Security Bulletin: NVIDIA KAI Scheduler - April 2026

NVIDIA has released a software update for NVIDIA® KAI Scheduler. To protect your system, clone or update this software to KAI Scheduler v0.13.0 or later from the KAI-Scheduler GitHub repo. Go to NVIDIA Product Security. Details The following table summarizes the potential vulnerabilities that thi...

CVE-2026-6328

Improper input validation, Improper verification of cryptographic signature vulnerability in XQUIC Project XQUIC xquic on Linux QUIC protocol implementation, packet processing module, STREAM frame handler modules allows Protocol Manipulation.This issue affects XQUIC: through 1.8.3...

CVE-2026-6328 XQUIC Improper STREAM Frame Validation in Initial/Handshake Packets

Improper input validation, Improper verification of cryptographic signature vulnerability in XQUIC Project XQUIC xquic on Linux QUIC protocol implementation, packet processing module, STREAM frame handler modules allows Protocol Manipulation.This issue affects XQUIC: through 1.8.3...

PT-2026-33006

Name of the Vulnerable Software and Affected Versions XQUIC versions prior to 1.8.3 Description Improper input validation and improper verification of cryptographic signatures in the QUIC protocol implementation, specifically within the packet processing module and STREAM frame handler modules,...

Linux Distros Unpatched Vulnerability : CVE-2026-34941

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, Wasmtime contains a vulnerability where when transcoding a UTF-16 string to...

Linux Distros Unpatched Vulnerability : CVE-2019-25656

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - R i386 3.5.0 contains a local buffer overflow vulnerability in the GUI Preferences dialog that allows local attackers to trigger a structured exception handler...

CVE-2026-5485 OS command injection in Amazon Athena ODBC driver on Linux

OS command injection in the browser-based authentication component in Amazon Athena ODBC driver before 2.0.5.1 on Linux might allow a threat actor to execute arbitrary code by using specially crafted connection parameters that are loaded by the driver during a local user-initiated connection. To...

Security Bulletin: NVIDIA BioNeMo Framework - March 2026

NVIDIA has released a software update for NVIDIA® BioNeMo Framework. To protect your system, clone or update this software to include commit e5e58c8 or later from the NVIDIA/BioNeMo Framework GitHub repo. Go to NVIDIA Product Security. Details The following table summarizes the potential...

Exploit for Out-of-bounds Write in Starnight Micro_Http_Server

💥 CVE-2023-50965 — Stack Buffer Overflow Exploit Linux Proo...

Linux Distros Unpatched Vulnerability : CVE-2026-22248

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. From 11.0.0 t...

EUVD-2026-10492

SQL Injection CWE-89 in the system configuration module in Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 on Linux allows remote attackers to execute arbitrary SQL commands and potentially achieve remote code execution via specially crafted SQL requests...

KB5077474 - Description of the security update for SQL Server 2016 SP3 GDR: March 10, 2026

KB5077474 - Description of the security update for SQL Server 2016 SP3 GDR: March 10, 2026 Summary Improvements and fixes included in this update How to obtain and install the update More information File information Information about protection and security Summary This security update contains...

Microsoft .NET 缓冲区错误漏洞

Microsoft .NET is a software framework developed by Microsoft Corporation in the United States. It focuses on agile software development, rapid application development, platform independence, and network transparency. There is a buffer error vulnerability in Microsoft .NET. Attackers can exploit...

EUVD-2026-9829

Cleartext Transmission of Sensitive Information vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android Heartbeat sync loop modules allows Sniffing Attacks. This vulnerability is associated with program files src/hbbshttp/sync.Rs and program routine...

CVE-2025-59784 Log Pollution - Control Characters Not Escaped

2N Access Commander version 3.4.1 and prior is vulnerable to log pollution. Certain parameters sent over API may be included in the logs without prior validation or sanitisation. This vulnerability can only be exploited after authenticating with administrator privileges...

CVE-2026-3351

CVE-2026-3351 : In Canonical LXD 6.6 on Linux, an improper authorization flaw in the API endpoint GET /1.0/certificates lets an authenticated, restricted user enumerate all certificate fingerprints trusted by the LXD server. The CVSS score is 5.3 (Medium); attack vector is network, with low attac...

Exploit for CVE-2026-27574

CVE-2026-27574-OneUptime-RCE !Authorhttps://img.shields.io/...

Exploit for Argument Injection in Gnu Inetutils

!Authorhttps://img.shields.io/badge/Author-Mohammed%20Idrees%...

CVE-2025-33130

IBM DB2 Merge Backup for Linux, UNIX and Windows 12.1.0.0 could allow an authenticated user to cause the program to crash due to a buffer being overwritten when it is allocated on the stack...

IBM Db2 Denial of Service Vulnerability (CNVD-2026-14678)

IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. A denial of service vulnerability exists in IBM Db2, which arises from improper neutralization of speci...