CVE-2026-BetterSQLCipher-RCE

CVE-2026-XXXXX: better-sqlcipher loadExtension Remote Code E...

VulnCheck KEV: CVE-2026-0257

Authentication bypass vulnerabilities in the GlobalProtect portal and gateway of Palo Alto Networks PAN-OS® software allows the attacker to bypass security restrictions and establish an unauthorized VPN connection. Panorama and Cloud NGFW are not impacted by these issues...

CVE-2026-46818

Vulnerability in the Oracle Payments product of Oracle E-Business Suite component: File Transmission. Supported versions that are affected are 12.2.3-12.2.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Payments. Successful...

CVE-2026-9303 calcom cal.diy cross-site request forgery

A vulnerability was identified in calcom cal.diy up to 4.9.4. Impacted is an unknown function. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. The vendor was contacted early about this...

@action.sustainability/storybook-dashboard (>=0.1.1 <=0.1.5), @agentlab/ldkg-ui-charts (>=0.1.4 <=0.1.7) +249 more potentially affected by unknown CVE via @antv/l7-component (>=2.10.0 <=2.25.4)

@antv/l7-component NPM version =2.10.0, =0.1.1, =0.1.4, =1.1.15, =0.1.0, =1.0.17-beta.1, =0.0.1-beta.2, =1.2.0-beta.0, =0.0.2, =0.0.2, =1.0.1, =0.0.2, =0.0.1, =0.0.4 and more Source cves: unknown CVE Source advisory: OSV:MAL-2026-4034...

@antv/ava (=3.6.0-alpha.0), @antv/gpt-vis (>=0.0.1 <=0.6.1) +23 more potentially affected by unknown CVE via @antv/l7-composite-layers (>=0.0.1-alpha.6 <=0.17.1)

@antv/l7-composite-layers NPM version =0.0.1-alpha.6, =0.0.1, =0.1.0, =0.0.1, =0.0.1-alpha.1, =0.1.1, =1.0.0, =1.0.2, =1.0.2, =0.0.1, =0.0.1, =1.0.0-alpha.4, =1.0.0-alpha.5 and more Source cves: unknown CVE Source advisory: OSV:MAL-2026-4035...

7qb (=0.0.17), @4399ywkf/ui (=3.0.0-alpha.0) +570 more potentially affected by unknown CVE via @antv/g-webgpu-core (>=0.1.2 <=0.7.2)

@antv/g-webgpu-core NPM version =0.1.2, =0.1.1, =0.1.2, =1.1.15, =1.0.5, =1.0.5, =1.0.5, =1.1.26, =0.2.11-dev-1, =0.1.0, =1.0.14, =1.0.1, =1.0.0-beta.3, =1.5.0-beta.0 and more Source cves: unknown CVE Source advisory: OSV:MAL-2026-3969...

nimiq-account (>=0.1.0 <=0.2.0), nimiq-accounts (>=0.1.0 <=0.2.0) +17 more potentially affected by CVE-2026-40092 via nimiq-keys (>=0.1.0 <=0.2.0)

nimiq-keys CARGO version =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0 and more Source cves: CVE-2026-40092 Source advisory: OSV:GHSA-27W2-87XV-37C6...

fittrackee (>=1.2.0 <=1.3.0b3), mein-et-projekt (=0.1.0) +2 more potentially affected by CVE-2026-44899 via mistune (=3.2.0)

mistune PYPI version =3.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on mistune and may be impacted: - fittrackee =1.2.0, =2.19.0, =2.20.4 - uniovi-simur-wearablepermed-pipeline-step-counting =1.2.3 Source cves: CVE-2026-44899 Source advisory:...

@regis-samurai/n8n (>=0.216.1 <=0.219.1), n8n-nodes-accelo (>=0.1.0 <=0.1.9) +11 more potentially affected by CVE-2026-44792 via n8n (>=0.138.0 <=0.93.0)

n8n NPM version =0.138.0, =0.216.1, =0.1.0, =0.18.0, =0.1.0, =0.1.0, =0.2.14, =0.1.0, =0.1.0, =0.0.2, =0.0.2, =1.1.3 Source cves: CVE-2026-44792 Source advisory: OSV:GHSA-MHRX-QHRJ-673W...

