CVE-2026-40383

An improper validation of user-supplied input leads to a local file inclusion vulnerability...

CVE-2026-40383 Joomla! Core - [20260509] - LFI in HTMLView layout parameter

An improper validation of user-supplied input leads to a local file inclusion vulnerability...

CVE-2026-40383

CVE-2026-40383 is a Joomla! Core vulnerability described as an LFI due to improper validation of user-supplied input in the HTMLView layout parameter. NVD lists a high/critical exposed impact with a network attack vector and no user interaction required; separate CVSS 4.0 vector also indicates hi...

CVE-2026-48864

A flaw was found in libsolv. This heap buffer overflow occurs during the decompression of attacker-controlled compressed data within .solv files due to insufficient input validation. An attacker can provide a specially crafted .solv file, which, when processed by a vulnerable application, can lea...

CVE-2026-40411

Improper input validation in Azure Virtual Network Gateway allows an authorized attacker to execute code over a network...

CVE-2026-26147

Improper input validation in Azure Compute Gallery allows an authorized attacker to disclose information over a network...

CVE-2026-42586

A flaw was found in Netty, an asynchronous, event-driven network application framework. The Netty Redis codec encoder RedisEncoder does not properly validate or sanitize user-controlled string content for CRLF Carriage Return Line Feed characters. A remote attacker, by controlling the content of ...

Improper Validation of Specified Type of Input

Overview Affected versions of this package are vulnerable to Improper Validation of Specified Type of Input via the loadFromSharedState function. An attacker can cause unauthorized disclosure of information, modification of data, or disruption of service by supplying specially crafted input to th...

CVE-2026-9521

The CVE-2026-9521 affects fraillt bitsery

smallbitvec 输入验证错误漏洞

smallbitvec is a small bit vector implemented as an inline or heap storage mechanism by Servo Open Source. In versions 1.0.1 to 2.6.0 of smallbitvec, there was a vulnerability related to input validation errors. This vulnerability stemmed from integer overflows in internal capacity calculations,...

PT-2026-43295

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Improper validation of user-supplied input leads to a local file inclusion, which allows an attacker to include files on the local server. Recommendations At the...

NVIDIA Display Driver 输入验证错误漏洞

NVIDIA Display Driver is a graphics driver developed by NVIDIA Corporation. NVIDIA Display Driver has a vulnerability related to input validation errors. This vulnerability arises from improper input validation by users within the User Virtual Machine UVM, which may lead to denial-of-service...

Mojolicious::Plugin::Statsd 安全漏洞

Mojolicious::Plugin::Statsd is a plugin developed by Robert Rothenberg, designed to send application metrics to Statsd. Versions of Mojolicious::Plugin::Statsd 0.04 and earlier contain security vulnerabilities. These vulnerabilities arise from the lack of checks for line breaks, colons, or pipes ...

PT-2026-43405

MaxKB is an open-source AI assistant for enterprise. Prior to 2.9.1, SSRF via work flow template Import. Authenticated users can supply arbitrary URLs in work flow template.downloadUrl which are fetched server-side without any URL validation or internal IP filtering. This vulnerability is fixed i...

PT-2026-43627

Name of the Vulnerable Software and Affected Versions tmp affected versions not specified Description The tmp npm package contains a path traversal issue that allows escaping the intended temporary directory when untrusted data is passed into the prefix, postfix, or dir options. By embedding...

Joomla! CMS 路径遍历漏洞

Joomla! CMS is a content management system developed under the open source Joomla! framework. The Joomla! CMS has a path traversal vulnerability, which stems from improper validation of search parameters in the commedia file API endpoints, potentially leading to path traversal attacks...

Joomla! CMS 路径遍历漏洞

Joomla! CMS is a content management system developed under the open source Joomla! framework. Joomla! CMS has a path traversal vulnerability, which stems from improper input validation provided to users, potentially leading to local file inclusion...

PT-2026-43274

Name of the Vulnerable Software and Affected Versions FastNetMon Community Edition versions prior to 1.3.0 Description An OS command injection issue exists in the Juniper router integration plugin. The log function in src/juniper plugin/fastnetmon juniper.php constructs shell commands by...

PT-2026-43338

Name of the Vulnerable Software and Affected Versions NVIDIA Display Driver for Linux affected versions not specified Description A flaw exists in the Unified Video Memory UVM component due to improper input validation. This issue allows a user to trigger a condition that may result in a denial o...

PT-2026-48581

Уязвимость обучающей платформы IQ SCHOOL связана с недостаточной проверкой входных данных. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, получить несанкционированный доступ к защищаемой информации...