CVE-2026-40251

Incus is a system container and virtual machine manager. In versions before 7.0.0, missing validation logic in the storage volume import logic allows an authenticated user with access to the storage volume feature to cause the Incus daemon to crash. The backup restore subsystem contains an...

PT-2026-37103

Name of the Vulnerable Software and Affected Versions Incus versions prior to 7.0.0 Description Missing validation logic in the storage volume import logic allows an authenticated user with access to the storage volume feature to cause the Incus daemon to crash. The backup restore subsystem and t...

CVE-2026-27815

CVE-2026-27815 affects EVerest EV charging stack. Prior to 2026.02.0, the function ISO15118_chargerImpl::handle_session_setup copies a variable-length payment_options list into a fixed-size array of length 2 without bounds checking. With default schema validation disabled, oversized MQTT Cmd payl...

CVE-2025-36917

In SwDcpItg of upL2commonPdcpSecurity.cpp, there is a possible denial of service due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

Linux eBPF ALU32 32-bit Invalid Bounds Tracking LPE

Linux kernels from 5.7-rc1 prior to 5.13-rc4, 5.12.4, 5.11.21, and 5.10.37 are vulnerable to a bug in the eBPF verifier's verification of ALU32 operations in the scalar32minmaxand function when performing AND operations, whereby under certain conditions the bounds of a 32 bit register would not b...

Oracle Secure Backup NDMP_CONECT_CLIENT_AUTH Command Buffer Overflow Vulnerability

Oracle Secure Backup NDMPCONECTCLIENTAUTH Command Buffer Overflow Vulnerability 2009.January.13 Fortinet's FortiGuard Global Security Research Team Discovers Vulnerability in Oracle Secure Backup Summary: ======== A Buffer Overflow vulnerability exists Oracle Secure Backup 10.2.0.2 through a...