CLSA-2026-1773308764 Fix CVE(s): CVE-2026-25796, CVE-2026-25798, CVE-2026-25799, CVE-2026-26066

SECURITY UPDATE: denial-of-service via division-by-zero in image loading - debian/patches/CVE-2026-25799.patch: Fix sampling-factor validation by replacing incorrect AND with OR in horizontal/vertical axis checks and prevent acceptance of invalid sampling caused by flawed boolean logic. -...

OPENSUSE-SU-2026:20345-1 Security update for python-lxml_html_clean

This update for python-lxmlhtmlclean fixes the following issues: Changes in python-lxmlhtmlclean: - CVE-2026-28348: improper keywords checking can allow external CSS loading bsc1259378 - CVE-2026-28350: lack of base tag handling can allow the hijacking of the resolution of relative URLs bsc125937...

CLSA-2026-1773225871 Fix CVE(s): CVE-2026-25796, CVE-2026-25798, CVE-2026-25799, CVE-2026-26066

SECURITY UPDATE: division-by-zero during image loading resulting in reliable denial-of-service - debian/patches/CVE-2026-25799.patch: Fix sampling-factor validation by replacing && with || so invalid horizontal or vertical factors trigger an error; cause: incorrect boolean expression required bot...

EUVD-2026-10453

SAP GUI for Windows allows DLL files to be loaded from arbitrary directories within the application. An unauthenticated attacker could exploit this vulnerability by persuading a victim to place a malicious DLL within one of these directories. The malicious command is executed in the victim user's...

Authorization Bypass Through User-Controlled Key

Overview craftcms/commerce is a Craft Commerce Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key through the number parameter in the cart loading process. An attacker can gain unauthorized access to and modify another user's shopping cart by...

CVE-2026-24317

SAP GUI for Windows allows DLL files to be loaded from arbitrary directories within the application. An unauthenticated attacker could exploit this vulnerability by persuading a victim to place a malicious DLL within one of these directories. The malicious command is executed in the victim user's...

Security update for c3p0 and mchange-commons

This update for c3p0 and mchange-commons fixes the following issues: c3p0: Security issues fixed: CVE-2026-27830: Fixed unsafe object deserialization bsc1258942 Fix the null pointer exception in the userOverridesAsString method bsc1259313. mchange-commons: Security issues fixed: CVE-2026-27727:...

SUSE CVE-2026-28348

lxmlhtmlclean is a project for HTML cleaning functionalities copied from lxml.html.clean. Prior to version 0.4.4, the hassneakyjavascript method strips backslashes before checking for dangerous CSS keywords. This causes CSS Unicode escape sequences to bypass the @import and expression filters,...

CVE-2026-24317

SAP GUI for Windows allows DLL files to be loaded from arbitrary directories within the application. An unauthenticated attacker could exploit this vulnerability by persuading a victim to place a malicious DLL within one of these directories. The malicious command is executed in the victim user's...

EulerOS 2.0 SP13 : python3 (EulerOS-SA-2026-1292)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : If the value passed to os.path.expandvars is user-controlled a performance degradation is possible when expanding environment...

SAP GUI for Windows 代码问题漏洞

SAP GUI for Windows is an interface graphical software for Windows developed by the German company SAP. SAP GUI for Windows has a code vulnerability that stems from allowing DLL files to be loaded from any directory within the application. This vulnerability may allow malicious commands to be...

EulerOS 2.0 SP13 : python3 (EulerOS-SA-2026-1256)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : If the value passed to os.path.expandvars is user-controlled a performance degradation is possible when expanding environment...

CVE-2026-30896

The installer for Qsee Client versions 1.0.1 and prior insecurely load Dynamic Link Libraries DLLs. When a user is directed to place some malicious DLL to the same directory and execute the affected installer, then arbitrary code may be executed with the administrative privilege...

Installer for Qsee Client may insecurely load Dynamic Link Libraries

Overview The installer for Qsee Client provided by Qsee contains the following vulnerability with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Uncontrolled search path element CWE-427 - CVE-2026-30896 Kazuma Matsumoto of GMO Cybersecurity by IERAE, Inc. report...

CVE-2026-30896

The installer for Qsee Client versions 1.0.1 and prior insecurely load Dynamic Link Libraries DLLs. When a user is directed to place some malicious DLL to the same directory and execute the affected installer, then arbitrary code may be executed with the administrative privilege...

PT-2026-24013

Name of the Vulnerable Software and Affected Versions Qsee Client versions 1.0.1 and prior Description The Qsee Client installer insecurely loads Dynamic Link Libraries DLLs. A user could be directed to place a malicious DLL in the same directory as the installer and execute it, potentially leadi...

Qsee Client 代码问题漏洞

Qsee Client is a video surveillance management software developed by the American company Qsee. Versions of Qsee Client 1.0.1 and earlier contained code vulnerabilities. These vulnerabilities stemmed from the installer’s insecure loading of dynamic link libraries, which could allow arbitrary code...

CVE-2026-28393

OpenClaw versions 2.0.0-beta3 prior to 2026.2.14 contain a path traversal vulnerability in hook transform module loading that allows arbitrary JavaScript execution. The hooks.mappings.transform.module parameter accepts absolute paths and traversal sequences, enabling attackers with configuration...

Linux Distros Unpatched Vulnerability : CVE-2026-0848

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NLTK versions =3.9.2 are vulnerable to arbitrary code execution due to improper input validation in the StanfordSegmenter module. The module dynamically loads...

📄 c3p0 Insecure Deserialization

A critical vulnerability in c3p0 prior to version 0.12.0 allows attackers to achieve remote code execution through insecure handling of the userOverridesAsString property in several ConnectionPoolDataSource implementations...