TCLBANKER Banking Trojan Targets Financial Platforms via WhatsApp and Outlook Worms

Threat hunters have flagged a previously undocumented Brazilian banking trojan dubbed TCLBANKER that's capable of targeting 59 banking, fintech, and cryptocurrency platforms. The activity is being tracked by Elastic Security Labs under the moniker REF3076. The malware family is assessed to be a...

Exploit for Write-what-where Condition in Linux Linux_Kernel

Dirty Frag mitigation script This script: 1. Block...

Unity Linux 20.1060a Security Update: kernel (UTSA-2026-016777)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016777 advisory. In the Linux kernel, the following vulnerability has been resolved: hfsplus: Verify inode mode when loading from disk syzbot is reporting that SIFMT bits of...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that the entry point check during kexec loading of purgatory may match multiple executable...

Postprocessor IDE for SolidCAM 资源管理错误漏洞

Postprocessor IDE for SolidCAM is a GPPL language development support tool developed by Andrey Zorin. Versions of Postprocessor IDE for SolidCAM from 1.0.0 to 1.0.2 contained a resource management vulnerability. This vulnerability arose from the language server’s parsing of.vmid files in the same...

Magnitude Simba Amazon Redshift JDBC Driver 安全漏洞

The Magnitude Simba Amazon Redshift JDBC Driver is a JDBC driver provided by the American company Magnitude. It enables database connection through the standard JDBC Application Programming Interface API available in the Java Platform Enterprise Edition. Versions of the Magnitude Simba Amazon...

com.mchange/mchange-commons-java: mchange-commons-java: Arbitrary code execution via JNDI dereferencing of crafted objects

A flaw was found in mchange-commons-java, a Java utility library. An attacker can exploit this vulnerability by providing a maliciously crafted javax.naming.Reference or serialized object to an application using the library. This can provoke the application to download and execute arbitrary...

Unsafe Deserialization

Apache MINA is vulnerable to Unsafe Deserialization. The vulnerability is due to incomplete enforcement of a classname allowlist in AbstractIoBuffer.resolveClass, where certain branches e.g., for primitive or static classes bypass validation and call Class.forName without checks, allowing attacke...

CVE-2026-41640 NocoBase Vulnerable to SQL Injection via String Concatenation in Recursive Eager Loading

NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to version 2.0.39, the queryParentSQL function in the core database package constructs a recursive CTE query by joining nodeIds with string concatenation instead of using...

EUVD-2026-28261

NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to version 2.0.39, the queryParentSQL function in the core database package constructs a recursive CTE query by joining nodeIds with string concatenation instead of using...

CVE-2026-41640 NocoBase Vulnerable to SQL Injection via String Concatenation in Recursive Eager Loading

NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to version 2.0.39, the queryParentSQL function in the core database package constructs a recursive CTE query by joining nodeIds with string concatenation instead of using...

CVE-2026-41640

NocoBase CVE-2026-41640 describes an SQL injection in the core @nocobase/database package prior to v2.0.39. The vulnerable function queryParentSQL() builds a recursive CTE using string concatenation for nodeIds in a WHERE IN clause, allowing an authenticated attacker with record-creation permissi...

vm2 has a NodeVM builtin allowlist bypass via `module` builtin's `Module._load` that allows sandbox escape

Summary NodeVM's builtin allowlist can be bypassed when the module builtin is allowed including via the '' wildcard. The module builtin exposes Node's Module.load, which loads any module by name directly in the host context, completely bypassing vm2's builtin restriction. This allows sandboxed co...

SUSE CVE-2026-31747

In the Linux kernel, the following vulnerability has been resolved: comedi: me4000: Fix potential overrun of firmware buffer me4000xilinxdownload loads the firmware that was requested by requestfirmware. It is possible for it to overrun the source buffer because it blindly trusts the file format...

SUSE CVE-2026-43255

In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix WARNING in usbtxblock The function usbtxblock submits cardp-txurb without ensuring that any previous transmission on this URB has completed. If a second call occurs while the URB is still active e.g. during...

Keras vulnerable to DoS via Malicious .keras Model (HDF5 Shape Bomb Causes Petabyte Allocation in KerasFileEditor)

Summary Keras’s model loader KerasFileEditor unsafely loads user-supplied .keras model files containing HDF5-based weight files without performing any validation on HDF5 dataset metadata. An attacker can craft a .keras archive containing a valid model.weights.h5 file whose dataset declares an...

BIT-JAVA-2024-21147

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0....

BIT-JAVA-MIN-2024-20952

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21.0.1; Oracle GraalVM...

EUVD-2026-27814

In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix WARNING in usbtxblock The function usbtxblock submits cardp-txurb without ensuring that any previous transmission on this URB has completed. If a second call occurs while the URB is still active e.g. during...

CVE-2026-43255

In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix WARNING in usbtxblock The function usbtxblock submits cardp-txurb without ensuring that any previous transmission on this URB has completed. If a second call occurs while the URB is still active e.g. during...