CVE-2026-0263 PAN-OS: Remote Code Execution (RCE) in IKEv2 Processing

A buffer overflow vulnerability in the IKEv2 processing of Palo Alto Networks PAN-OS® software allows an unauthenticated network-based attacker to execute arbitrary code with elevated privileges on the firewall, or cause a denial of service DoS condition. Panorama, Cloud NGFW, and Prisma® Access...

CVE-2026-0264 PAN-OS: Heap-Based Buffer Overflow in DNS Proxy and DNS Server Allows Unauthenticated Remote Code Execution

A buffer overflow vulnerability in the DNS proxy and DNS Server features of Palo Alto Networks PAN-OS® Software allows an unauthenticated attacker with network access to cause a denial of service DoS condition all PAN-OS platforms except Cloud NGFW and Prisma Access or potentially execute arbitra...

a-data-processing (=0.0.1), a-mailx (=0.1.0) +1492 more potentially affected by CVE-2026-45134 via langsmith (>=0.0.10 <=0.7.38)

langsmith PYPI version =0.0.10, =0.1.0, =0.1.3, =0.1.0b0, =4.8.2, =0.1.3, =0.1.0, =0.1.0, =0.1.1, =2.1.7, =2.1.8 - agent-builder =0.0.1 and more Source cves: CVE-2026-45134 Source advisory: OSV:GHSA-3644-Q5CJ-C5C7...

PT-2026-40758

Multiple denial of service vulnerabilities in Palo Alto Networks PAN-OS® software allow an unauthenticated attacker with network access to cause a denial of service DoS condition by sending specially crafted network traffic. Panorama and Cloud NGFW are not impacted by these vulnerabilities...

PT-2026-40755

Name of the Vulnerable Software and Affected Versions Palo Alto Networks PAN-OS affected versions not specified Description A server-side request forgery SSRF issue in the IKEv2 implementation allows an unauthenticated attacker to force the firewall to send network requests to unintended...

PT-2026-40754

Name of the Vulnerable Software and Affected Versions PAN-OS versions prior to 10.2.18-h6 PAN-OS versions prior to 11.2.12 PAN-OS versions prior to 12.1.7 Prisma Access affected versions not specified Description Authentication bypass flaws in the GlobalProtect portal and gateway allow a remote,...

Palo Alto Networks PAN-OS 10.2.x / 11.1.x / 11.2.x / 12.1.x Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is a vulnerable version of 10.2.x, 11.1.x, 11.2.x, or 12.1.x. It is, therefore, affected by a vulnerability. Multiple command injection vulnerabilities in Palo Alto Networks PAN-OS software enable an authenticated administrator t...

@uipath/ap-chat (>=1.4.6 <=1.5.6), @uipath/apollo-react (>=3.26.1 <=4.24.2) +4 more potentially affected by unknown CVE via @uipath/apollo-core (>=5.6.2 <=5.9.1)

@uipath/apollo-core NPM version =5.6.2, =1.4.6, =3.26.1, =0.7.3, =1.0.0, =1.0.0, =1.0.0, =1.0.0-beta.1 Source cves: unknown CVE Source advisory: OSV:MAL-2026-3531...

@solidjs-email/dev-server (=2.0.0), @tanstack/solid-start (>=1.20.3-alpha.1 <=1.167.62) potentially affected by unknown CVE via @tanstack/solid-start-client (>=1.121.0-alpha.28 <=1.166.5)

@tanstack/solid-start-client NPM version =1.121.0-alpha.28, =1.20.3-alpha.1, =1.167.62 Source cves: unknown CVE Source advisory: OSV:MAL-2026-3485...

PT-2026-40438

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Improper authorization checks of team members privileges allow a team member to escalate privileges to the team owner account. Recommendations At the moment, the...