CVE-2026-26074 EVerest: OCPP201 startup event_queue lock mismatch leads to std::map/std::queue data race

EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to possible std::map corruption. The trigger is CSMS GetLog/UpdateFirmware request network with an EVSE fault event physical. This results in TSAN reports concurrent access data race to eventqueue...

CVE-2026-32743 PX4 Autopilot: Stack-based Buffer Overflow via Oversized Path Input in MAVLink Log Request Handling

PX4 is an open-source autopilot stack for drones and unmanned vehicles. Versions 1.17.0-rc2 and below are vulnerable to Stack-based Buffer Overflow through the MavlinkLogHandler, and are triggered via MAVLink log request. The LogEntry.filepath buffer is 60 bytes, but the sscanf function parses...

CVE-2026-32743 PX4 Autopilot: Stack-based Buffer Overflow via Oversized Path Input in MAVLink Log Request Handling

PX4 is an open-source autopilot stack for drones and unmanned vehicles. Versions 1.17.0-rc2 and below are vulnerable to Stack-based Buffer Overflow through the MavlinkLogHandler, and are triggered via MAVLink log request. The LogEntry.filepath buffer is 60 bytes, but the sscanf function parses...

CVE-2026-32743

PX4 Autopilot versions 1.17.0-rc2 and earlier are affected by a Stack-based Buffer Overflow in the MAVLink log request handling via MavlogHandler. The LogEntry.filepath buffer is 60 bytes, and paths are parsed with sscanf without a width specifier, allowing overflow when a longer path is provided...

CVE-2026-32743

PX4 is an open-source autopilot stack for drones and unmanned vehicles. Versions 1.17.0-rc2 and below are vulnerable to Stack-based Buffer Overflow through the MavlinkLogHandler, and are triggered via MAVLink log request. The LogEntry.filepath buffer is 60 bytes, but the sscanf function parses...

CVE-2026-32743 PX4 Autopilot: Stack-based Buffer Overflow via Oversized Path Input in MAVLink Log Request Handling

PX4 is an open-source autopilot stack for drones and unmanned vehicles. Versions 1.17.0-rc2 and below are vulnerable to Stack-based Buffer Overflow through the MavlinkLogHandler, and are triggered via MAVLink log request. The LogEntry.filepath buffer is 60 bytes, but the sscanf function parses...

Elastic Kibana 安全漏洞

Elastic Kibana is an available data visualization dashboard software from Elastic. A security vulnerability exists in Elastic Kibana that stems from the presence of an unrestricted or unthrottled resource allocation, resulting in a crash due to a specially crafted request for...

Connor Hicks 1Password SCIM Bridge Authorization Issues Vulnerability

Connor Hicks 1Password SCIM Bridge is a password management system from the Connor Hicks organization in the United States. Provides a cross-domain identity management system SCIM protocol to connect 1Password to your existing identity provider e.g. Azure Active Directory, Okta, OneLogin or...

CVE-2016-10201

Cross-site scripting XSS vulnerability in Zoneminder 1.30 and earlier allows remote attackers to inject arbitrary web script or HTML via the format parameter in a download log request to index.php...

CVE-2016-10201

Cross-site scripting XSS vulnerability in Zoneminder 1.30 and earlier allows remote attackers to inject arbitrary web script or HTML via the format parameter in a download log request to index.php...

CVE-1999-0448

IIS 4.0 and Apache log HTTP request methods, regardless of how long they are, allowing a remote attacker to hide the URL they really request...