CVE-2026-25659

Ericsson Packet Core Gateway PCG versions prior to 1.30 contain an Improper Handling of Missing Values CWE-230 vulnerability where an attacker continuously sending a specially crafted message can cause service degradation. The impact continues as long the attack persists but the system recovers...

CVE-2026-10725

Protocol::HTTP2 versions through 1.12 for Perl is vulnerable to a HTTP/2 Bomb. Protocol::HTTP2's inbound HPACK path has no header-list size limit, so a small HTTP/2 request can expand into large server memory the "HTTP/2 bomb". The headersdecode method materialises a full key+value copy per index...

Exploit for CVE-2026-48595

CVE-2026-48595 - elixir-tesla tesla Vulnerability Quick Us...

LearnPress < 4.2.7.4 - Course Material - Information Disclosure

LearnPress – WordPress LMS Plugin contains a sensitive information exposure caused by insecure handling in class-lp-rest-material-controller.php, letting unauthenticated attackers extract paid course material, exploit requires no authentication. id: CVE-2024-11868 info: name: LearnPress 4.2.7.4 -...

ZZZCMS ZZZPHP 1.6.3 – Remote PHP Code Execution (RCE)

ZZZCMS zzzphp v1.6.3 contains a remote code execution caused by lack of restrictions in inc/zzzfile.php, letting attackers execute arbitrary PHP code via a crafted URL in the plugins/ueditor/php/controller.php?action=catchimage source parameter, exploit requires attacker to send malicious URL and...

Vite Dev Server - Path Traversal in Optimized Deps .map Handling

Vite development server versions prior to 8.0.5, 7.3.2, and 6.4.2 are vulnerable to path traversal through the optimized dependencies sourcemap handler. The dev server's handling of .map requests for optimized dependencies resolves file paths via normalizePathpath.resolveroot, url.slice1 and call...

[SECURITY] Fedora 44 Update: libinput-1.31.3-1.fc44

libinput is a library that handles input devices for display servers and other applications that need to directly deal with input devices. It provides device detection, device handling, input device event processing and abstraction so minimize the amount of custom input code the user of libinput...

EulerOS Virtualization 2.12.1 : expat (EulerOS-SA-2026-2073)

According to the versions of the expat package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In libexpat before 2.7.4, XMLExternalEntityParserCreate does not copy unknown encoding handler user data.CVE-2026-24515 In libexpat...

RHEL 8 : openssh (RHSA-2026:22329)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:22329 advisory. OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files...

EulerOS Virtualization 2.12.0 : python-pip (EulerOS-SA-2026-2111)

According to the versions of the python-pip packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in...

EulerOS Virtualization 2.13.0 : glib2 (EulerOS-SA-2026-2165)

According to the versions of the glib2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in GLib. An integer overflow vulnerability in its Unicode case conversion implementation can lead to memory...

EulerOS Virtualization 2.13.1 : libssh (EulerOS-SA-2026-2137)

According to the versions of the libssh package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : libssh: Denial of Service via improper configuration file handlingCVE-2026-0965 libssh: Improper sanitation of paths received from S...

EulerOS Virtualization 2.13.0 : libssh (EulerOS-SA-2026-2176)

According to the versions of the libssh package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : libssh: Denial of Service via improper configuration file handlingCVE-2026-0965 libssh: Improper sanitation of paths received from S...

EulerOS Virtualization 2.13.0 : python3 (EulerOS-SA-2026-2188)

According to the versions of the python3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : If the value passed to os.path.expandvars is user-controlled a performance degradation is possible when expanding environment...

RHEL 10 : java-21-ibm-semeru-certified-jdk (RHSA-2026:22328)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:22328 advisory. The IBM Semeru Runtime Certified Edition 21 runtime environment. Security Fixes: freetype: Information disclosure or denial of service via...

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-11.0.1.2)

The version of AHV installed on the remote host is prior to AHV-11.0.1.2. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-11.0.1.2 advisory. - Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, an unchecked vsnprintf return in SStreamconc...

EulerOS Virtualization 2.10.1 : util-linux (EulerOS-SA-2026-2038)

According to the versions of the util-linux packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in util-linux. Improper hostname canonicalization in the login1 utility, when invoked with the -h option, can...

EulerOS Virtualization 2.13.0 : libsodium (EulerOS-SA-2026-2175)

According to the versions of the libsodium package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to...

EulerOS Virtualization 2.13.1 : dhcp (EulerOS-SA-2026-2123)

According to the versions of the dhcp package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into...

EulerOS Virtualization 2.12.1 : python3 (EulerOS-SA-2026-2085)

According to the versions of the python3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : If the value passed to os.path.expandvars is user-controlled a performance degradation is possible when expanding environment...