NPM: hono: AWS Lambda adapter merges multiple `Set-Cookie` headers into one value, dropping cookies on ALB single-header and Lattice

NPM: hono: AWS Lambda adapter merges multiple Set-Cookie headers into one value, dropping cookies on ALB single-header and Lattice vulnerability discovered by ? in WordPress Npm hono versions 4.12.25...

CVE-2026-5222 affecting package rust for versions less than 1.75.0-30

CVE-2026-5222 affecting package rust for versions less than 1.75.0-30. A patched version of the package is available...

CVE-2026-39834 affecting package nvidia-container-toolkit for versions less than 1.17.8-3

CVE-2026-39834 affecting package nvidia-container-toolkit for versions less than 1.17.8-3. A patched version of the package is available...

EUVD-2026-31913

Chatwoot is a customer engagement suite. From 2.2.0 to before 4.11.2, a SQL injection vulnerability exists in the conversation and contact filter APIs. When filtering by a custom attribute of type date or number using the isgreaterthan or islessthan operators, user-supplied values in the values...

Astra Linux - уязвимость в firefox, thunderbird

When invoking protocol handlers for external protocols, a supplied parameter URL containing spaces was not properly escaped. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 95...

CVE-2026-35469 affecting package keda for versions less than 2.14.1-12

CVE-2026-35469 affecting package keda for versions less than 2.14.1-12. A patched version of the package is available...

CVE-2026-6474 affecting package postgresql for versions less than 16.14-1

CVE-2026-6474 affecting package postgresql for versions less than 16.14-1. An upgraded version of the package is available that resolves this issue...

Vim 操作系统命令注入漏洞

Vim is an open-source, cross-platform text editor developed by Vim developers. Versions of Vim prior to 9.2.0383 contained a vulnerability related to operating system command injection. This vulnerability stemmed from the netrw standard plugin, which allowed for OS command injection. This could...

CVE-2026-40164 affecting package jq for versions less than 1.7.1-5

CVE-2026-40164 affecting package jq for versions less than 1.7.1-5. A patched version of the package is available...

WordPress WowShipping Pro plugin < 1.0.8 - Backdoor vulnerability

Backdoor vulnerability discovered by ? in WordPress Plugin WowShipping Pro versions 1.0.8...

CVE-2026-23228 affecting package kernel for versions less than 5.15.202.1-1

CVE-2026-23228 affecting package kernel for versions less than 5.15.202.1-1. An upgraded version of the package is available that resolves this issue...

PT-2026-33236

Name of the Vulnerable Software and Affected Versions github.com/gomarkdown/markdown affected versions not specified Description Processing malformed input containing a character anywhere in the remaining text using a SmartypantsRenderer can lead to an Out of Bounds read or a panic. This occurs...

CVE-2026-39484

CVE-2026-39484 is a URL redirection to an untrusted site (open redirect) vulnerability in the WordPress plugin Hide My WP Ghost . Affected: Hide My WP Ghost product for WordPress, versions from n/a through

EUVD-2026-15864

Deserialization of Untrusted Data vulnerability in Edge-Themes Kamperen kamperen allows Object Injection.This issue affects Kamperen: from n/a through 1.3...

PT-2026-27915

Name of the Vulnerable Software and Affected Versions skygroup Reebox versions prior to 1.4.8 Description The software contains a flaw due to improper neutralization of input during web page generation, leading to a Reflected Cross-site Scripting XSS condition. This allows for the injection of...

PT-2026-27889

Name of the Vulnerable Software and Affected Versions Goldish versions prior to 3.47 Description An issue exists in Goldish that allows for object injection due to deserialization of untrusted data. Recommendations Update Goldish to version 3.47 or later...

CVE-2026-4687

Sandbox escape due to incorrect boundary conditions in the Telemetry component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

CVE-2026-4111 affecting package libarchive for versions less than 3.6.1-9

CVE-2026-4111 affecting package libarchive for versions less than 3.6.1-9. A patched version of the package is available...

CVE-2026-26018 affecting package coredns for versions less than 1.11.4-15

CVE-2026-26018 affecting package coredns for versions less than 1.11.4-15. A patched version of the package is available...

CVE-2026-26018 affecting package coredns for versions less than 1.11.1-26

CVE-2026-26018 affecting package coredns for versions less than 1.11.1-26. A patched version of the package is available...