CVE-2026-3667 Freedom Factory dGEN1 org.ethosmobile.ethoslauncher FakeAppService improper authorization

A security flaw has been discovered in Freedom Factory dGEN1 up to 20260221. The impacted element is the function FakeAppService of the component org.ethosmobile.ethoslauncher. The manipulation results in improper authorization. The attack must be initiated from a local position. The exploit has...

CVE-2026-3667

CVE-2026-3667 affects Freedom Factory dGEN1 (up to 20260221) with the vulnerability in the function FakeAppService of the component org.ethosmobile.ethoslauncher. The underlying issue is improper authorization, exploitable from a local attacker. Public exploits exist and the vendor was notified w...

CVE-2026-3667 Freedom Factory dGEN1 org.ethosmobile.ethoslauncher FakeAppService improper authorization

A security flaw has been discovered in Freedom Factory dGEN1 up to 20260221. The impacted element is the function FakeAppService of the component org.ethosmobile.ethoslauncher. The manipulation results in improper authorization. The attack must be initiated from a local position. The exploit has...

CVE-2026-3665 xlnt-community xlnt XLSX File xlsx_consumer.cpp read_office_document null pointer dereference

A vulnerability was identified in xlnt-community xlnt up to 1.6.1. The affected element is the function xlnt::detail::xlsxconsumer::readofficedocument of the file source/detail/serialization/xlsxconsumer.cpp of the component XLSX File Parser. The manipulation leads to null pointer dereference. Th...

CVE-2026-26124

'.../...//' in Azure Compute Gallery allows an authorized attacker to elevate privileges locally...

PT-2026-23885

Name of the Vulnerable Software and Affected Versions Freedom Factory dGEN1 versions up to 20260221 Description A flaw exists in Freedom Factory dGEN1 that allows for improper authorization. The issue is located within the FakeAppReceiver function of the org.ethosmobile.ethoslauncher component...

PT-2026-23880

A security vulnerability has been detected in Freedom Factory dGEN1 up to 20260221. This impacts the function AlarmService of the component com.dgen.alarm. Such manipulation leads to improper authorization. The attack needs to be performed locally. The exploit has been disclosed publicly and may ...

EUVD-2026-9886

Permissive regular expression in Azure Compute Gallery allows an authorized attacker to elevate privileges locally...

UBUNTU-CVE-2026-3606

A vulnerability has been found in Ettercap 0.8.4-Garofalo. Affected by this vulnerability is the function adddatasegment of the file src/ettercap/utils/etterfilter/efoutput.c of the component etterfilter. The manipulation leads to out-of-bounds read. Local access is required to approach this...

OpenClaw 访问控制错误漏洞

OpenClaw is an open-source intelligent artificial assistant. Versions of OpenClaw prior to 2026.2.12 contained a access control vulnerability. This vulnerability stemmed from the lack of forced authentication for HTTP routing control in the /agent/act browser. It could allow remote attackers on t...

EUVD-2026-9285

A weakness has been identified in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::binarywriter::append of the file source/detail/binary.hpp of the component Compound Document Parser. This manipulation causes heap-based buffer overflow. The attack can only be executed...

CVE-2026-3463 xlnt-community xlnt Compound Document binary.hpp append heap-based overflow

A weakness has been identified in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::binarywriter::append of the file source/detail/binary.hpp of the component Compound Document Parser. This manipulation causes heap-based buffer overflow. The attack can only be executed...

PT-2026-22730

A weakness has been identified in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::binary writer::append of the file source/detail/binary.hpp of the component Compound Document Parser. This manipulation causes heap-based buffer overflow. The attack can only be executed...

CVE-2025-48644

In multiple locations, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48644

In multiple locations, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-3407

A vulnerability was determined in YosysHQ yosys up to 0.62. This affects the function Yosys::RTLIL::Const::set of the file kernel/rtlil.h of the component BLIF File Parser. This manipulation causes heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has...

CVE-2026-3407

A vulnerability was determined in YosysHQ yosys up to 0.62. This affects the function Yosys::RTLIL::Const::set of the file kernel/rtlil.h of the component BLIF File Parser. This manipulation causes heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has...

CVE-2026-3407 YosysHQ yosys BLIF File rtlil.h set heap-based overflow

A vulnerability was determined in YosysHQ yosys up to 0.62. This affects the function Yosys::RTLIL::Const::set of the file kernel/rtlil.h of the component BLIF File Parser. This manipulation causes heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has...

CVE-2026-3393 jarikomppa soloud Audio File soloud_wav.cpp loadflac heap-based overflow

A security vulnerability has been detected in jarikomppa soloud up to 20200207. The impacted element is the function SoLoud::Wav::loadflac of the file src/audiosource/wav/soloudwav.cpp of the component Audio File Handler. Such manipulation leads to heap-based buffer overflow. The attack must be...

CVE-2026-3393 jarikomppa soloud Audio File soloud_wav.cpp loadflac heap-based overflow

A security vulnerability has been detected in jarikomppa soloud up to 20200207. The impacted element is the function SoLoud::Wav::loadflac of the file src/audiosource/wav/soloudwav.cpp of the component Audio File Handler. Such manipulation leads to heap-based buffer overflow. The attack must be...