61174 matches found
PT-2026-34981
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the NFC LLCP component. In the functions nfc llcp recv hdlc and nfc llcp recv disc, when the socket state is LLCP CLOSED, the code calls release sock and...
D-Link DIR-823X Command Injection Vulnerability
D-Link DIR-823X contains a command injection vulnerability that allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to /goform/setprohibiting via the corresponding function. The impacted product could be end-of-life EoL and/or end-of-service EoS...
Mattermost Server 10.11.x <= 10.11.13 / 11.3.x < 11.3.3 / 11.4.x < 11.4.3 / 11.5.x < 11.5.1 / 11.6.0 Multiple Vulnerabilities (MMSA-2026-00624 / MMSA-2026-00625)
The version of Mattermost Server installed on the remote host is affected by multiple vulnerabilities: - Mattermost versions 10.11.x = 10.11.12, 11.5.x = 11.5.0, 11.4.x = 11.4.2, 11.3.x = 11.3.2 fail to enforce atomic single-use consumption of guest magic link tokens, which allows an attacker wit...
PT-2026-34946
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A duplicate resource teardown occurs in the PCI endpoint pci-epf-vntb. The function epf ntb epc destroy performs a teardown that the caller is already expected to execute. This redundanc...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an error in responding to symbolic link parsing, resulting in out-of-bound read operations due to...
CVE-2026-42601
creationtimestamp| type| source ---|---|--- 2026-04-23 23:42:49+00:00| published-proof-of-concept| https://github.com/ArchiveBox/ArchiveBox/security/advisories/GHSA-3h23-7824-pj8r 2026-05-09 21:15:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlh637ig372e...
CVE-2026-26210
creationtimestamp| type| source ---|---|--- 2026-04-23 23:27:09+00:00| published-proof-of-concept| Telegram/kiTcjsXT1hi2Y3u94e7GhzIuEtNJE-kdjO7sui75MorBPg 2026-04-24 02:03:29+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mk7gpvyqbh2y 2026-04-25 01:10:56+00:00| seen|...
CVE-2026-41336
creationtimestamp| type| source ---|---|--- 2026-04-23 22:27:07+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mk72mzgf5v2q 2026-04-23 23:27:16+00:00| seen| Telegram/IhrbuMncMOQ2aXKn55DBnsRKZnrdzyQXI4i7tcZ3JysOVtE...
GHSA-X4MJ-7F9G-29H4
creationtimestamp| type| source ---|---|--- 2026-04-23 21:26:07+00:00| published-proof-of-concept| Telegram/wY3PGk1V7kusFG8GbDK0g0CtGhXXIm9UsDC-frBku-7BiY...
CVE-2026-4090
creationtimestamp| type| source ---|---|--- 2026-04-23 20:33:06+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mk6ub5fm4m2s...
CVE-2026-41461
creationtimestamp| type| source ---|---|--- 2026-04-23 19:43:13+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mk6rhxj3n62c 2026-04-23 21:25:36+00:00| published-proof-of-concept| Telegram/tS2ffuiIBjg-jG5ou8TlrNJjBU2OGhcKfhZwclhyaQjdHg 2026-05-31 09:37:06+00:00| seen|...
CVE-2026-41460
creationtimestamp| type| source ---|---|--- 2026-04-23 19:43:06+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mk6rhqgrmc2q 2026-04-24 15:21:36+00:00| published-proof-of-concept| Telegram/l8-tUjdZo5KblLOe421TQB8MZuX2H9CaOdWKzaRMJrauLgw 2026-05-31 22:07:08+00:00| seen|...
CVE-2026-40471
creationtimestamp| type| source ---|---|--- 2026-04-23 19:39:10+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mk6rapfj252t 2026-04-24 15:22:14+00:00| seen| Telegram/9MQPqn6NQB4yNQwBhEjQmfZAQamilmjjvNDDQhjtzrN-0VE...
CVE-2026-39087
creationtimestamp| type| source ---|---|--- 2026-04-23 19:36:57+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mk6r4qq7x42n...
CVE-2026-31177
creationtimestamp| type| source ---|---|--- 2026-04-23 19:36:49+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mk6r4jdrn42l...
CVE-2026-6921
creationtimestamp| type| source ---|---|--- 2026-04-23 19:34:26+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mk6qyal3zb2g 2026-04-23 21:25:56+00:00| seen| Telegram/vObnyALXsyXLFJkccB0eoKwgfsCPRSJaAgpRRcRjZAUW0s...
EUVD-2026-25291
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the password reset functionality on cloud.flowiseai.com sends a reset password link over the unsecured HTTP protocol instead of HTTPS. This behavior introduces the risk of a man-in-the-middle...
CVE-2026-42333
creationtimestamp| type| source ---|---|--- 2026-04-23 19:24:06+00:00| published-proof-of-concept| https://github.com/quarkiverse/quarkus-openapi-generator/security/advisories/GHSA-fr8f-rwjx-f32v 2026-05-09 21:27:51+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlh6rs2p632e...
EUVD-2026-25226
SocialEngine versions 7.8.0 and prior contain a blind server-side request forgery vulnerability in the /core/link/preview endpoint where user-supplied input passed via the uri request parameter is not sanitized before being used to construct outbound HTTP requests. Authenticated remote attackers...
EUVD-2026-25235
In hackage-server, user-controlled metadata from .cabal files are rendered into HTML href attributes without proper sanitization, enabling stored Cross-Site Scripting XSS attacks...