EUVD-2025-210362

The default JVM can access files and directories under /tmp/ including the $TemporaryDirectory of other users on the same cloud instance /tmp/UserTemporaryFiles/. The -init file for the the JVM initialization exists in the vulnerable directory during the startup of the JVM. An attacker with acces...

CVE-2026-41523

A flaw was found in vLLM, an inference and serving engine for large language models LLMs. An unauthenticated attacker can exploit an assert-based security check during activation function loading. By publishing a malicious HuggingFace model, an attacker can achieve arbitrary code execution on the...

NocoBase - SQL Injection

NocoBase versions prior to 2.0.39 contain a SQL injection vulnerability in the @nocobase/database package. The queryParentSQL function in eager-loading-tree.ts constructs a recursive CTE query by directly concatenating user-controlled primary key values into the SQL WHERE IN clause without...

OX Appsuite - Cross-Site Scripting

OX App Suite through 7.10.4 allows XSS via the app loading mechanism the PATHINFO to the /appsuite URI. id: CVE-2020-24701 info: name: OX Appsuite - Cross-Site Scripting author: DhiyaneshDk severity: medium description: | OX App Suite through 7.10.4 allows XSS via the app loading mechanism the...

EUVD-2026-38895

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: fix missing run load for vcn0 in attrdatagetblocklocked When a compressed or sparse attribute has its clusters frame-aligned, vcn is rounded down to the frame start using cmask, which can result in vcn != vcn0. In this...

CVE-2025-71361 picklescan - Remote Code Execution via Undetected idlelib.calltip.Calltip.fetch_tip

picklescan before 0.0.29 fails to detect malicious idlelib.calltip.Calltip.fetchtip calls in pickle files, allowing remote code execution. Attackers can embed undetected payloads in pickle files that execute arbitrary code when loaded via pickle.load...

openCryptoki: openCryptoki: Information disclosure and Denial of Service via malformed BER-encoded cryptographic objects

A flaw was found in openCryptoki, a PKCS11 Cryptographic Token Interface Standard library. The BER/DER Basic Encoding Rules/Distinguished Encoding Rules decoding functions in the shared common library do not properly validate attacker-controlled length fields against actual buffer boundaries. Thi...

CVE-2026-56701

Grav before 2.0.0-beta.2 contains an XML external entity injection vulnerability in SVG file upload processing that allows authenticated attackers to read arbitrary files. The application uses simplexmlloadstring without disabling external entity loading, enabling attackers to inject XXE payloads...

CVE-2026-47155

vLLM is an inference and serving engine for large language models LLMs. Prior to 0.22.0, vLLM's revision pinning controls do not consistently apply to all artifacts loaded for a model. A deployment that supplies --revision or --code-revision can still load dynamic code, GGUF files, image...

CVE-2026-47155

CVE-2026-47155 affects vLLM prior to 0.22.0. Description: revision pinning controls do not consistently apply to all artifacts loaded for a model, enabling loading of dynamic code, GGUF files, image processors, retrieval side weights, or same-repository subfolder weights/config from an unpinned/d...

CVE-2026-41523 vLLM: Security Check Bypass via assert Statement in Activation Function Loading Allows Arbitrary Code Execution

vLLM is an inference and serving engine for large language models LLMs. Prior to 0.22.0, an assert-based security check in vLLM's activation function loading allows any unauthenticated attacker to achieve arbitrary code execution on the server by publishing a malicious HuggingFace model, when vLL...

CVE-2026-41523

vLLM prior to 0.22.0 is affected by an assert-based security check in the activation function loading that can permit arbitrary code execution when a malicious HuggingFace model is loaded and vLLM runs in Python optimized mode. The attacker-controlled inputs are the activation function names from...

CVE-2025-71339

Picklescan before 0.0.33 fails to detect the numpy.f2py.crackfortran.evallength gadget in pickle reduce methods, allowing arbitrary code execution. Attackers can craft malicious pickle files that execute arbitrary Python code when loaded by victims who trust Picklescan's safety validation...

CVE-2026-12479

A path traversal vulnerability exists in keras-team/keras 3.14.0, in DiskIOStore.make, due to unsanitized user-provided layer names used to build directory paths (parent components not sanitized). Although forward slashes are restricted, directory traversal sequences can escape the intended tempo...

MAL-2026-6309 Malicious code in @nullzero/urlcat (npm)

@nullzero/urlcat version 1.4.2, published by [email protected] is a trojanized npm package belonging to the wshu.net credential-stealer campaign. The campaign published trojanized look-alike utility packages across 12+ scopes whose publisher accounts all follow the pattern [email protected], with...

atril: evince: xreader: PDF /GoToR action argv injection enables single-click RCE via --gtk-module dlopen

A flaw was found in Atril, Evince and Xreader. A malicious link inside a specially crafted PDF document can cause arbitrary code execution when clicked due to improper quoting of attacker-controlled PDF link-destination fields during remote go-to /GoToR actions. This issue allows an attacker to...

kernel: rxrpc: Fix RxGK token loading to check bounds

A flaw was found in the Linux kernel's rxrpc subsystem. An unprivileged local user could exploit an integer overflow vulnerability in the rxrpcpreparsexdryfsrxgk function. This flaw occurs when processing specially crafted key and ticket lengths, causing an incorrect memory allocation size...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Module: Fix eshstrndx.shsize=0 OOB access It is trivial to create a module that triggers OOB access with the following code: if info-secstringsstrhdr-shsize – 1 != '\0' Bug: Unable to handle page faults for the address:...

Astra Linux – Vulnerability in zsh

In Zsh before version 5.8, attackers who were able to execute commands could regain privileges lost due to the --no-PRIVILEGED option. Zsh failed to overwrite the saved user ID, so the original privileges could be restored by executing MODULEPATH=/dir/with/module zmodload with a module that calls...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Remove the user-triggered WARN message emitted by nestedsvmloadcr3. Remove the WARN message generated by svmsetnestedstate in nestedsvmloadcr3 failure cases. This message can be easily triggered from userspace by...