CVE-2026-8113

creationtimestamp| type| source ---|---|--- 2026-05-08 01:20:29+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlcktwnxfo2k...

CVE-2026-8106

creationtimestamp| type| source ---|---|--- 2026-05-08 01:16:43+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlckn6rszr2e...

CVE-2026-41929

creationtimestamp| type| source ---|---|--- 2026-05-08 01:02:47+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlcjubv62j2n...

CVE-2026-3480

creationtimestamp| type| source ---|---|--- 2026-05-08 00:33:07+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mlci76zisw2i...

GHSA-V7QW-HX66-4W9X

creationtimestamp| type| source ---|---|--- 2026-05-08 00:10:29+00:00| seen| https://gist.github.com/alon710/02ced0e410eaef25c3c5fc6010a5eb1d...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ceph asynchronous unlink operation reducing the inlink counter prematurely before it is...

PT-2026-39263

Name of the Vulnerable Software and Affected Versions MCP Registry versions prior to 1.7.7 Description The public catalogue UI served at the 'GET /' endpoint is subject to stored cross-site scripting. This occurs via the server.websiteUrl field of published server.json files. The server-side...

PT-2026-39294

Name of the Vulnerable Software and Affected Versions Open WebUI versions 0.3.5 through 0.8.12 Description A stored cross-site scripting XSS issue allows authenticated users with model creation permissions workspace.models to execute arbitrary JavaScript in the browsers of other users, including...

Lemmy 代码问题漏洞

Lemmy is open-source software developed by Lemmy, used for building social news aggregators and web forums. Versions of Lemmy prior to 0.19.18 had code vulnerabilities. These vulnerabilities stemmed from the lack of mechanisms to reject loops, private links, or link-local targets when creating li...

SysReptor 安全漏洞

SysReptor is an open-source penetration testing report platform developed by Syslifters. Versions of SysReptor from 2026.4 to 2026.27 contained security vulnerabilities. These vulnerabilities stemmed from improper authorization at the endpoints when reading and creating personal note-sharing link...

PT-2026-38893

Name of the Vulnerable Software and Affected Versions Auto Affiliate Links versions prior to 6.8.9 Description The plugin is subject to Stored Cross-Site Scripting due to insufficient input sanitization of the url POST parameter within the aal url stats save action function and a lack of output...

PT-2026-39201

Name of the Vulnerable Software and Affected Versions SolidCAM-GPPL-IDE versions 1.0.0 through 1.0.1 Description The GpplDocumentLinkHandler resolves the filename directive in GPPL postprocessor files into clickable links. The handler accepts arbitrary absolute, relative, UNC, and subfolder paths...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the serial CAIF component not properly holding the tty-link reference during operations like...

PT-2026-39043

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A deadlock can occur in the batman-adv module when the batadv v elp get throughput function is called while the RTNL Routing Netlink lock is already held. This specifically happens when ...

PT-2026-39119

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A slab-use-after-free issue exists in the Linux kernel's caif serial line discipline. The problem occurs when the TX path calls tty write room, leading to a faulting access on...

Linux Distros Unpatched Vulnerability : CVE-2026-43458

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - serial: caif: hold tty-link reference in ldiscopen and serrelease A reproducer triggers a KASAN slab- use-after-free in ptywriteroom when caifserial's TX path...

PT-2026-39284

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.0 Description The AccountPending.svelte component renders admin-configured "Pending User Overlay Content" using marked.parse inside @html with an incorrect DOMPurify application order. DOMPurify is applied to t...

CVE-2026-44581

creationtimestamp| type| source ---|---|--- 2026-05-07 23:40:51+00:00| seen| https://bsky.app/profile/securestep9.bsky.social/post/3mlcfbrg7m62h...

CVE-2026-7891

creationtimestamp| type| source ---|---|--- 2026-05-07 23:24:46+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlceez7izf2i 2026-05-08 01:30:28+00:00| seen| https://infosec.exchange/users/offseq/statuses/116536365967570800 2026-05-08 01:30:29+00:00| seen|...

CVE-2026-42225

creationtimestamp| type| source ---|---|--- 2026-05-07 23:00:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlccz54qx72k...