PT-2026-30154

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contained a flaw in the net/rose component where a NULL pointer dereference could occur in the rose transmit link function during a reconnect attempt. This issue arose...

PT-2026-29998

Impact On Windows, app.setLoginItemSettingsopenAtLogin: true wrote the executable path to the Run registry key without quoting. If the app is installed to a path containing spaces, an attacker with write access to an ancestor directory may be able to cause a different executable to run at login...

PT-2026-30286

Name of the Vulnerable Software and Affected Versions OpenSTAManager versions prior to 2.10.2 Description OpenSTAManager contains an SQL Injection vulnerability in the confronta righe.php files across different modules. The righe parameter, received via the $ GET'righe' request, is directly...

PT-2026-30245

Hirschmann HiLCOS devices OpenBAT, WLC, BAT300, BAT54 prior to 8.80 and OpenBAT prior to 9.10 are shipped with identical default SSH and SSL keys that cannot be changed, allowing unauthenticated remote attackers to decrypt or intercept encrypted management communications. Attackers can perform...

PT-2026-30219

Improper certificate validation in the identity provider connection components in Amazon Athena ODBC driver before 2.1.0.0 might allow a man-in-the-middle threat actor to intercept authentication credentials due to insufficient default transport security when connecting to identity providers. Thi...

PT-2026-30269

Mesop is a Python-based UI framework that allows users to build web applications. From version 1.2.3 to before version 1.2.5, an uncontrolled resource consumption vulnerability exists in the WebSocket implementation of the Mesop framework. An unauthenticated attacker can send a rapid succession o...

vim: Vim: Arbitrary code execution via command injection in glob() function

A flaw was found in Vim. By including a newline character in a pattern passed to Vim's glob function, an attacker may be able to execute arbitrary shell commands. This command injection vulnerability allows for arbitrary code execution, depending on the user's shell settings...

CVE-2026-23417

A flaw was found in the Linux kernel's Berkeley Packet Filter BPF component. This vulnerability occurs because the BPFST | BPFPROBEMEM32 immediate stores are not correctly handled by the constant blinding mechanism. As a result, user-controlled 32-bit immediate values can remain unblinded in...

MINI-PW39-QM2V-8425

Bulletin has no description...

EUVD-2026-18400

In OpenSSH before 10.3, command execution can occur via shell metacharacters in a username within a command line. This requires a scenario where the username on the command line is untrusted, and also requires a non-default configurations of % in sshconfig...

CVE-2026-32762

Rack is a modular Ruby web server interface. From versions 3.0.0.beta1 to before 3.1.21 and 3.2.0 to before 3.2.6, Rack::Utils.forwardedvalues parses the RFC 7239 Forwarded header by splitting on semicolons before handling quoted-string values. Because quoted values may legally contain semicolons...

CVE-2026-35386

In OpenSSH before 10.3, command execution can occur via shell metacharacters in a username within a command line. This requires a scenario where the username on the command line is untrusted, and also requires a non-default configurations of % in sshconfig...

Threat actor abuse of AI accelerates from tool to cyberattack surface

For the last year, one word has represented the conversation living at the intersection of AI and cybersecurity: speed. Speed matters, but it’s not the most important shift we are observing across the threat landscape today. Now, threat actors from nation states to cybercrime groups are embedding...

CLSA-2026-1775145256 gimp: Fix of CVE-2025-2761

CVE-2025-2761: fix out-of-bounds write in FLI plug-in ZDI-CAN-25100...

CLSA-2026-1775144394 gimp: Fix of CVE-2025-2761

CVE-2025-2761: fix out-of-bounds write in FLI plug-in ZDI-CAN-25100...

CVE-2026-34974

phpMyFAQ is an open source FAQ web application. Prior to version 4.1.1, the regex-based SVG sanitizer in phpMyFAQ SvgSanitizer.php can be bypassed using HTML entity encoding in javascript: URLs within SVG attributes. Any user with editfaq permission can upload a malicious SVG that executes...

CVE-2026-32629

phpMyFAQ is an open source FAQ web application. Prior to version 4.1.1, an unauthenticated attacker can submit a guest FAQ with an email address that is syntactically valid per RFC 5321 quoted local part yet contains raw HTML — for example "alert1"@evil.com. PHP's FILTERVALIDATEEMAIL accepts this...

CVE-2026-33746

Convoy is a KVM server management panel for hosting businesses. From version 3.9.0-beta to before version 4.5.1, the JWTService::decode method did not verify the cryptographic signature of JWT tokens. While the method configured a symmetric HMAC-SHA256 signer via lcobucci/jwt, it only validated...

CVE-2026-32629

Summary: CVE-2026-32629 affects phpMyFAQ prior to 4.1.1, where an unauthenticated attacker can submit a guest FAQ with a syntactically valid but HTML-containing email address. PHP’s FILTER_VALIDATE_EMAIL accepts the quoted-local-part email, stores it without HTML sanitization, and later renders i...

CVE-2026-32629

phpMyFAQ is an open source FAQ web application. Prior to version 4.1.1, an unauthenticated attacker can submit a guest FAQ with an email address that is syntactically valid per RFC 5321 quoted local part yet contains raw HTML — for example ""@evil.com. PHP's FILTERVALIDATEEMAIL accepts this email...