...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the iio gyro mpu3050 driver not releasing the interrupt handler when iiotriggerregister fails, which could...

PT-2026-36354

Name of the Vulnerable Software and Affected Versions AcademySoftwareFoundation OpenImageIO versions prior to 3.2.0.1-dev Description An out-of-bounds write issue exists within the DDS Image Handler component, specifically affecting the src/dds.imageio/ddsinput.cpp file. This flaw requires local...

Open5GS 安全漏洞

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS version 2.7.7 and earlier, which stems from a denial of service issue in the ogsidgetvalue function of file...

EUVD-2026-26674

Unsafe deserialization vulnerability in MixPHP Framework 2.x thru 2.2.17. The session and cache handlers use unserialize on data from the filesystem in the FileHandler object...

PT-2026-36398

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the mpu3050 gyro driver within the Industrial I/O IIO subsystem. During the teardown process, the free irq function is called using the mpu3050 handler instead of the...

PT-2026-36414

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix potential out-of-bounds read in iwl mvm nd match info handler The memcpy function assumes the dynamic array notif-matches is at least as large as the number of bytes to copy. Otherwise, results-matches may...

PT-2026-36489

Name of the Vulnerable Software and Affected Versions MixPHP Framework versions 2.x through 2.2.17 Description An unsafe deserialization issue exists where the session and cache handlers utilize the unserialize function on data retrieved from Redis within the RedisHandler object. Recommendations ...

CVE-2026-42472

Unsafe deserialization vulnerability in MixPHP Framework 2.x thru 2.2.17. The session and cache handlers use unserialize on data from Redis in the RedisHandler object...

PT-2026-36502

Name of the Vulnerable Software and Affected Versions Open5GS versions prior to 2.7.8 Description A weakness in the AMF component allows remote exploitation leading to a denial of service. The issue resides in the ogs id get value function within the /src/amf/nudm-handler.c file. Recommendations ...

Open5GS 安全漏洞

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS version 2.7.7 and earlier, which stems from a denial of service issue in the amfnudmsdmhandleprovisioned function in file...

CVE-2026-42472

The CVE-2026-42472 entry describes an unsafe deserialization vulnerability in MixPHP Framework 2.x up to 2.2.17, caused by session and cache handlers calling unserialize() on data sourced from Redis in the RedisHandler object. This is reported across multiple feeds (NVD, CVE listing, vuln enrichm...

CVE-2026-42473

The CVE-2026-42473 issue affects MixPHP Framework 2.x up to 2.2.17. The vulnerability arises from unsafe deserialization in the FileHandler’s session and cache handling, where data from the filesystem is passed to PHP’s unserialize(), enabling high-impact data integrity/confidentiality/availabili...

CVE-2026-42473

Unsafe deserialization vulnerability in MixPHP Framework 2.x thru 2.2.17. The session and cache handlers use unserialize on data from the filesystem in the FileHandler object...

PT-2026-38397

Name of the Vulnerable Software and Affected Versions vm2 versions prior to 3.11.0 Description A sandbox escape allows unauthenticated attackers to execute arbitrary system commands RCE on the host. The issue occurs because BaseHandler.getPrototypeOf can be reached via util.inspect, enabling the...

EUVD-2026-26456

A vulnerability was found in Bootstrap CMS 0.9.0-alpha. Affected is an unknown function of the file resources/views/pages/show.blade.php of the component Page Creation Handler. Performing a manipulation of the argument body results in code injection. Remote exploitation of the attack is possible...

CVE-2026-7508 Bootstrap CMS Page Creation show.blade.php code injection

A vulnerability was found in Bootstrap CMS 0.9.0-alpha. Affected is an unknown function of the file resources/views/pages/show.blade.php of the component Page Creation Handler. Performing a manipulation of the argument body results in code injection. Remote exploitation of the attack is possible...

CVE-2026-7508

A vulnerability was found in Bootstrap CMS 0.9.0-alpha. Affected is an unknown function of the file resources/views/pages/show.blade.php of the component Page Creation Handler. Performing a manipulation of the argument body results in code injection. Remote exploitation of the attack is possible...

CVE-2026-7505 nextlevelbuilder GoClaw/GoClaw Lite RPC improper authorization

A flaw has been found in nextlevelbuilder GoClaw and GoClaw Lite up to 3.8.5. This affects an unknown function of the component RPC Handler. This manipulation causes improper authorization. The attack may be initiated remotely. The exploit has been published and may be used. Upgrading to version...