CVE-2026-25656

CVE-2026-25656 affects SINEC NMS User Management Component (UMC) across all versions and all SINEC NMS deployments where UMC is

CVE-2026-25656

A vulnerability has been identified in SINEC NMS All versions V4.0 SP3, User Management Component UMC All versions V2.15.2.1. The affected application permits improper modification of a configuration file by a low-privileged user. This could allow an attacker to load malicious DLLs, potentially...

CVE-2026-25655

CVE-2026-25655 affects SINEC NMS prior to 4.0 SP2. The issue is an improper modification of a configuration file by a low-privileged user, which can be exploited to load malicious DLLs and potentially achieve arbitrary code execution with administrative privileges. From the provided data, attack ...

CVE-2026-25655

A vulnerability has been identified in SINEC NMS All versions V4.0 SP2. The affected application permits improper modification of a configuration file by a low-privileged user. This could allow an attacker to load malicious DLLs, potentially leading to arbitrary code execution with administrative...

[SECURITY] Fedora 43 Update: rust-cargo-c-0.10.18-3.fc43

Helper program to build and install c-like libraries...

Siemens SINEC NMS

SUMMARY Multiple Siemens products are affected by two local privilege escalation vulnerabilities which could allow an low privileged attacker to load malicious DLLs, potentially leading to arbitrary code execution with elevated privileges. Siemens has released new versions for the affected...

3lc (>=2.19.0 <=2.21.3), litestar-htmx (>=0.1.0 <=0.3.0) +2 more potentially affected by CVE-2026-25478 via litestar (>=2.0.0b2 <=2.15.2)

litestar PYPI version =2.0.0b2, =2.19.0, =0.1.0, =0.2.0, =0.3.14, =0.3.35 Source cves: CVE-2026-25478 Source advisory: SNYK:PYTHON-LITESTAR-15253000...

Malicious code in @skyeng/libs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f4b92505d9c0107026c2298d6ec8da504657990b61e40754b62b2cb8e1bd5a0b The package @skyeng/libs was found to contain malicious code. Source: ghsa-malware b4801b107979e502d4889dc729885a390ebfc2db995cd1b2fd23d27e09613a1b A...

MAL-2026-816 Malicious code in @skyeng/libs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f4b92505d9c0107026c2298d6ec8da504657990b61e40754b62b2cb8e1bd5a0b The package @skyeng/libs was found to contain malicious code. Source: ghsa-malware b4801b107979e502d4889dc729885a390ebfc2db995cd1b2fd23d27e09613a1b A...

Claude Opus 4.6 Finds 500+ High-Severity Flaws Across Major Open-Source Libraries

Artificial intelligence AI company Anthropic revealed that its latest large language model LLM, Claude Opus 4.6, has found more than 500 previously unknown high-severity security flaws in open-source libraries, including Ghostscript, OpenSC, and CGIF. Claude Opus 4.6, which was launched Thursday,...

CVE-2025-10314 Malicious Code Execution Vulnerability in Mitsubishi Small-Capacity UPS Shutdown Software FREQSHIP-mini for Windows

Incorrect Default Permissions vulnerability in Mitsubishi Electric Corporation FREQSHIP-mini for Windows versions 8.0.0 to 8.0.2 allows a local attacker to execute arbitrary code with system privileges by replacing service executable files EXE or DLLs in the installation directory with specially...

USN-8010-1 python-pip vulnerabilities

Several security issues were discovered in the libraries bundled in pip. An attacker could possibly use these issues to perform a variety of attacks, such as denial of service or arbitrary code execution...

USN-8010-1: pip vulnerabilities

Several security issues were discovered in the libraries bundled in pip. An attacker could possibly use these issues to perform a variety of attacks, such as denial of service or arbitrary code execution...

PT-2026-6329

Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.3 Description iccDEV is a set of libraries and tools for interacting with ICC color management profiles. A stack-buffer-overflow exists in the CIccTagFloatNum::GetValues function when processing a malformed ICC...

Installer for Roland Cloud Manager may insecurely load Dynamic Link Libraries

Overview The installer for Roland Cloud Manager provided by Roland Corporation contains the following vulnerability with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Uncontrolled search path element CWE-427 - CVE-2026-24694 Kazuma Matsumoto of GMO Cybersecurit...

CVE-2026-24694

Roland Cloud Manager, version 3.1.19 and earlier, is affected by an insecure DLL loading issue in its installer that could allow a local attacker to execute arbitrary code with the application’s privileges. Multiple sources corroborate the same description across NVD/Red Hat/CIRCL, with CVSS indi...

EUVD-2026-5263

The installer for Roland Cloud Manager ver.3.1.19 and prior insecurely loads Dynamic Link Libraries DLLs, which could allow an attacker to execute arbitrary code with the privileges of the application...

Roland Cloud Manager 代码问题漏洞

Roland Cloud Manager is a software management platform developed by the Japanese company Roland. Versions of Roland Cloud Manager 3.1.19 and earlier contained code vulnerabilities due to insecure loading of dynamic link libraries. These vulnerabilities could allow attackers to execute arbitrary...

[SECURITY] Fedora 43 Update: openssl-3.5.4-2.fc43

The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols...

[SECURITY] Fedora 42 Update: openssl-3.2.6-3.fc42

The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols...