PT-2026-5477

Name of the Vulnerable Software and Affected Versions RM Downloader version 2.50.60 Description RM Downloader version 2.50.60 contains a local buffer overflow issue in the Load parameter. This allows attackers to execute arbitrary code by overwriting memory. An attacker can create a malicious...

📄 Zabbix Agent Binaries 7.4 OpenSSL Path Scanner

This tool performs static analysis on Zabbix Agent binaries to identify hardcoded OpenSSL paths such as OPENSSLDIR, ENGINESDIR, and MODULESDIR. It leverages strings and radare2 to extract embedded configuration paths, OpenSSL version information, and indicators of dynamic engine or module loading...

GHSA-QH4C-XF7M-GXFC vLLM vulnerable to Server-Side Request Forgery (SSRF) through MediaConnector

Summary A Server-Side Request Forgery SSRF vulnerability exists in the MediaConnector class within the vLLM project's multimodal feature set. The loadfromurl and loadfromurlasync methods obtain and process media from URLs provided by users, using different Python parsing libraries when restrictin...

Infinite Loop Denial of Service via Circular Dependencies in Functional Model Deserialization

Description A vulnerability in keras.src.models.functional.functionalfromconfig allows a Denial of Service DoS attack via an infinite loop. When reconstructing a Functional model from a configuration e.g., via keras.models.loadmodel, the deserialization logic fails to detect or break out of...

CVE-2026-24779

vLLM is an inference and serving engine for large language models LLMs. Prior to version 0.14.1, a Server-Side Request Forgery SSRF vulnerability exists in the MediaConnector class within the vLLM project's multimodal feature set. The loadfromurl and loadfromurlasync methods obtain and process...

Deserialization of Untrusted Data

Overview torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the loadstatedict function, used during unpickling. An attacker can corrupt heap memory by convincing a user to...

CVE-2026-24738

gmrtd is a Go library for reading Machine Readable Travel Documents MRTDs. Prior to version 0.17.2, ReadFile accepts TLVs with lengths that can range up to 4GB, which can cause unconstrained resource consumption in both memory and cpu cycles. ReadFile can consume an extended TLV with lengths well...

CVE-2026-20613

The ArchiveReader.extractContents function used by cctl image load and container image load performs no pathname validation before extracting an archive member. This means that a carelessly or maliciously constructed archive can extract a file into any user-writable location on the system using...

[SECURITY] Fedora 43 Update: bind-dyndb-ldap-11.11-10.fc43

This package provides an LDAP back-end plug-in for BIND. It features support for dynamic updates and internal caching, to lift the load off of your LDAP server...

GHSA-VC8C-J3XM-XJ73 Wasmtime segfault or unused out-of-sandbox load with f64.copysign operator on x86-64

On x86-64 platforms with AVX Wasmtime's compilation of the f64.copysign WebAssembly instruction with Cranelift may load 8 more bytes than is necessary. When signals-based-traps are disabled this can result in a uncaught segfault due to loading from unmapped guard pages. With guard pages disabled...

CVE-2026-1449

A flaw has been found in Hisense TransTech Smart Bus Management System up to 20260113. Affected is the function PageLoad of the file YZSoft/Forms/XForm/BM/BusComManagement/TireMng.aspx. Executing a manipulation of the argument key can lead to sql injection. It is possible to launch the attack...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005095)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005095 advisory. In the Linux kernel, the following vulnerability has been resolved: media: xc2028: avoid use-after-free in loadfirmwarecb syzkaller reported use-after-free in...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005112)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005112 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: validate nvmelocalport correctly The driver load failed with error message, qla2xx...

CVE-2026-1449 Hisense TransTech Smart Bus Management System TireMng.aspx Page_Load sql injection

A flaw has been found in Hisense TransTech Smart Bus Management System up to 20260113. Affected is the function PageLoad of the file YZSoft/Forms/XForm/BM/BusComManagement/TireMng.aspx. Executing a manipulation of the argument key can lead to sql injection. It is possible to launch the attack...

CVE-2026-1449 Hisense TransTech Smart Bus Management System TireMng.aspx Page_Load sql injection

A flaw has been found in Hisense TransTech Smart Bus Management System up to 20260113. Affected is the function PageLoad of the file YZSoft/Forms/XForm/BM/BusComManagement/TireMng.aspx. Executing a manipulation of the argument key can lead to sql injection. It is possible to launch the attack...

CVE-2026-1449

CVE-2026-1449 affects Hisense TransTech Smart Bus Management System up to 20260113. The vulnerability is in YZSoft/Forms/XForm/BM/BusComManagement/TireMng.aspx, Page_Load, where manipulation of the request argument key can trigger a SQL injection. Remote exploitation is possible, and an exploit h...

CVE-2026-1449

A flaw has been found in Hisense TransTech Smart Bus Management System up to 20260113. Affected is the function PageLoad of the file YZSoft/Forms/XForm/BM/BusComManagement/TireMng.aspx. Executing a manipulation of the argument key can lead to sql injection. It is possible to launch the attack...

RUSTSEC-2026-0006 Wasmtime segfault or unused out-of-sandbox load with `f64.copysign` operator on x86-64

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-vc8c-j3xm-xj73 For more information see the GitHub-hosted security advisory...

EUVD-2026-4627

In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Clear XSTATEBVi in guest XSAVE state whenever XFDi=1 When loading guest XSAVE state via KVMSETXSAVE, and when updating XFD in response to a guest WRMSR, clear XFD-disabled features in the saved or to be restored XSTATEBV...

CVE-2026-0766

Open WebUI loadtoolmodulebyid Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Open WebUI. Authentication is required to exploit this vulnerability. The specific flaw exists within the...