EUVD-2026-39612

A flaw in Node.js TLS host verification can cause an attacker to bypass certification validation. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

EUVD-2026-39594

A flaw was found in KubeVirt's virt-handler network cache handling. The WriteToCachedFile function writes data to a launcher-rooted path using os.WriteFile and os.Chown without symlink protection. A user with access to the virt-launcher container can plant a symlink at the cache file path, causin...

CVE-2026-13218

CVE-2026-13218 : In KubeVirt, the virt-handler network cache handling allows a symlink attack via WriteToCachedFile, which writes to a launcher-rooted path with os.WriteFile and os.Chown. A user inside the virt-launcher container can place a symlink at the cache path, causing virt-handler to foll...

CVE-2026-13218

A flaw was found in KubeVirt's virt-handler network cache handling. The WriteToCachedFile function writes data to a launcher-rooted path using os.WriteFile and os.Chown without symlink protection. A user with access to the virt-launcher container can plant a symlink at the cache file path, causin...

CVE-2026-40080

The CVE CVE-2026-40080 affects Cacti (open source performance and fault management framework) up to version 1.2.30. The vulnerability is an Open Redirect: login flow uses $_SERVER['HTTP_REFERER'] when login_opts == '1' and checks the referer with a substring (str_contains($referer, CACTI_PATH_URL...

EUVD-2026-31393

golang.org/x/crypto/ssh is vulnerable to invoking server panic during CheckHostKey/Authenticate flow...

CVE-2026-11703

CVE-2026-11703 (wolfSSL) describes missing SNI/ALPN binding on stateful (session-ID) TLS resumption. A cached TLS session could be resumed under a different SNI/ALPN than originally negotiated, potentially carrying cached peer-authentication state across virtual hosts. The public description stat...

CVE-2026-4930

SYMCRYPTO is the SiXG301's host side hardware engine accessed by PSA crypto library that accelerates symmetric cryptographic operations AES encryption/decryption and hashing. DPA Countermeasures on SYMCRYPTO can be weakened reduced entropy by forcing certain seed values if an attacker gains code...

CVE-2026-52959

A flaw was found in the Linux kernel's Secure Encrypted Virtualization SEV guest module. This vulnerability allows a malicious host to provide an invalid buffer size during an extended guest request. This incorrect handling of host-controlled page order during the cleanup process can lead to a...

CVE-2026-53073

A flaw was found in the Linux kernel's Bluetooth Host Controller Interface HCI Universal Asynchronous Receiver/Transmitter UART driver. When the hciregisterdev function fails, a flag indicating protocol initialization is not properly cleared. This oversight allows incoming UART data to be process...

CVE-2026-46611

Glances XML-RPC server (glances/server.py) before 4.5.5 does not validate the HTTP Host header, enabling DNS rebinding attacks to exfiltrate the victim’s monitoring data. The vulnerability affects the XML-RPC backend used by glances -s (XML-RPC path /RPC2) and allows an attacker to cause the brow...

CVE-2026-46611 Glances: XML-RPC Server Missing Host Header Validation Enables DNS Rebinding Attack

Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.5, the Glances XML-RPC server glances -s, implemented in glances/server.py does not validate the HTTP Host header, leaving it vulnerable to DNS rebinding attacks. An attacker can exploit DNS rebinding to exfiltrate the...

CVE-2026-55412

ToolJet (open-source platform) Vulnerability: SSRF in the RestAPI data source component allows authenticated users to induce server-side HTTP requests that bypass its private IP filter via DNS trickery (169.254.169.254.nip.io), potentially stealing Azure managed identity tokens for the AKS produc...

CVE-2026-12755

Improper input validation in the PAM AD discovery endpoints in Devolutions Server 2026.2.4.0 through 2026.2.7.0 allows an authenticated user with the UserGroupsView permission to coerce server-side authentication to an attacker-controlled host, exposing PAM provider credentials as a NTLMv2...

CVE-2026-12755

CVE-2026-12755 affects Devolutions Server 2026.2.4.0–2026.2.7.0. It is caused by improper input validation in the PAM AD discovery endpoints. An authenticated user with the UserGroupsView permission can coerce server-side authentication to an attacker-controlled host, exposing PAM provider creden...

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.12.92 packages and security update

Red Hat OpenShift Container Platform release 4.12.92 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a...

EUVD-2026-39227

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix a use-after-free of the hciconn pointer In isosockrebindbc, the bis pointer is cached, then the socket lock is dropped: bis = isopisk-conn-hcon; / Release the socket before lookups since that requires hcidevlo...

CVE-2026-53276

CVE-2026-53276 – Linux kernel Bluetooth ISO use-after-free : The issue occurs in iso_sock_rebind_bc() where a cached bis pointer (iso_pi(sk)->conn->hcon) is used after releasing the socket lock, allowing a concurrent close() to free the hci_conn structure. During the unlocked window, hci_de...

CVE-2026-53251

In the Linux kernel Bluetooth ISO path, CVE-2026-53251 is due to hci_get_route() returning a reference-counted hci_dev pointer via hci_dev_hold(), and the function may exit without releasing that reference on both normal and error paths. This results in a not-released hdev reference within iso_co...