CVE-2026-41952

Local privilege escalation due to improper input validation. The following products are affected: Acronis DeviceLock DLP Windows before build 9.0.93212, Acronis Cyber Protect Cloud Agent Windows before build 42183...

CVE-2026-41952

CVE-2026-41952 : Local privilege escalation in Acronis products due to improper input validation. Affected on Windows: DeviceLock DLP before build 9.0.93212 and Cyber Protect Cloud Agent before build 42183. CVSSv3.0: LOCAL attack, LOW complexity, LOW privileges, NO user interaction; impacts inclu...

CVE-2026-41952

Local privilege escalation due to improper input validation. The following products are affected: Acronis DeviceLock DLP Windows before build 9.0.93212, Acronis Cyber Protect Cloud Agent Windows before build 42183...

EUVD-2026-26234

Local privilege escalation due to improper input validation. The following products are affected: Acronis DeviceLock DLP Windows before build 9.0.93212, Acronis Cyber Protect Cloud Agent Windows before build 42183...

CVE-2025-10503

The authentication endpoint accepts user-supplied input without enforcing expected validation constraints, leading to a lack of proper output encoding. This allows for the injection of malicious JavaScript payloads, enabling reflected cross-site scripting. An attacker can leverage this...

CLSA-2026-1777452099 nettle: Fix of CVE-2021-3580

CVE-2021-3580: add input validation to RSA decrypt family and length check to pkcs1secdecrypt...

CLSA-2026-1777451834 nettle: Fix of CVE-2021-3580

CVE-2021-3580: add input validation to RSA decrypt family and length check to pkcs1secdecrypt...

CVE-2025-10503

WSO2 Identity Server: CVE-2025-10503 is a reflected cross-site scripting flaw in the authentication endpoint caused by insufficient output encoding for user-supplied input. This allows injection of malicious JavaScript payloads that can redirect users, alter the UI, or retrieve information from t...

EUVD-2025-209586

The authentication endpoint accepts user-supplied input without enforcing expected validation constraints, leading to a lack of proper output encoding. This allows for the injection of malicious JavaScript payloads, enabling reflected cross-site scripting. An attacker can leverage this...

Improper Input Validation

org.springframework.security:spring-security-oauth2-authorization-server is vulnerable to Improper Input Validation. The vulnerability is due to insufficient validation of client metadata fields during dynamic client registration, which allows an attacker to register a malicious client and exploi...

CVE-2026-7345

An insufficient validation of untrusted input flaw was found in the Feedback component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=502248774...

EnTech Taiwan TVicPort 输入验证错误漏洞

EnTech Taiwan TVicPort is a driver development component provided by EnTech Taiwan, which allows users to access hardware ports and control underlying devices. There are input validation vulnerabilities in the EnTech Taiwan TVicPort Product v4.0 version and File v5.2.1.0 version. These...

wget2 输入验证错误漏洞

wget2 is a network file retrieval tool from the American GNU community that supports high-performance concurrent downloads and modern protocol features. wget2 has a vulnerability related to input validation. This vulnerability arises from accepting server certificates with incorrect key purposes ...

Acronis Cyber Protect Cloud Agent和Acronis DeviceLock DLP 安全漏洞

Acronis Cyber Protect Cloud Agent and Acronis DeviceLock DLP are both products of the Swiss company Acronis. Acronis Cyber Protect Cloud Agent is a cloud-based agent. Acronis DeviceLock DLP is a terminal security protection system designed to control peripheral access and prevent data breaches...

PT-2026-35926

Local privilege escalation due to improper input validation. The following products are affected: Acronis DeviceLock DLP Windows before build 9.0.93212, Acronis Cyber Protect Cloud Agent Windows before build 42183...

PT-2026-35925

Local privilege escalation due to improper input validation. The following products are affected: Acronis DeviceLock DLP Windows before build 9.0.93212, Acronis Cyber Protect Cloud Agent Windows before build 42183...

libsndfile 输入验证错误漏洞

libsndfile is an open-source AC library used for reading and writing sound files containing sampled audio data. Version 1.2.2 of libsndfile contains a vulnerability related to input validation errors. This vulnerability stems from integer overflows in the IMA ADPCM codec, which may lead to heap...

ROS-20260429-73-0041

A vulnerability in the incoming traffic controller in a Kubernetes ingress-nginx cluster is related to insufficient input validation. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code...

ROS-20260429-73-0040

A vulnerability in the incoming traffic controller in the Kubernetes ingress-nginx cluster is related to flaws in the input validation mechanism. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

CVE-2026-7360

Insufficient validation of untrusted input. in Compositing in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...