BIT-TOMCAT-2026-32990 Apache Tomcat: Fix for CVE-2025-66614 is incomplete

Improper Input Validation vulnerability in Apache Tomcat due to an incomplete fix of CVE-2025-66614. This issue affects Apache Tomcat: from 11.0.15 through 11.0.19, from 10.1.50 through 10.1.52, from 9.0.113 through 9.0.115. Users are recommended to upgrade to version 11.0.20, 10.1.53 or 9.0.116,...

CVE-2026-21003

Improper input validation in data related to network restrictions prior to SMR Apr-2026 Release 1 allows physical attackers to bypass the restrictions...

CVE-2026-21010

CVE-2026-21010 describes an improper input validation issue in Samsung Retail Mode prior to SMR Apr-2026 Release 1. The vulnerability allows a local attacker to trigger privileged functions, with confidentiality, integrity, and availability impact reported as high. Public details point to affecte...

CVE-2026-21010

Improper input validation in Retail Mode prior to SMR Apr-2026 Release 1 allows local attackers to trigger privileged functions...

CVE-2026-21010

Improper input validation in Retail Mode prior to SMR Apr-2026 Release 1 allows local attackers to trigger privileged functions...

CVE-2026-21010

Improper input validation in Retail Mode prior to SMR Apr-2026 Release 1 allows local attackers to trigger privileged functions...

CVE-2026-21003

Improper input validation in data related to network restrictions prior to SMR Apr-2026 Release 1 allows physical attackers to bypass the restrictions...

CVE-2026-21003

Improper input validation in data related to network restrictions prior to SMR Apr-2026 Release 1 allows physical attackers to bypass the restrictions...

CVE-2026-21003

CVE-2026-21003 describes improper input validation of data related to network restrictions before SMR Apr-2026 Release 1, enabling physical attackers to bypass those restrictions. The impact in the provided metrics shows no confidentiality impact, high integrity and availability impact, with phys...

CVE-2026-21003

Improper input validation in data related to network restrictions prior to SMR Apr-2026 Release 1 allows physical attackers to bypass the restrictions...

SAMSUNG Mobile devices 安全漏洞

Samsung Mobile devices are a series of mobile devices produced by South Korea’s Samsung Corporation, including smartphones and tablets. There are security vulnerabilities in Samsung Mobile Devices, which stem from improper input validation. These vulnerabilities may allow local attackers to trigg...

PT-2026-32412

GitLab has remediated an issue in GitLab EE affecting all versions from 18.2 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an authenticated user to cause denial of service to the GitLab instance due to improper input validation in GraphQL queries...

ChurchCRM 输入验证错误漏洞

ChurchCRM is an open-source CRM system developed for churches. Versions of ChurchCRM prior to 7.0.0 contained a vulnerability related to input validation errors. This vulnerability stemmed from redirect links, which could cause authenticated users to be redirected to any URL specified by the...

PT-2026-32241

Improper input validation in data related to network restrictions prior to SMR Apr-2026 Release 1 allows physical attackers to bypass the restrictions...

Linux Distros Unpatched Vulnerability : CVE-2026-1101

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab EE affecting all versions from 18.2 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed...

SAMSUNG Mobile devices 安全漏洞

Samsung Mobile devices are a series of mobile devices produced by South Korea’s Samsung Corporation, including smartphones and tablets. There are security vulnerabilities in Samsung Mobile Devices, which stem from improper validation of data input during network restrictions. This could allow...

Snipe-IT 安全漏洞

Snipe-IT is a set of open-source IT asset/license management systems developed by Grokability. Versions of Snipe-IT from v8.3.0 to v8.3.1 contain security vulnerabilities. These vulnerabilities stem from insufficient input validation for the Name and Surname fields, which may lead to cross-site...

Ubiquiti UniFi Play PowerAmp和Ubiquiti UniFi Play Audio Port 安全漏洞

Both the Ubiquiti UniFi Play PowerAmp and the Ubiquiti UniFi Play Audio Port are products of the American company Ubiquiti. The Ubiquiti UniFi Play PowerAmp is a home audio control device that supports multi-room audio distribution and amplifier integration. The Ubiquiti UniFi Play Audio Port is ...

OpenJPEG 输入验证错误漏洞

OpenJPEG is an open-source JPEG2000 encoding and decoding library based on C language, developed by the Université catholique de Louvain. Versions of OpenJPEG 2.5.4 and earlier contained a vulnerability related to input validation errors. This vulnerability stemmed from integer overflow in the...

PT-2026-32534

Name of the Vulnerable Software and Affected Versions UniFi Play PowerAmp versions prior to 1.0.38 UniFi Play Audio Port versions prior to 1.1.9 Description Improper Input Validation issues could allow a malicious actor with access to the UniFi Play network to perform Command Injection...