CVE-2026-3861

LINE client for iOS versions prior to 26.3.0 contains a vulnerability in the in-app browser where opening a crafted web page can repeatedly trigger OS-level dialogs due to insufficient safeguards when handling arbitrary URL schemes, potentially causing the iOS device to become temporarily...

EUVD-2026-23176

Eaton Intelligent Power Protector IPP uses an insecure cookie configuration, which could allow a network‑based attacker to intercept the cookie and exploit it through a man‑in‑the‑middle attack. This security issue has been fixed in the latest version of Eaton IPP software which is available on t...

CVE-2026-22617

Eaton Intelligent Power Protector IPP uses an insecure cookie configuration, which could allow a network‑based attacker to intercept the cookie and exploit it through a man‑in‑the‑middle attack. This security issue has been fixed in the latest version of Eaton IPP software which is available on t...

Anviz Multiple Products

ADVISORY SUMMARY Successful exploitation of these vulnerabilities could allow attackers to conduct reconnaissance, capture or decrypt sensitive data, alter device configurations, gain unauthorized administrative or root‑level access, execute arbitrary code, compromise credentials or...

AVEVA Pipeline Simulation

RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker to modify simulation parameters, training configuration and training records. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...

CVE-2026-3861

LINE client for iOS versions prior to 26.3.0 contains a vulnerability in the in-app browser where opening a crafted web page can repeatedly trigger OS-level dialogs due to insufficient safeguards when handling arbitrary URL schemes, potentially causing the iOS device to become temporarily...

CVE-2026-3861

LINE client for iOS versions prior to 26.3.0 contains a vulnerability in the in-app browser where opening a crafted web page can repeatedly trigger OS-level dialogs due to insufficient safeguards when handling arbitrary URL schemes, potentially causing the iOS device to become temporarily...

CVE-2026-3861

LINE client for iOS versions prior to 26.3.0 contains a vulnerability in the in-app browser where opening a crafted web page can repeatedly trigger OS-level dialogs due to insufficient safeguards when handling arbitrary URL schemes, potentially causing the iOS device to become temporarily...

CVE-2026-22617

Eaton IPP (Intelligent Power Protector) is affected by an insecure cookie configuration that could let a network‑based attacker intercept cookies and perform a man‑in‑the‑middle attack. The description is consistent across multiple sources (NVD, Red Hat, ENISA EUVD, CNNVD, CVE lists, AttackersKB)...

CVE-2026-22617

Eaton Intelligent Power Protector IPP uses an insecure cookie configuration, which could allow a network‑based attacker to intercept the cookie and exploit it through a man‑in‑the‑middle attack. This security issue has been fixed in the latest version of Eaton IPP software which is available on t...

CVE-2026-6363

A type confusion flaw was found in the V8 component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=495751197...

DEBIAN-CVE-2026-40959

Luanti 5 before 5.15.2, when LuaJIT is used, allows a Lua sandbox escape via a crafted mod...

[SECURITY] Fedora 43 Update: pypy-7.3.21-8.fc43

PyPy's implementation of Python, featuring a Just-In-Time compiler on some CPU architectures, and various optimized implementations of the standard types strings, dictionaries, etc This build of PyPy has JIT-compilation enabled...

PT-2026-33270

Name of the Vulnerable Software and Affected Versions LINE client for iOS versions prior to 26.3.0 Description An issue exists in the in-app browser where opening a specially crafted web page can repeatedly trigger OS-level dialogs. This behavior can lead to a denial of service, potentially causi...

A Bootiful Podcast: the legendary Craig Walls

Hi Spring fans! In this installment we talk to the legendary Craig Walls, author of Spring In Action , Spring AI in Action , and more!...

Yamaha SR-B30A 安全漏洞

The Yamaha SR-B30A is a bar-style audio device produced by the Japanese company Yamaha. Version 2.40 of the Yamaha SR-B30A contains a security vulnerability. This vulnerability stems from the Bluetooth low-power control interface, which allows unauthorized connections without authentication. This...

Eaton Intelligent Power Protector 安全漏洞

Eaton Intelligent Power Protector is a power protection software developed by the American company Eaton. There is a security vulnerability in Eaton Intelligent Power Protector, which stems from insecure cookie configurations. This vulnerability may allow network-based attackers to intercept...

Apache Airflow 安全漏洞

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. This platform features scalability and dynamic monitoring capabilities. There is a security vulnerability in Apache Airflow, wher...

PT-2026-33259

Eaton Intelligent Power Protector IPP uses an insecure cookie configuration, which could allow a network‑based attacker to intercept the cookie and exploit it through a man‑in‑the‑middle attack. This security issue has been fixed in the latest version of Eaton IPP software which is available on t...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: freerdp (UTSA-2026-007191)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007191 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a race in the serial channel IRP thread tracking allows a heap useafterfree when on...