CVE-2026-1803

A weakness has been identified in Ziroom ZHOME A0101 1.0.1.0. Impacted is an unknown function of the component Dropbear SSH Service. This manipulation causes use of default credentials. Remote exploitation of the attack is possible. The complexity of an attack is rather high. The exploitability i...

CVE-2025-14954 Open5GS QER/FAR/URR/PDR context.c ogs_pfcp_qer_find_or_add assertion

A vulnerability has been found in Open5GS up to 2.7.6. Affected is the function ogspfcppdrfindoradd/ogspfcpfarfindoradd/ogspfcpurrfindoradd/ogspfcpqerfindoradd in the library lib/pfcp/context.c of the component QER/FAR/URR/PDR. The manipulation leads to reachable assertion. It is possible to...

Missing Authorization

Overview chainlit is a Build Conversational AI. Affected versions of this package are vulnerable to Missing Authorization due to improper user verification in the getfile endpoint. This flaw allows unauthorized users to access and retrieve session files by guessing or obtaining valid sessionids,...

Deserialization of untrusted data

A vulnerability was found in StanfordVL GibsonEnv 0.3.1. It has been classified as critical. Affected is the function cloudpickle.load of the file gibson\utils\pposgdfuse.py. The manipulation leads to deserialization. It is possible to launch the attack remotely. The complexity of an attack is...