CVE-2026-48681

creationtimestamp| type| source ---|---|--- 2026-06-03 17:24:59+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mnfmujjvso2h 2026-06-04 07:33:12+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnh4baodh62p...

CVE-2026-36574

A DLL hijacking vulnerability in Wassimulator GitHub CactusViewer v2.3.0 allows attackers to escalate privileges and execute arbitrary code via a crafted DLL...

CVE-2026-20175

CVE-2026-20175 – Cisco Finesse remote file inclusion vulnerability. An unauthenticated, remote attacker can load arbitrary files into an active user session by sending a crafted HTTP request, potentially enabling browser‑based attacks and execution of script code or access to sensitive informatio...

CVE-2026-20175 Cisco Finesse File Inclusion Vulnerability

A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to load arbitrary files from remote locations into an active user session on an affected device, possibly leading to browser-based attacks. This vulnerability is due to insufficient validation of user-supplied input...

CVE-2026-20233 Cisco Webex Meetings Cross-Site Scripting Vulnerability

A vulnerability in the web-based user interface of Cisco Webex Meetings could have allowed an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack. Cisco has addressed this vulnerability in the Webex Meetings service, and no customer action is needed. This vulnerability...

CVE-2026-20233 Cisco Webex Meetings Cross-Site Scripting Vulnerability

A vulnerability in the web-based user interface of Cisco Webex Meetings could have allowed an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack. Cisco has addressed this vulnerability in the Webex Meetings service, and no customer action is needed. This vulnerability...

CVE-2026-20233

Cisco Webex Meetings web UI vulnerable to cross-site scripting (XSS) due to insufficient input validation. Exploitation requires a user to follow a malicious link, enabling arbitrary script execution in the target’s browser and potential access to browser-based information. Affected: web-based us...

CVE-2026-35716

A stack-based buffer overflow in the motionprivacy.cgi binary in VIVOTEK FD8136 firmware FD8136-VVTK-0300a allows authenticated remote attackers to execute arbitrary code as root via an oversized n1 parameter in a POST request to the /cgi-bin/admin/setpm.cgi, /cgi-bin/admin/setmd.cgi, or...

Cisco Finesse Remote File Inclusion Vulnerability

A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to load arbitrary files from remote locations into an active user session on an affected device, possibly leading to browser-based attacks. This vulnerability is due to insufficient validation of user-supplied input...

CVE-2026-46271

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: do WoW offloads only on primary link In case of multi-link connection, WCN7850 firmware crashes due to WoW offloads enabled on both primary and secondary links. Change to do it only on primary link to fix it...

CVE-2026-46271 wifi: ath12k: do WoW offloads only on primary link

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: do WoW offloads only on primary link In case of multi-link connection, WCN7850 firmware crashes due to WoW offloads enabled on both primary and secondary links. Change to do it only on primary link to fix it...

EUVD-2026-34133

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: do WoW offloads only on primary link In case of multi-link connection, WCN7850 firmware crashes due to WoW offloads enabled on both primary and secondary links. Change to do it only on primary link to fix it...

CVE-2026-46271

CVE-2026-46271 concerns the Linux kernel ath12k Wi‑Fi driver. When a multi‑link connection is active, WoW offloads were enabled on both the primary and secondary links, potentially crashing firmware on WCN7850 devices (denial of service). The fix changes WoW offloads to run only on the primary li...

EUVD-2026-34129

In the Linux kernel, the following vulnerability has been resolved: nfc: hci: shdlc: Stop timers and work before freeing context llcshdlcdeinit purges SHDLC skb queues and frees the llcshdlc structure while its timers and state machine work may still be active. Timer callbacks can schedule smwork...

CVE-2026-46248

CVE-2026-46248 affects the Linux kernel driver stack for wifi/ath12k. The root cause occurs when an arvif is initialized in non-AP STA mode but MLO preparation fails before arvif->is_created becomes true. The error path deletes links only if arvif->is_created is true, leaving a stale ahvif-...

EUVD-2026-34110

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: clear stale link mapping of ahvif-linksmap When an arvif is initialized in non-AP STA mode but MLO connection preparation fails before the arvif is created arvif-iscreated remains false, the error path attempts to...

CVE-2026-46248

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: clear stale link mapping of ahvif-linksmap When an arvif is initialized in non-AP STA mode but MLO connection preparation fails before the arvif is created arvif-iscreated remains false, the error path attempts to...

CVE-2026-46248 wifi: ath12k: clear stale link mapping of ahvif->links_map

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: clear stale link mapping of ahvif-linksmap When an arvif is initialized in non-AP STA mode but MLO connection preparation fails before the arvif is created arvif-iscreated remains false, the error path attempts to...

EUVD-2026-34107

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix dclink NULL handling in HPD init amdgpudmhpdinit may see connectors without a valid dclink. The code already checks dclink for the polling decision, but later unconditionally dereferences it when setting up H...

CVE-2026-46245 drm/amd/display: Fix dc_link NULL handling in HPD init

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix dclink NULL handling in HPD init amdgpudmhpdinit may see connectors without a valid dclink. The code already checks dclink for the polling decision, but later unconditionally dereferences it when setting up H...