CVE-2026-41253

In iTerm2 through 3.6.9, displaying a .txt file can cause code execution via DCS 2000p and OSC 135 data, if the working directory contains a malicious file whose name is valid output from the conductor encoding path, such as a pathname with an initial ace/c+ substring, aka "hypothetical in-band...

CVE-2026-41253

Affected software: iTerm2 versions up to 3.6.9 (with notes in Red Hat and EU sources also referencing iTerm2 < 3.6.10 and

GHSA-9J88-VVJ5-VHGR MailKit has STARTTLS Response Injection via unflushed stream buffer that enables SASL mechanism downgrade

Summary A STARTTLS Response Injection vulnerability in MailKit allows a Man-in-the-Middle attacker to inject arbitrary protocol responses across the plaintext-to-TLS trust boundary, enabling SASL authentication mechanism downgrade e.g., forcing PLAIN instead of SCRAM-SHA-256. The internal read...

Improper Authentication

Overview Affected versions of this package are vulnerable to Improper Authentication in the providerFlowSignIn process. An attacker can gain unauthorized access to another user's account by exploiting improper handling of email verification status from OAuth providers. This allows the attacker to...

CVE-2026-40593

ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the User Editor UserEditor.php renders stored usernames directly into an HTML input value attribute without applying htmlspecialchars. An administrator can save a username containing HTML attribute-breaking characte...

CVE-2026-40572

NovumOS vulnerability CVE-2026-40572: In versions prior to 0.24, Syscall 15 (MemoryMapRange) lets Ring-3 user processes map arbitrary virtual ranges into their address space without validating against forbidden regions, including kernel structures (IDT, GDT, TSS, page tables). This can allow a lo...

PT-2026-34845

Name of the Vulnerable Software and Affected Versions MailKit versions prior to 4.16.0 Description A STARTTLS Response Injection issue allows a Man-in-the-Middle attacker to inject arbitrary protocol responses across the plaintext-to-TLS trust boundary. This can enable a SASL authentication...

PT-2026-33591

In iTerm2 through 3.6.9, displaying a .txt file can cause code execution via DCS 2000p and OSC 135 data, if the working directory contains a malicious file whose name is valid output from the conductor encoding path, such as a pathname with an initial ace/c+ substring, aka "hypothetical in-band...

Enclawed: A Configurable, Sector-Neutral Hardening Framework for Single-User AI Assistant Gateways

We present enclawed, a hard-fork hardening framework built on top of the OpenClaw single-user personal artificial intelligence AI assistant gateway. enclawed targets deployments that need attestable peer trust, deny-by-default external connectivity, signed-module loading, and a tamper-evident aud...

Global Web, Local Privacy? an International Review of Web Tracking

Web tracking by ad networks, social networks, and other third parties is privacy-invasive. To protect users' privacy an increasing number of countries are adopting new privacy laws. However, a major reason why their application on the web is so challenging is that privacy laws are local while the...

Linux Distros Unpatched Vulnerability : CVE-2026-32105

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xrdp is an open source RDP server. In versions through 0.10.5, xrdp does not implement verification for the Message Authentication Code MAC signature of encrypt...

CVE-2026-40484

ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the database backup restore functionality extracts uploaded archive contents and copies files from the Images/ directory into the web-accessible document root using recursiveCopyDirectory, which performs no file...

built-in-math-eval (>=0.1.0 <=0.3.1), function-plot (>=1.0.0 <=1.14.0) +1 more potentially affected by CVE-2026-41507 via math-codegen (>=0.2.5 <=0.4.2)

math-codegen NPM version =0.2.5, =0.1.0, =1.0.0, =0.2.0, =0.5.2 Source cves: CVE-2026-41507 Source advisory: OSV:GHSA-P6X5-P4XF-CC4R...

built-in-math-eval (>=0.1.0 <=0.3.1), function-plot (>=1.0.0 <=1.14.0) +1 more potentially affected by CVE-2026-41507 via math-codegen (>=0.2.5 <=0.4.2)

math-codegen NPM version =0.2.5, =0.1.0, =1.0.0, =0.2.0, =0.5.2 Source cves: CVE-2026-41507 Source advisory: SNYK:JS-MATHCODEGEN-16420747...

CVE-2026-40479

CVE-2026-40479 (Kimai) : Concrete details across multiple sources show a stored XSS vulnerability caused by an incomplete escape in the client-side escapeForHtml() in KimaiEscape.js. Affected versions are 1.16.3 through 2.52.0; the issue arises when a user-controlled profile alias is injected int...

CVE-2026-40476

graphql-go is a Go implementation of GraphQL. In versions 15.31.4 and below, the OverlappingFieldsCanBeMerged validation rule performs On² pairwise comparisons of fields sharing the same response name. An attacker can send a query with thousands of repeated identical fields, causing excessive CPU...

CVE-2026-40155 Auth0 Next.js SDK has Improper Proxy Cache Lookup

The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. In versions 4.12.0 through 4.17.1, simultaneous requests that trigger a nonce retry may cause the proxy cache fetcher to perform improper lookups for the token request results. Users are affected if...

CVE-2026-32105

A flaw was found in xrdp, an open-source Remote Desktop Protocol RDP server. When using the "Classic RDP Security" layer, xrdp fails to verify the Message Authentication Code MAC signature of encrypted RDP packets. This oversight allows an unauthenticated attacker with man-in-the-middle MITM...

CVE-2026-40286

WeGIA is a web manager for charitable institutions. In versions prior to 3.6.10, a Stored Cross-Site Scripting XSS vulnerability was identified in the 'Member Registration' Cadastrar Sócio function. By injecting a payload into the 'Member Name' Nome Sócio field, the script is persistently stored ...

DEBIAN-CVE-2026-32624

xrdp is an open source RDP server. Versions through 0.10.5 contain a heap-based buffer overflow vulnerability in its logon processing. In environments where domainuserseparator is configured in xrdp.ini, an unauthenticated remote attacker can send a crafted, excessively long username and domain...