Cisco IOS XR 操作系统命令注入漏洞

Cisco IOS XR is an operating system developed by the American company Cisco for its network devices. Cisco IOS XR has a vulnerability related to operating system command injection, which stems from insufficient validation of user parameters in certain CLI commands. This vulnerability may lead to...

PT-2026-24729

A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local attacker to elevate privileges and gain full administrative control of an affected device. This vulnerability is due to incorrect mapping of a command to task groups...

Cisco IOS XR 安全漏洞

Cisco IOS XR is an operating system developed by the American company Cisco for its network devices. There is a security vulnerability in Cisco IOS XR, which stems from insufficient input validation of IS-IS packet headers. This vulnerability may lead to unexpected restarts of the IS-IS process a...

Vulnerability fixed in Microsoft Authenticator app

Microsoft has fixed a vulnerability in the Authenticator app for Android and iOS. A malicious party could exploit the vulnerability to gain access to sensitive data. Successful abuse requires the malicious party to trick the victim into installing a rogue app. This app can then be misused to...

Exploit for Type Confusion in Apple Ipados

🏴‍☠️ Coruna iOS Exploit Kit: CVE-2024-23222 Research !CVEh...

Exploit for Type Confusion in Apple Ipados

🏴‍☠️ Coruna iOS Exploit Kit: CVE-2024-23222 Research !CVEh...

CVE-2026-2919

CVE-2026-2919 affects Focus for iOS. The issue arises from malicious scripts manipulating navigation and iframe behavior to display attacker-controlled or spoofed content under a trusted domain without user interaction. Impact stated as UI could present a spoofed domain; vulnerability fixed in Fo...

CVE-2026-2919 Attacker-controlled content shown under spoofed domains in Focus for iOS via stalled navigation and iframe redirect

Malicious scripts could display attacker-controlled web content under spoofed domains in Focus for iOS by stalling a self navigation to an invalid port and triggering an iframe redirect, causing the UI to display a trusted domain without user interaction. This vulnerability was fixed in Focus for...

CVE-2026-30798

Insufficient Verification of Data Authenticity, Improper Handling of Exceptional Conditions vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android Heartbeat sync loop, strategy processing modules allows Protocol Manipulation. This vulnerability is...

CVE-2026-30791

Use of a Broken or Risky Cryptographic Algorithm vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient Config import, URI scheme handler, CLI --config modules allows Retrieve Embedded Sensitive Data. This vulnerability is associated wit...

CVE-2026-30792

A vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient Strategy sync, HTTP API client, config options engine modules allows Application API Message Manipulation via Man-in-the-Middle. This vulnerability is associated with program files...

EUVD-2026-9829

Cleartext Transmission of Sensitive Information vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android Heartbeat sync loop modules allows Sniffing Attacks. This vulnerability is associated with program files src/hbbshttp/sync.Rs and program routine...

CVE-2026-30798

Insufficient Verification of Data Authenticity, Improper Handling of Exceptional Conditions vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android Heartbeat sync loop, strategy processing modules allows Protocol Manipulation. This vulnerability is...

CVE-2026-30794

Improper Certificate Validation vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android HTTP API client, TLS transport modules allows Adversary in the Middle AiTM. This vulnerability is associated with program files src/hbbshttp/httpclient.Rs and...

CVE-2026-30783

A vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient Client signaling, API sync loop, config management modules allows Privilege Abuse. This vulnerability is associated with program files src/rendezvousmediator.Rs, src/hbbshttp/sync....

CVE-2026-30795

The CVE concerns the RustDesk Client (rustdesk-client) across Windows, macOS, Linux, iOS, and Android. The vulnerability affects the Heartbeat sync loop modules, specifically the src/hbbs_http/sync.Rs code path and the Heartbeat JSON payload construction, where cleartext transmission of sensitive...

CVE-2026-30793

Cross-Site Request Forgery CSRF vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android Flutter URI scheme handler, FFI bridge modules allows Privilege Escalation. This vulnerability is associated with program files flutter/lib/common.Dart,...

CVE-2026-21786

HCL Sametime for iOS is impacted by a sensitive information disclosure. Hostnames information is written in application logs and certain URLs...

CVE-2026-21786 HCL Sametime for iOS is affected by sensitive information disclosure

HCL Sametime for iOS is impacted by a sensitive information disclosure. Hostnames information is written in application logs and certain URLs...

PT-2026-23506

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.10 Description A time-of-check-time-of-use TOCTOU issue exists in the validateScriptFileForShellBleed function. A TOCTOU issue is a software bug where a system checks a condition such as a security credential...