58780 matches found
EUVD-2026-34189
An out-of-bounds read vulnerability in the morse.ko HaLow Wi-Fi kernel driver in Morse Micro HaLowLink 2 software versions prior to 2.11.12 allows an unauthenticated attacker within radio range to disclose a small amount of kernel heap memory or cause a Denial of Service kernel oops/panic via a...
CVE-2026-7764 Out-of-bounds read in morse.ko Vendor IE processing
An out-of-bounds read vulnerability in the morse.ko HaLow Wi-Fi kernel driver in Morse Micro HaLowLink 2 software versions prior to 2.11.12 allows an unauthenticated attacker within radio range to disclose a small amount of kernel heap memory or cause a Denial of Service kernel oops/panic via a...
CVE-2026-45282
A flaw was found in Nextcloud Server. An authenticated attacker, by knowing a share token and a document ID, could access attachments of link shares. This circumvents password protection or download restrictions, leading to the disclosure of sensitive information from attachments. Mitigation...
CVE-2026-35078
creationtimestamp| type| source ---|---|--- 2026-06-04 00:00:51+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mngcyeoy6b2f...
PT-2026-46863
Summary The /api/ action/media/external-link endpoint allows authenticated admin users to make server-side HTTP HEAD requests to arbitrary internal IP addresses. While the parallel uploadFromURL flow validates target IPs against private/reserved ranges via FileUrlValidator, the linkURL flow only...
PT-2026-46889
Summary The /api/ action/media/external-link endpoint allows authenticated admin users to make server-side HTTP HEAD requests to arbitrary internal IP addresses. While the parallel uploadFromURL flow validates target IPs against private/reserved ranges via FileUrlValidator, the linkURL flow only...
PT-2026-46313
Name of the Vulnerable Software and Affected Versions SQLite sqldiff.exe versions prior to 2025-12-26 Description The sqldiff.exe utility does not securely handle the conversion of Unicode characters to ANSI codepages by the Microsoft Windows C runtime. An attacker can exploit this by using the...
PT-2026-46546
Inappropriate implementation in Link Preview in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...
GHSA-HG6J-4RV6-33PG
creationtimestamp| type| source ---|---|--- 2026-06-03 23:40:58+00:00| seen| https://gist.github.com/alon710/9df1d7e2f4cb5ed041eded527313ebbc...
GHSA-F9RX-7WF7-JR36
creationtimestamp| type| source ---|---|--- 2026-06-03 22:11:20+00:00| seen| https://gist.github.com/alon710/067712fc0b9798c132c204b55ab42a44...
GHSA-8X6R-G9MW-2R78
creationtimestamp| type| source ---|---|--- 2026-06-03 21:41:07+00:00| seen| https://gist.github.com/alon710/7cf799e784cb7e5d54b5d97af1f62323...
CVE-2026-42061
creationtimestamp| type| source ---|---|--- 2026-06-03 21:13:09+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnfzmjdcsq23...
GHSA-2J2X-HQR9-3H42
creationtimestamp| type| source ---|---|--- 2026-06-03 21:10:57+00:00| seen| https://gist.github.com/alon710/c225f7d330b57c3901ac40c39f91bf81...
CVE-2026-50033
creationtimestamp| type| source ---|---|--- 2026-06-03 21:05:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnfz6353js2c...
CVE-2026-8876
creationtimestamp| type| source ---|---|--- 2026-06-03 21:01:43+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnfyy3qp6c27...
CVE-2026-36576
creationtimestamp| type| source ---|---|--- 2026-06-03 21:00:47+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mnfyvv5bcj2l...
CVE-2026-8889
creationtimestamp| type| source ---|---|--- 2026-06-03 20:47:00+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnfy5rkg2o2x...
CVE-2026-8881
creationtimestamp| type| source ---|---|--- 2026-06-03 20:43:21+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnfxxaazmw2g...
CVE-2026-46775
creationtimestamp| type| source ---|---|--- 2026-06-03 20:37:05+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mnfxlzyask2e...
CVE-2026-46245
A flaw was found in the Linux kernel's AMD GPU display driver. The amdgpudmhpdinit function, responsible for Hot-Plug Detect HPD initialization, may attempt to dereference a null dclink when handling certain connectors. This unconditional dereference can lead to a system crash, allowing a local...