CVE-2026-43457

A flaw was found in the Linux kernel's Management Component Transport Protocol MCTP over I2C receive path. When the midev-allowrx flag is false, a newly allocated network buffer skb is not properly freed. This memory leak can lead to a gradual exhaustion of system memory, potentially allowing a...

CVE-2026-43457

In the Linux kernel, the following vulnerability has been resolved: mctp: i2c: fix skb memory leak in receive path When 'midev-allowrx' is false, the newly allocated skb isn't consumed by netifrx, it needs to free the skb directly...

CVE-2026-43455

In the Linux kernel, the following vulnerability has been resolved: mctp: route: hold key-lock in mctpflowprepareoutput mctpflowprepareoutput checks key-dev and may call mctpdevsetkey, but it does not hold key-lock while doing so. mctpdevsetkey and mctpdevreleasekey are annotated with...

Oracle PeopleSoft Enterprise HCM Absence 安全漏洞

Oracle PeopleSoft Enterprise HCM Absence is a workforce absence and leave management system developed by Oracle Corporation. Version 9.2 of Oracle PeopleSoft Enterprise HCM Absence contains a security vulnerability. This vulnerability stems from issues with the Absence Management component, which...

CVE-2026-24032

A vulnerability has been identified in SINEC NMS All versions V4.0 SP3 with UMC. The affected application contains an authentication weakness due to insufficient validation of user identity in the UMC component. This could allow an unauthenticated remote attacker to bypass authentication and gain...

CVE-2026-24032

A vulnerability has been identified in SINEC NMS All versions V4.0 SP3 with UMC. The affected application contains an authentication weakness due to insufficient validation of user identity in the UMC component. This could allow an unauthenticated remote attacker to bypass authentication and gain...

PT-2026-32607

Name of the Vulnerable Software and Affected Versions SINEC NMS versions prior to 4.0 SP3 with UMC Description An authentication weakness exists in the UMC component due to insufficient validation of user identity. This flaw allows an unauthenticated remote attacker to bypass authentication and...

Siemens SINEC NMS

SUMMARY Siemens SINEC NMS when used with User Management Component UMC contains an authentication bypass vulnerability due to insufficient validation of user identity. This could allow an unauthenticated remote attacker to bypass authentication and gain unauthorized access to the application...

EUVD-2026-14893

iCMS v8.0.0 contains a Cross-Site Scripting XSS vulnerability in the User Management component, specifically within the index.html file. This allows remote attackers to execute arbitrary web script or HTML via the regip or loginip parameters...

iCMS 安全漏洞

iCMS is a software application. It is a highly efficient and concise content management system built using PHP and MySQL. The iCMS v8.0.0 version has a security vulnerability, which stems from improper handling of the regip or loginip parameters by the user management component. This may lead to...

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the PUT request handler in the UDM component when processing an unexpected ueId value. An attacker can cause the service to crash and disrupt availability by sending a specially crafted request. Remediation...

CVE-2026-2823

A vulnerability was detected in Comfast CF-E7 2.6.0.9. The impacted element is the function sub41ACCC of the file /cgi-bin/mbox-config?method=SET&section=ntptimezone of the component webmggnt. Performing a manipulation of the argument timestr results in command injection. The attack is possible t...

CVE-2026-25656

A vulnerability has been identified in SINEC NMS All versions V4.0 SP3, User Management Component UMC All versions V2.15.2.1. The affected application permits improper modification of a configuration file by a low-privileged user. This could allow an attacker to load malicious DLLs, potentially...

CVE-2026-25656

A vulnerability has been identified in SINEC NMS All versions, User Management Component UMC All versions V2.15.2.1. The affected application permits improper modification of a configuration file by a low-privileged user. This could allow an attacker to load malicious DLLs, potentially leading to...

CVE-2026-25656

A vulnerability has been identified in SINEC NMS All versions V4.0 SP3, User Management Component UMC All versions V2.15.2.1. The affected application permits improper modification of a configuration file by a low-privileged user. This could allow an attacker to load malicious DLLs, potentially...

CVE-2026-25656

CVE-2026-25656 affects SINEC NMS User Management Component (UMC) across all versions and all SINEC NMS deployments where UMC is

CVE-2026-25656

A vulnerability has been identified in SINEC NMS All versions V4.0 SP3, User Management Component UMC All versions V2.15.2.1. The affected application permits improper modification of a configuration file by a low-privileged user. This could allow an attacker to load malicious DLLs, potentially...

CVE-2026-25656

A vulnerability has been identified in SINEC NMS All versions V4.0 SP3, User Management Component UMC All versions V2.15.2.1. The affected application permits improper modification of a configuration file by a low-privileged user. This could allow an attacker to load malicious DLLs, potentially...

PT-2026-7259

Name of the Vulnerable Software and Affected Versions SINEC NMS versions prior to 2.15.2.1 User Management Component UMC versions prior to 2.15.2.1 Description The application allows unauthorized modification of a configuration file by a user with limited privileges. This could enable an attacker...

CVE-2026-22026 CryptoLib Unbounded Memory Allocation in KMC HTTP Response Handler Allows Resource Exhaustion

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.3, the libcurl writecallback function in the KMC...