CVE-2026-34685

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier NEEDS REVIEW: impact mismatch — ticket says 'Arbitrary file system write', CIA triad derives 'Security Feature Bypass'. Verify CVSS vector before publishing. are affected by an Improper Input...

CVE-2026-34685 Adobe Commerce | Improper Input Validation (CWE-20)

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier NEEDS REVIEW: impact mismatch — ticket says 'Arbitrary file system write', CIA triad derives 'Security Feature Bypass'. Verify CVSS vector before publishing. are affected by an Improper Input...

CVE-2026-34685 Adobe Commerce | Improper Input Validation (CWE-20)

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier NEEDS REVIEW: impact mismatch — ticket says 'Arbitrary file system write', CIA triad derives 'Security Feature Bypass'. Verify CVSS vector before publishing. are affected by an Improper Input...

CVE-2026-20767

Improper input validation for some IntelR QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege...

CVE-2025-35990

Improper input validation for some Intel Endpoint Management Assistant EMA software before version 1.14.5 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an unauthenticated user combined with a low complexity attack may enable escalation...

CVE-2026-35433

Heap-based buffer overflow in .NET allows an unauthorized attacker to elevate privileges locally...

CVE-2025-35990

Improper input validation for some Intel Endpoint Management Assistant EMA software before version 1.14.5 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an unauthenticated user combined with a low complexity attack may enable escalation...

CVE-2026-41293

Improper Input Validation vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117, from 10.0.0-M1 through 10.0.27. Older, end of support versions may also be affected. Users are recommended to...

UBUNTU-CVE-2026-41293

Improper Input Validation vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117, from 10.0.0-M1 through 10.0.27. Older, end of support versions may also be affected. Users are recommended to...

CVE-2026-41293

Improper Input Validation vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117, from 10.0.0-M1 through 10.0.27. Older, end of support versions may also be affected. Users are recommended to...

Visual Studio Code Security Feature Bypass Vulnerability

Improper neutralization of input during web page generation 'cross-site scripting' in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally...

CVE-2026-1185

A configuration file on the local file system had improper input validation which could allow code execution and potentially lead to privilege escalation. This vulnerability can only be exploited if an attacker can log in to the Axis device using SSH...

CVE-2026-35433

Improper input validation in .NET allows an unauthorized attacker to elevate privileges locally...

PT-2026-39941

A configuration file on the local file system had improper input validation which could allow code execution and potentially lead to privilege escalation. This vulnerability can only be exploited if an attacker can log in to the Axis device using SSH...

PT-2026-40318

Improper input validation for some IntelR QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege...

PT-2026-40187

Name of the Vulnerable Software and Affected Versions .NET affected versions not specified Description Improper input validation in .NET allows an unauthorized attacker to elevate privileges locally...

PT-2026-40414

Name of the Vulnerable Software and Affected Versions CAI Content Credentials versions 0.78.2 and earlier Description Improper Input Validation can result in an application denial-of-service, allowing an attacker to crash the application. This issue does not require user interaction...

PT-2026-40418

Name of the Vulnerable Software and Affected Versions CAI Content Credentials versions 0.78.2 and 0.7.0 and earlier Description Improper Input Validation can result in an application denial-of-service, allowing an attacker to crash the application. This issue does not require user interaction...

PT-2026-40406

Name of the Vulnerable Software and Affected Versions CAI Content Credentials versions 0.78.2 and earlier Description Improper Input Validation allows an attacker to crash the application, resulting in a denial-of-service condition. This issue can be exploited without requiring user interaction...

PT-2026-40404

Name of the Vulnerable Software and Affected Versions CAI Content Credentials versions 0.78.2, 0.7.0 and earlier Description Improper Input Validation can lead to an application denial-of-service, allowing an attacker to crash the application. This issue does not require user interaction...