Linux Distros Unpatched Vulnerability : CVE-2026-41293

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Input Validation vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from...

PT-2026-40612

Improper Input Validation in the NAT64 translator in The OpenThread Authors OpenThread before commit 26a882d on all platforms allows an attacker on the adjacent IPv4 network to inject corrupted IPv6 packets into the Thread mesh or bypass security checks via crafted IPv4 packets with options...

PT-2026-40715

Name of the Vulnerable Software and Affected Versions go-billy versions prior to v5 Description Multiple components improperly handle crafted or malformed input, which can lead to panics, infinite loops, uncontrolled recursion, or excessive resource consumption. These issues result from...

ShellHub 输入验证错误漏洞

ShellHub is an open-source remote device access and management platform developed by ShellHub. Versions of ShellHub prior to 0.24.2 contained a vulnerability related to input validation errors. This vulnerability stemmed from the device list endpoint accepting user-controlled identifiers as...

Netty 输入验证错误漏洞

Netty is a non-blocking I/O client-server framework developed by the Netty community. It is primarily used for developing Java network applications, such as protocol servers and clients. Versions of Netty prior to 4.2.13.Final and 4.1.133.Final contained a vulnerability related to input validatio...

Palo Alto Networks Broker VM 输入验证错误漏洞

Palo Alto Networks Broker VM is a cloud security broker virtual machine component developed by Palo Alto Networks. There is a vulnerability in the input validation of Palo Alto Networks Broker VM, which allows authenticated administrators to inject arbitrary content into certain fields of the...

SAMSUNG Mobile devices 安全漏洞

Samsung Mobile devices are a series of mobile devices produced by Samsung Electronics in South Korea. This includes smartphones, tablets, etc. Versions of Samsung Mobile devices prior to SMR May-2026 Release 1 contained security vulnerabilities. These vulnerabilities were due to improper input...

PT-2026-40571

Improper input validation in FacAtFunction in Galaxy Watch prior to SMR May-2026 Release 1 allows local attacker to execute arbitrary code with system privilege...

MISP 输入验证错误漏洞

MISP is a set of open-source software solutions developed by MISP. This product is used for collecting, storing, distributing, and sharing network security metrics, and it includes features such as analysis of threats to network security and malware analysis. Prior to MISP 2.5.37, there was a...

About the security content of Safari 26.5

About the security content of Safari 26.5 This document describes the security content of Safari 26.5. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

Exploit for Improper Input Validation in Microsoft

monikerlinktest cve-2024-21413 1. set up tun0 on router via o...

CVE-2026-44262

Scramble generates API documentation for Laravel project. From 0.13.2 to before 0.13.22, when documentation endpoints are publicly accessible and validation rules reference user-controlled input, request supplied data may be evaluated during documentation generation, leading to execution of...

EUVD-2026-29772

CAI Content Credentials versions 0.78.2, 0.7.0 and earlier are affected by an Improper Input Validation vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitatio...

EUVD-2026-29782

CAI Content Credentials versions 0.78.2, 0.7.0 and earlier are affected by an Improper Input Validation vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitatio...

EUVD-2026-29768

CAI Content Credentials versions 0.78.2, 0.7.0 and earlier are affected by an Improper Input Validation vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitatio...

EUVD-2026-29778

CAI Content Credentials versions 0.78.2, 0.7.0 and earlier are affected by an Improper Input Validation vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitatio...

EUVD-2026-29771

CAI Content Credentials versions 0.78.2, 0.7.0 and earlier are affected by an Improper Input Validation vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitatio...

EUVD-2026-29780

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier NEEDS REVIEW: impact mismatch — ticket says 'Arbitrary file system write', CIA triad derives 'Security Feature Bypass'. Verify CVSS vector before publishing. are affected by an Improper Input...

EUVD-2026-29770

CAI Content Credentials versions 0.78.2, 0.7.0 and earlier are affected by an Improper Input Validation vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitatio...

Regular Expression Denial of Service (ReDoS)

Overview Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS through the idna.encode function when processing very large domain name inputs that exploit the validcontexto function before length validation. This is triggered by arbitrarily large inputs th...